Signature Detail

Short Name	HTTP:CLAMAV-ENCRYPT-PDF-MC
Severity	High
Recommended	No
Recommended Action	Drop
Category	HTTP
Keywords	ClamAV Encrypted PDF File Handling Memory Corruption
Release Date	2013/08/07
Update Number	2288
Supported Platforms	idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

HTTP: ClamAV Encrypted PDF File Handling Memory Corruption

This signature detects attempts to exploit a known vulnerability against ClamAV. Attackers can execute arbitrary code or trigger a denial of service condition on the targeted system.

Extended Description

pdf.c in ClamAV 0.97.1 through 0.97.7 allows remote attackers to cause a denial of service (out-of-bounds-read) via a crafted length value in an encrypted PDF file.

Affected Products

canonical ubuntu_linux 10.04 (-:lts)
canonical ubuntu_linux 11.10
canonical ubuntu_linux 12.04 (-:lts)
canonical ubuntu_linux 12.10
canonical ubuntu_linux 13.04
clamav 0.97.1
clamav 0.97.2
clamav 0.97.3
clamav 0.97.4
clamav 0.97.5
clamav 0.97.6
clamav 0.97.7

References

CVE: CVE-2013-2021

Signature Detail

Short Name

Severity

Recommended

Recommended Action

Category

Keywords

Release Date

Update Number

Supported Platforms

HTTP: ClamAV Encrypted PDF File Handling Memory Corruption

Extended Description

Affected Products

References