PT-2010-3301 · Cisco · Clamav
Publicado
2010-05-26
·
Atualizado
2023-02-13
·
CVE-2010-1639
CVSS v2.0
4.3
Média
| Vetor | AV:N/AC:M/Au:N/C:N/I:N/A:P |
Name of the Vulnerable Software and Affected Versions
ClamAV versions prior to 0.96.1
Description
The issue allows remote attackers to cause a denial of service (crash) via a malformed PDF file. This is related to an inconsistency in the calculated stream length and the real stream length in the
cli pdf function.Recommendations
For versions prior to 0.96.1, update to version 0.96.1 or later to resolve the issue. As a temporary workaround, consider restricting the processing of PDF files until the update is applied.
Exploit
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Clamav