Vulnerabilities > CVE-2010-1639 - Unspecified vulnerability in Clamav
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN clamav
nessus
Summary
The cli_pdf function in libclamav/pdf.c in ClamAV before 0.96.1 allows remote attackers to cause a denial of service (crash) via a malformed PDF file, related to an inconsistency in the calculated stream length and the real stream length.
Vulnerable Configurations
Nessus
NASL family SuSE Local Security Checks NASL id SUSE_11_1_CLAMAV-100526.NASL description This update fixes a off-by-one buffer overflow (CVE-2010-1640) and a crash while parsing PDFs (CVE-2010-1639, CVE-2010-2077) in clamav that can be used as a remote denial of service attack. last seen 2020-06-01 modified 2020-06-02 plugin id 47797 published 2010-07-22 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/47797 title openSUSE Security Update : clamav (openSUSE-SU-2010:0414-1) NASL family Misc. NASL id CLAMAV_0_96_1.NASL description According to its version, the clamd antivirus daemon on the remote host is earlier than 0.96.1. Such versions are reportedly affected by multiple vulnerabilities : - An error exists within the last seen 2020-06-01 modified 2020-06-02 plugin id 46706 published 2010-05-24 reporter This script is Copyright (C) 2010-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/46706 title ClamAV < 0.96.1 Multiple Vulnerabilities NASL family SuSE Local Security Checks NASL id SUSE9_12619.NASL description This update fixes the following security issues in clamav that can be used as a remote denial of service attack : - An off-by-one buffer overflow. (CVE-2010-1640) - A crash while parsing PDFs. (CVE-2010-1639, CVE-2010-2077) last seen 2020-06-01 modified 2020-06-02 plugin id 47795 published 2010-07-22 reporter This script is Copyright (C) 2010-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/47795 title SuSE9 Security Update : clamav (YOU Patch Number 12619) NASL family Fedora Local Security Checks NASL id FEDORA_2011-2741.NASL description Update to 0.97 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 52646 published 2011-03-14 reporter This script is Copyright (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/52646 title Fedora 13 : clamav-0.97-1300.fc13 (2011-2741) NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-945-1.NASL description It was discovered that ClamAV did not properly reallocate memory when processing certain PDF files. A remote attacker could send a specially crafted PDF and crash ClamAV. (CVE-2010-1639) An out of bounds memory access flaw was discovered in ClamAV. A remote attacker could send a specially crafted Portable Executable (PE) file and crash ClamAV. This issue only affected Ubuntu 10.04 LTS. (CVE-2010-2077). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 46752 published 2010-05-28 reporter Ubuntu Security Notice (C) 2010-2019 Canonical, Inc. / NASL script (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/46752 title Ubuntu 9.04 / 9.10 / 10.04 LTS : clamav vulnerabilities (USN-945-1) NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-201009-06.NASL description The remote host is affected by the vulnerability described in GLSA-201009-06 (Clam AntiVirus: Multiple vulnerabilities) Multiple vulnerabilities were discovered in Clam AntiVirus. For further information, please consult the CVE entries referenced below. Impact : A remote attacker could possibly bypass virus detection or cause a Denial of Service. Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 49127 published 2010-09-08 reporter This script is Copyright (C) 2010-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/49127 title GLSA-201009-06 : Clam AntiVirus: Multiple vulnerabilities NASL family Mandriva Local Security Checks NASL id MANDRIVA_MDVSA-2010-110.NASL description Multiple vulnerabilities was discovered and fixed in clamav : The cli_pdf function in libclamav/pdf.c in ClamAV before 0.96.1 allows remote attackers to cause a denial of service (crash) via a malformed PDF file, related to an inconsistency in the calculated stream length and the real stream length (CVE-2010-1639). Off-by-one error in the parseicon function in libclamav/pe_icons.c in ClamAV 0.96 allows remote attackers to cause a denial of service (crash) via a crafted PE icon that triggers an out-of-bounds read, related to improper rounding during