Computer Security
[EN] securityvulns.ru no-pyccku


ClamAV antivirus multiple security vulnerabilities
Published:28.05.2010
Source:
SecurityVulns ID:10880
Type:remote
Threat Level:
7/10
Description:Memory corruptions on PDF and PE files parsing.
Affected:CLAMAV : ClamAV 0.96
CVE:CVE-2010-1640 (Off-by-one error in the parseicon function in libclamav/pe_icons.c in ClamAV 0.96 allows remote attackers to cause a denial of service (crash) via a crafted PE icon that triggers an out-of-bounds read, related to improper rounding during scaling.)
 CVE-2010-1639 (The cli_pdf function in libclamav/pdf.c in ClamAV before 0.96.1 allows remote attackers to cause a denial of service (crash) via a malformed PDF file, related to an inconsistency in the calculated stream length and the real stream length.)
Original documentdocumentMANDRIVA, [ MDVSA-2010:110 ] clamav (28.05.2010)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod