CVE-2004-1876 | SynScan

Vulnerability Database

289,697

Total vulnerabilities in the database

CVE-2004-1876

The "%f" feature in the VirusEvent directive in Clam AntiVirus daemon (clamd) before 0.70 allows local users to execute arbitrary commands via shell metacharacters in a file name.

Published: Mar 30, 2004
Updated: Apr 13, 2023
CVE: CVE-2004-1876
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 4.6
AV:L/AC:L/Au:N/C:P/I:P/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
clam_anti-virus / clamav	0.65	0.65.x
clam_anti-virus / clamav	0.68	0.68.x
clam_anti-virus / clamav	0.67	0.67.x
clam_anti-virus / clamav	0.54	0.54.x
clam_anti-virus / clamav	0.53	0.53.x
clam_anti-virus / clamav	0.60	0.60.x
clam_anti-virus / clamav	0.68.1	0.68.1.x
clam_anti-virus / clamav	0.51	0.51.x
clam_anti-virus / clamav	0.52	0.52.x