scaling (CVE-2010-1640). Packages for 2008.0 and 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=4 90 This update provides clamav 0.96.1 which is not vulnerable to these issues. last seen 2020-06-01 modified 2020-06-02 plugin id 46744 published 2010-05-28 reporter This script is Copyright (C) 2010-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/46744 title Mandriva Linux Security Advisory : clamav (MDVSA-2010:110) NASL family Fedora Local Security Checks NASL id FEDORA_2011-2732.NASL description Update to 0.97 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 52591 published 2011-03-09 reporter This script is Copyright (C) 2011-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/52591 title Fedora 15 : clamav-0.97-1500.fc15 (2011-2732) NASL family Fedora Local Security Checks NASL id FEDORA_2011-2743.NASL description Update to 0.97 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 52647 published 2011-03-14 reporter This script is Copyright (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/52647 title Fedora 14 : clamav-0.97-1400.fc14 (2011-2743) NASL family Fedora Local Security Checks NASL id FEDORA_2010-13012.NASL description Update to clamav 0.96.1 which fixes: CVE-2010-1639 Clam AntiVirus: Heap-based overflow, when processing malicious PDF file(s) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 48366 published 2010-08-19 reporter This script is Copyright (C) 2010-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/48366 title Fedora 14 : clamav-0.96.1-1401.fc14 (2010-13012) NASL family SuSE Local Security Checks NASL id SUSE_11_2_CLAMAV-100526.NASL description This update fixes a off-by-one buffer overflow (CVE-2010-1640) and a crash while parsing PDFs (CVE-2010-1639, CVE-2010-2077) in clamav that can be used as a remote denial of service attack. last seen 2020-06-01 modified 2020-06-02 plugin id 47798 published 2010-07-22 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/47798 title openSUSE Security Update : clamav (openSUSE-SU-2010:0414-1) NASL family SuSE Local Security Checks NASL id SUSE_CLAMAV-7056.NASL description This update fixes the following security issues in clamav that can be used as a remote denial of service attack : - An off-by-one buffer overflow. (CVE-2010-1640) - A crash while parsing PDFs (CVE-2010-1639 / CVE-2010-2077) last seen 2020-06-01 modified 2020-06-02 plugin id 49838 published 2010-10-11 reporter This script is Copyright (C) 2010-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/49838 title SuSE 10 Security Update : clamav (ZYPP Patch Number 7056) NASL family SuSE Local Security Checks NASL id SUSE_11_CLAMAV-100526.NASL description This update fixes the following security issues in clamav that can be used as a remote denial of service attack : - A off-by-one buffer overflow. (CVE-2010-1640) - A crash while parsing PDFs (CVE-2010-1639 / CVE-2010-2077) last seen 2020-06-01 modified 2020-06-02 plugin id 50897 published 2010-12-02 reporter This script is Copyright (C) 2010-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/50897 title SuSE 11 / 11.1 Security Update : clamav (SAT Patch Numbers 2479 / 2480) NASL family SuSE Local Security Checks NASL id SUSE_11_0_CLAMAV-100526.NASL description This update fixes a off-by-one buffer overflow (CVE-2010-1640) and a crash while parsing PDFs (CVE-2010-1639, CVE-2010-2077) in clamav that can be used as a remote denial of service attack. last seen 2020-06-01 modified 2020-06-02 plugin id 47796 published 2010-07-22 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/47796 title openSUSE Security Update : clamav (openSUSE-SU-2010:0414-1)
References
- http://www.vupen.com/english/advisories/2010/1214
- https://wwws.clamav.net/bugzilla/show_bug.cgi?id=2016
- http://www.securityfocus.com/bid/40317
- http://secunia.com/advisories/39895
- http://www.securitytracker.com/id?1024017
- http://www.mandriva.com/security/advisories?name=MDVSA-2010:110
- http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html
- http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055777.html
- http://secunia.com/advisories/43752
- http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055771.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/58824
- http://git.clamav.net/gitweb?p=clamav-devel.git%3Ba=commitdiff%3Bh=f0eb394501ec21b9fe67f36cbf5db788711d4236#patch2