Published: 13/05/2013 Updated: 28/09/2015
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
VMScore: 383
Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

Vulnerability Summary

pdf.c in ClamAV 0.97.1 up to and including 0.97.7 allows remote malicious users to cause a denial of service (out-of-bounds-read) via a crafted length value in an encrypted PDF file.

Vendor Advisories

ClamAV could be made to crash or run programs if it opened a specially crafted file ...

Mailing Lists

vBulletin versions 5x and 4x suffer from a persistent cross site scripting vulnerability ...