Whitepaper called Client-Side Threats - Anatomy of Reverse Trojan Attacks. Client-side vulnerabilities are among the biggest threats facing users. Attackers are going after weaknesses in desktop applications such as browsers, media players, common office applications and e-mail clients to install malicious software, often Trojan horses and rootkits. This document explains in detail these threats while how to prevent them.
2c1afb10f1f364d84902aa704ae75b54b7d538279adb0348248fba3c6e22acf9
Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a commandline scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.
69e9c102d56348266b6597d6d401b0a5a2190e158b78e75ee0591f90479ed2ca
Whitepaper called Bypassing Anti-Virus Scanners.
8919103e539f8e08d30103803a77e6ad632dce79dedb8e58ee5be3b8dbcbf8c6
ClamSAP consists of two C shared libraries that link between ClamAV and the Virus Scan Interface (VSI) of SAP (official name: NW-VSI). A SAP application can use the ClamAV engine to scan for malicious uploads in HTTP uploads, for example.
79f8fbe155a786d4d2f0925c98ddf63776ec0b2fa26df80b3911060b92cba64d
Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a commandline scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.
ec5d88303c0a6e1d8e1354b68ae8c184faee7989aac11dfacff466d9e0471932
Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a commandline scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.
6c439b2282a805b2f1359b8dea65debf65568001904c2c2fdf05cec3cfde9cd2
ACROS Security Problem Report #2011-01-11-1 - A binary planting vulnerability in F-Secure Internet Security 2010 and 2011, F-Secure Anti-Virus 2010 and 2011 and multiple other F-Secure products allows local or remote (even Internet-based) attackers to deploy and execute malicious code on Windows machines in the context of logged-on users.
01f52cb96345599ee288a5aaf14347b748cc0327df5569dc06d00aff5958486b
ESTsoft ALYac Anti-Virus 1.5 versions 5.0.1.2 and below local kernel mode privilege escalation exploit.
3f2ad9346053fe68522b374ee5555a7073ebc22d57e5e70dd6876d32348fda11
NProtect Anti-Virus 2007 versions 2010.5.11.1 and below local kernel mode privilege escalation exploit.
7aa3139aa141fd361b9e82cc2ef15b355832b22280cf778db25220451462bc33
Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a commandline scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.
83a683d51eceb5aaf0c249efb3d9d95aa4fd8bbc1f05817ab7b1030f6d84d059
ClamSAP consists of two C shared libraries that link between ClamAV and the Virus Scan Interface (VSI) of SAP (official name: NW-VSI). A SAP application can use the ClamAV engine to scan for malicious uploads in HTTP uploads, for example.
a1601e8dae3e8aa5f1ef300b7254af18c87da9bf29e9ce82b572484b9e442ec8
Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a commandline scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.
6ead46f6a1115f02ed14a1190a64e20d3360ef267e1aa77ede44d03c3d70ebae
Secunia Security Advisory - A vulnerability has been reported in Barracuda Spam & Virus Firewall, which can be exploited by malicious users to disclose sensitive information.
1d60774803094d83fb1c5e473f2f066dbe186d502a9d95b7021d99d0d64c5ad5
Barracuda Networks Spam and Virus Firewall versions 4.1.1.021 and below remote configuration retrieval exploit.
165ba97992e737fdb6fac9ce7c4bbf11e171a5ef6e1c4b1cdecc39389d32668d
Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a commandline scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.
db324d50a2d4e71a9b647198a607e56b952eb480f75ad6a28231d1f713736c8b
Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a commandline scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.
6aa0b0d96ed25ffb4b5aca53f6348978c94771503c299f86e480fef475abcefa
This vulnerability allows local attackers to execute arbitrary code in kernel space on vulnerable installations of Sophos Anti-Virus. Local access to the system is required to leverage the vulnerability. The specific flaw exists in the handling of the system call NtQueryAttributesFile by the filter driver savonaccessfilter.sys. Due to improper handling of parameters to the function pool corruption can occur in kernel space. A local attacker can leverage this to execute arbitrary code in ring 0.
fdbd68ea6a72bd82b979a735c87645b3df846a705d606712fa1d183fd49b65d4
Secunia Security Advisory - A vulnerability has been reported in Sophos Anti-Virus, which can be exploited by malicious, local users to cause a DoS (Denial of Service) or gain escalated privileges.
9edaaa85bd1e91418605d413af6147678d0d63e242610f8c1f05bad9754d0eb0
Mandriva Linux Security Advisory 2010-082 - ClamAV before 0.96 does not properly handle the (1) CAB and (2) 7z file formats, which allows remote attackers to bypass virus detection via a crafted archive that is compatible with standard archive utilities. The qtm_decompress function in libclamav/mspack.c in ClamAV before 0.96 allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted CAB archive that uses the Quantum (aka.Q) compression format. NOTE: some of these details are obtained from third party information. This update provides clamav 0.96, which is not vulnerable to these issues. Packages for 2009.0 are provided due to the Extended Maintenance Program.
01916f1257f5750f983fb3c22bd70d378c39701cb1ea591bfd03313e40e54003
Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a commandline scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.
413dd25907059068da2a367d2b330fbc37d5d2764eb3b047214ce754a9ca74ea
Secunia Security Advisory - A vulnerability has been reported in 360 Anti-Virus and 360 Security Guard, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
dac2b9ed0340286b46a409c1779710b4879e5699a3d60ebab7bc2b7ec57826a1
Secunia Security Advisory - A vulnerability has been reported in 360 Anti-Virus and 360 Security Guard, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
e62ff03279721347c5df5f889d6a7a04630283ca81d6c2c740ccafd76b6bd505
Mandriva Linux Security Advisory 2010-082 - ClamAV before 0.96 does not properly handle the (1) CAB and (2) 7z file formats, which allows remote attackers to bypass virus detection via a crafted archive that is compatible with standard archive utilities. The qtm_decompress function in libclamav/mspack.c in ClamAV before 0.96 allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted CAB archive that uses the Quantum (aka.Q) compression format. NOTE: some of these details are obtained from third party information. Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers This update provides clamav 0.96, which is not vulnerable to these issues.
eb840d0860c67dd281facb646f931facd1346a2f4f7d2636f450384c9134a3b0
Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a commandline scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.
7b0b6e67c87d43b04ce3beceaecddfaf344499f0ee45e9568df6be16808879d2
Rising Online Virus Scanner version 22.0.0.5 Active-X related denial of service exploit.
5b851a7614ca7235de64dfe776e1163dbfd0061ca208d4050d7992a5676cf492