383
VMScore

CVE-2013-2021

Published: 13/05/2013 Updated: 28/09/2015
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
VMScore: 383
Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

Vulnerability Summary

pdf.c in ClamAV 0.97.1 through 0.97.7 allows remote malicious users to cause a denial of service (out-of-bounds-read) via a crafted length value in an encrypted PDF file.

Affected Products

Vendor Product Versions
ClamavClamav0.97.1, 0.97.2, 0.97.3, 0.97.4, 0.97.5, 0.97.6, 0.97.7
CanonicalUbuntu Linux10.04, 11.10, 12.04, 12.10, 13.04
SuseLinux Enterprise Server11.0

Vendor Advisories

ClamAV could be made to crash or run programs if it opened a specially crafted file ...

Mailing Lists

vBulletin versions 5x and 4x suffer from a persistent cross site scripting vulnerability ...