漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
N/A
Vulnerability Description
ClamAV before 0.91.2, as used in Kolab Server 2.0 through 2.2beta1 and other products, allows remote attackers to cause a denial of service (application crash) via (1) a crafted RTF file, which triggers a NULL dereference in the cli_scanrtf function in libclamav/rtf.c; or (2) a crafted HTML document with a data: URI, which triggers a NULL dereference in the cli_html_normalise function in libclamav/htmlnorm.c. NOTE: some of these details are obtained from third party information.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
ClamAV多个拒绝服务漏洞
Vulnerability Description
Clam AntiVirus是Unix的GPL杀毒工具包,很多邮件网关产品都在使用。 ClamAV实现上存在多个空指针引用漏洞,远程攻击者可能利用此漏洞导致ClamAV不可用。 libclamav/rtf.c文件的cli_scanrtf()函数中存在空指针引用,如果用户受骗打开了特制的RTF文件就会导致ClamAV崩溃; libclamav/htmlnorm.c文件的cli_html_normalise()函数中也存在空指针引用,如果用户受骗访问了包含有data URL主题的特制HTML文件的话就会导致C
CVSS Information
N/A
Vulnerability Type
N/A