← CVECheck
HomeVulnerabilities

CVE-2004-1876 — MEDIUM severity vulnerability (The "%f" feature in the VirusEvent directive in Clam AntiVir)

The "%f" feature in the VirusEvent directive in Clam AntiVirus daemon (clamd) before 0.70 allows local users to execute arbitrary commands via shell metacharacters in a file name.

CVE IDCVE-2004-1876
SeverityMEDIUM
CVSS score4.6
CVSS vectorAV:L/AC:L/Au:N/C:P/I:P/A:P
CWENVD-CWE-Other
StatusModified
Published2004-03-30
Last modified2026-04-16
DescriptionThe "%f" feature in the VirusEvent directive in Clam AntiVirus daemon (clamd) before 0.70 allows local users to execute arbitrary commands via shell metacharacters in a file name.
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →