{"id":"CVE-2004-1876","details":"The \"%f\" feature in the VirusEvent directive in Clam AntiVirus daemon (clamd) before 0.70 allows local users to execute arbitrary commands via shell metacharacters in a file name.","modified":"2026-04-10T03:36:40.013291Z","published":"2004-03-30T05:00:00Z","references":[{"type":"ADVISORY","url":"http://secunia.com/advisories/11253"},{"type":"ADVISORY","url":"http://security.gentoo.org/glsa/glsa-200405-03.xml"},{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/10007"},{"type":"EVIDENCE","url":"http://www.securityfocus.com/bid/10007"},{"type":"FIX","url":"http://secunia.com/advisories/11253"},{"type":"FIX","url":"http://security.gentoo.org/glsa/glsa-200405-03.xml"},{"type":"FIX","url":"http://www.securityfocus.com/bid/10007"},{"type":"WEB","url":"http://marc.info/?l=bugtraq&m=108066864608615&w=2"},{"type":"WEB","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/15692"}],"schema_version":"1.7.5"}