CVE-2010-4260

Published: 07/12/2010 Updated: 13/02/2023

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Multiple unspecified vulnerabilities in pdf.c in libclamav in ClamAV prior to 0.96.5 allow remote malicious users to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document, aka (1) "bb #2358" and (2) "bb #2396."

Vulnerable Product	Search on Vulmon	Subscribe to Product
clamav clamav 0.95.2
clamav clamav 0.86.2
clamav clamav 0.88.5
clamav clamav 0.02
clamav clamav 0.92
clamav clamav 0.95
clamav clamav 0.8
clamav clamav 0.15
clamav clamav 0.90
clamav clamav 0.75.1
clamav clamav 0.65
clamav clamav 0.88.7
clamav clamav 0.81
clamav clamav 0.86
clamav clamav 0.01
clamav clamav 0.92 p0
clamav clamav 0.85
clamav clamav 0.84
clamav clamav 0.3
clamav clamav 0.91.2 p0
clamav clamav 0.93.1
clamav clamav 0.95.1
clamav clamav 0.93
clamav clamav 0.70
clamav clamav 0.68.1
clamav clamav 0.03
clamav clamav 0.87.1
clamav clamav 0.9
clamav clamav 0.74
clamav clamav 0.93.3
clamav clamav 0.88
clamav clamav 0.91
clamav clamav 0.86.1
clamav clamav 0.71
clamav clamav 0.88.1
clamav clamav 0.60p
clamav clamav 0.94
clamav clamav 0.80
clamav clamav 0.91.2
clamav clamav 0.96.3
clamav clamav 0.90.3
clamav clamav 0.85.1
clamav clamav 0.96.2
clamav clamav 0.13
clamav clamav 0.10
clamav clamav 0.94.2
clamav clamav 0.96.1
clamav clamav 0.90.1 p0
clamav clamav 0.12
clamav clamav 0.88.7 p0
clamav clamav 0.23
clamav clamav 0.90.3 p1
clamav clamav 0.60
clamav clamav 0.88.2
clamav clamav 0.83
clamav clamav 0.20
clamav clamav 0.88.4
clamav clamav 0.90.3 p0
clamav clamav 0.14
clamav clamav 0.24
clamav clamav 0.96
clamav clamav 0.90.2 p0
clamav clamav 0.66
clamav clamav 0.51
clamav clamav 0.52
clamav clamav 0.22
clamav clamav 0.72
clamav clamav
clamav clamav 0.75
clamav clamav 0.05
clamav clamav 0.54
clamav clamav 0.87
clamav clamav 0.21
clamav clamav 0.88.7 p1
clamav clamav 0.67-1
clamav clamav 0.90.1
clamav clamav 0.91.1
clamav clamav 0.95.3
clamav clamav 0.88.3
clamav clamav 0.67
clamav clamav 0.92.1
clamav clamav 0.90.2
clamav clamav 0.68
clamav clamav 0.53
clamav clamav 0.93.2
clamav clamav 0.88.6
clamav clamav 0.94.1
clamav clamav 0.80 rc
clamav clamav 0.82
clamav clamav 0.73

Arkadiusz Miskiewicz and others discovered that the PDF processing code in libclamav improperly validated input This could allow a remote attacker to craft a PDF document that could crash clamav or possibly execute arbitrary code (CVE-2010-4260, CVE-2010-4479) ...

NVD-CWE-noinfo http://openwall.com/lists/oss-security/2010/12/03/1 https://wwws.clamav.net/bugzilla/show_bug.cgi?id=2396 http://openwall.com/lists/oss-security/2010/12/03/6 https://wwws.clamav.net/bugzilla/show_bug.cgi?id=2358 https://bugzilla.redhat.com/show_bug.cgi?id=659861 http://openwall.com/lists/oss-security/2010/12/03/3 http://secunia.com/advisories/42426 http://www.mandriva.com/security/advisories?name=MDVSA-2010:249 http://www.vupen.com/english/advisories/2010/3137 http://secunia.com/advisories/42523 http://www.securityfocus.com/bid/45152 http://lists.fedoraproject.org/pipermail/package-announce/2010-December/051905.html http://xorl.wordpress.com/2010/12/06/cve-2010-4260-clamav-multiple-pdf-vulnerabilities/http://www.vupen.com/english/advisories/2010/3135 http://www.ubuntu.com/usn/USN-1031-1 http://secunia.com/advisories/42555 http://www.vupen.com/english/advisories/2010/3185 http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052401.html http://www.securitytracker.com/id?1024818 http://secunia.com/advisories/42720 http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html http://support.apple.com/kb/HT4581 http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html http://git.clamav.net/gitweb?p=clamav-devel.git%3Ba=blob_plain%3Bf=ChangeLog%3Bhb=master https://nvd.nist.gov https://usn.ubuntu.com/1031-1/

Get Started

CVE-2010-4260

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect