Denial of Service : ClamAV 'cli_pdf()' PDF File Processing Denial Of Service Vulnerability

Price/Feature Summary | Order | New Vulnerabilities | Confidentiality | Vulnerability Search

Vulnerability Search		Search 61204 CVE descriptions and 32582 test descriptions, access 10,000+ cross references.
	Tests CVE All

Test ID: 1.3.6.1.4.1.25623.1.0.100652

Category: Denial of Service

Title: ClamAV 'cli_pdf()' PDF File Processing Denial Of Service Vulnerability

Summary: Determine if installed ClamAV version is vulnerable.

Description: Overview:
ClamAV is prone to a vulnerability that attackers can exploit
to cause denial-of-service conditions.

Versions prior to ClamAV 0.96.1 are vulnerable.

Solution:
Updates are available
please see the references for more information.

References:
http://www.securityfocus.com/bid/40317
http://git.clamav.net/gitweb?p=clamav-devel.git
a=commitdiff
h=f0eb394501ec21b9fe67f36cbf5db788711d4236
https://wwws.clamav.net/bugzilla/show_bug.cgi?id=2016
http://git.clamav.net/gitweb?p=clamav-devel.git
a=blob_plain
f=ChangeLog
hb=clamav-0.96.1
http://www.clamav.net/

Cross-Ref: BugTraq ID: 40317
Common Vulnerability Exposure (CVE) ID: CVE-2010-1639
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055771.html
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055777.html
http://www.mandriva.com/security/advisories?name=MDVSA-2010:110
SuSE Security Announcement: SUSE-SR:2010:014 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html
http://www.securityfocus.com/bid/40317
http://www.securitytracker.com/id?1024017
http://secunia.com/advisories/39895
http://secunia.com/advisories/43752
http://www.vupen.com/english/advisories/2010/1214
XForce ISS Database: clamav-clipdf-dos(58824)
http://xforce.iss.net/xforce/xfdb/58824

Copyright This script is Copyright (C) 2010 Greenbone Networks GmbH

This is only one of 32582 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

New User Registration
Email:

UserID:

Passwd:

Please email me your monthly newsletters, informing the latest services, improvements & surveys.

Please email me a vulnerability test announcement whenever a new test is added.

Privacy

Registered User Login

UserID:

Passwd:

Forgot userid or passwd?

Email/Userid:

Test ID:	1.3.6.1.4.1.25623.1.0.100652
Category:	Denial of Service
Title:	ClamAV 'cli_pdf()' PDF File Processing Denial Of Service Vulnerability
Summary:	Determine if installed ClamAV version is vulnerable.
Description:	Overview: ClamAV is prone to a vulnerability that attackers can exploit to cause denial-of-service conditions. Versions prior to ClamAV 0.96.1 are vulnerable. Solution: Updates are available please see the references for more information. References: http://www.securityfocus.com/bid/40317 http://git.clamav.net/gitweb?p=clamav-devel.git a=commitdiff h=f0eb394501ec21b9fe67f36cbf5db788711d4236 https://wwws.clamav.net/bugzilla/show_bug.cgi?id=2016 http://git.clamav.net/gitweb?p=clamav-devel.git a=blob_plain f=ChangeLog hb=clamav-0.96.1 http://www.clamav.net/
Cross-Ref:	BugTraq ID: 40317 Common Vulnerability Exposure (CVE) ID: CVE-2010-1639 http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055771.html http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055777.html http://www.mandriva.com/security/advisories?name=MDVSA-2010:110 SuSE Security Announcement: SUSE-SR:2010:014 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html http://www.securityfocus.com/bid/40317 http://www.securitytracker.com/id?1024017 http://secunia.com/advisories/39895 http://secunia.com/advisories/43752 http://www.vupen.com/english/advisories/2010/1214 XForce ISS Database: clamav-clipdf-dos(58824) http://xforce.iss.net/xforce/xfdb/58824
Copyright	This script is Copyright (C) 2010 Greenbone Networks GmbH