5

CVE-2010-4260

Multiple unspecified vulnerabilities in pdf.c in libclamav in ClamAV before 0.96.5 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document, aka (1) "bb #2358" and (2) "bb #2396."
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
ClamavClamav Version <= 0.96.4
ClamavClamav Version0.01
ClamavClamav Version0.02
ClamavClamav Version0.3
ClamavClamav Version0.03
ClamavClamav Version0.05
ClamavClamav Version0.8 Updaterc3
ClamavClamav Version0.9 Updaterc1
ClamavClamav Version0.10
ClamavClamav Version0.12
ClamavClamav Version0.13
ClamavClamav Version0.14
ClamavClamav Version0.14 Updatepre
ClamavClamav Version0.15
ClamavClamav Version0.20
ClamavClamav Version0.21
ClamavClamav Version0.22
ClamavClamav Version0.23
ClamavClamav Version0.24
ClamavClamav Version0.51
ClamavClamav Version0.52
ClamavClamav Version0.53
ClamavClamav Version0.54
ClamavClamav Version0.60
ClamavClamav Version0.60p
ClamavClamav Version0.65
ClamavClamav Version0.66
ClamavClamav Version0.67
ClamavClamav Version0.67-1
ClamavClamav Version0.68
ClamavClamav Version0.68.1
ClamavClamav Version0.70
ClamavClamav Version0.70 Updaterc
ClamavClamav Version0.71
ClamavClamav Version0.72
ClamavClamav Version0.73
ClamavClamav Version0.74
ClamavClamav Version0.75
ClamavClamav Version0.75.1
ClamavClamav Version0.80
ClamavClamav Version0.80 Updaterc
ClamavClamav Version0.80 Updaterc1
ClamavClamav Version0.80 Updaterc2
ClamavClamav Version0.80 Updaterc3
ClamavClamav Version0.80 Updaterc4
ClamavClamav Version0.80_rc
ClamavClamav Version0.81
ClamavClamav Version0.81 Updaterc1
ClamavClamav Version0.82
ClamavClamav Version0.83
ClamavClamav Version0.84
ClamavClamav Version0.84 Updaterc1
ClamavClamav Version0.84 Updaterc2
ClamavClamav Version0.85
ClamavClamav Version0.85.1
ClamavClamav Version0.86
ClamavClamav Version0.86 Updaterc1
ClamavClamav Version0.86.1
ClamavClamav Version0.86.2
ClamavClamav Version0.87
ClamavClamav Version0.87.1
ClamavClamav Version0.88
ClamavClamav Version0.88.1
ClamavClamav Version0.88.2
ClamavClamav Version0.88.3
ClamavClamav Version0.88.4
ClamavClamav Version0.88.5
ClamavClamav Version0.88.6
ClamavClamav Version0.88.7
ClamavClamav Version0.88.7_p0
ClamavClamav Version0.88.7_p1
ClamavClamav Version0.90
ClamavClamav Version0.90 Updaterc1
ClamavClamav Version0.90 Updaterc1.1
ClamavClamav Version0.90 Updaterc2
ClamavClamav Version0.90 Updaterc3
ClamavClamav Version0.90.1
ClamavClamav Version0.90.1_p0
ClamavClamav Version0.90.2
ClamavClamav Version0.90.2_p0
ClamavClamav Version0.90.3
ClamavClamav Version0.90.3_p0
ClamavClamav Version0.90.3_p1
ClamavClamav Version0.91
ClamavClamav Version0.91 Updaterc1
ClamavClamav Version0.91 Updaterc2
ClamavClamav Version0.91.1
ClamavClamav Version0.91.2
ClamavClamav Version0.91.2_p0
ClamavClamav Version0.92
ClamavClamav Version0.92.1
ClamavClamav Version0.92_p0
ClamavClamav Version0.93
ClamavClamav Version0.93.1
ClamavClamav Version0.93.2
ClamavClamav Version0.93.3
ClamavClamav Version0.94
ClamavClamav Version0.94.1
ClamavClamav Version0.94.2
ClamavClamav Version0.95
ClamavClamav Version0.95 Updaterc1
ClamavClamav Version0.95 Updaterc2
ClamavClamav Version0.95 Updatesrc1
ClamavClamav Version0.95 Updatesrc2
ClamavClamav Version0.95.1
ClamavClamav Version0.95.2
ClamavClamav Version0.95.3
ClamavClamav Version0.96
ClamavClamav Version0.96 Updaterc1
ClamavClamav Version0.96 Updaterc2
ClamavClamav Version0.96.1
ClamavClamav Version0.96.2
ClamavClamav Version0.96.3
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 4.9% 0.91
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:N/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html
http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html
http://support.apple.com/kb/HT4581
http://git.clamav.net/gitweb?p=clamav-devel.git%3Ba=blob_plain%3Bf=ChangeLog%3Bhb=master
http://lists.fedoraproject.org/pipermail/package-announce/2010-December/051905.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052401.html
http://openwall.com/lists/oss-security/2010/12/03/1
http://openwall.com/lists/oss-security/2010/12/03/3
http://openwall.com/lists/oss-security/2010/12/03/6
http://secunia.com/advisories/42426
Vendor Advisory
http://secunia.com/advisories/42523
Vendor Advisory
http://secunia.com/advisories/42555
http://secunia.com/advisories/42720
http://www.mandriva.com/security/advisories?name=MDVSA-2010:249
http://www.securityfocus.com/bid/45152
http://www.securitytracker.com/id?1024818
http://www.ubuntu.com/usn/USN-1031-1
http://www.vupen.com/english/advisories/2010/3135
Vendor Advisory
http://www.vupen.com/english/advisories/2010/3137
Vendor Advisory
http://www.vupen.com/english/advisories/2010/3185
http://xorl.wordpress.com/2010/12/06/cve-2010-4260-clamav-multiple-pdf-vulnerabilities/
https://bugzilla.redhat.com/show_bug.cgi?id=659861
https://wwws.clamav.net/bugzilla/show_bug.cgi?id=2358
https://wwws.clamav.net/bugzilla/show_bug.cgi?id=2396