Vulnerability CVE-2010-4479 - CERT Civis.Net

Vulnerability Name:

CVE-2010-4479 (CCN-63661)

Assigned:

2010-12-02

Published:

2010-12-02

Updated:

2011-03-24

Summary:

Unspecified vulnerability in pdf.c in libclamav in ClamAV before 0.96.5 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document, aka "bb #2380," a different vulnerability than CVE-2010-4260.

CVSS v3 Severity:

5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Low

CVSS v2 Severity:

7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
5.5 Medium (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

4.3 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P)
3.2 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

Vulnerability Type:

Vulnerability Consequences:

Denial of Service

References:

Source: MITRE
Type: CNA
CVE-2010-4479

Source: CCN
Type: Freshmeat Web Site
Version 0.96.5 of Clam AntiVirus

Source: CONFIRM
Type: UNKNOWN
http://git.clamav.net/gitweb?p=clamav-devel.git;a=blob_plain;f=ChangeLog;hb=master

Source: APPLE
Type: UNKNOWN
APPLE-SA-2011-03-21-1

Source: FEDORA
Type: UNKNOWN
FEDORA-2010-18568

Source: FEDORA
Type: UNKNOWN
FEDORA-2010-18564

Source: SUSE
Type: UNKNOWN
SUSE-SR:2010:024

Source: MLIST
Type: UNKNOWN
[oss-security] 20101203 clamav 0.96.5 released

Source: MLIST
Type: UNKNOWN
[oss-security] 20101203 Re: clamav 0.96.5 released

Source: MLIST
Type: UNKNOWN
[oss-security] 20101203 Re: clamav 0.96.5 released

Source: CCN
Type: SA42426
ClamAV Multiple Vulnerabilities

Source: SECUNIA
Type: Vendor Advisory
42426

Source: SECUNIA
Type: UNKNOWN
42555

Source: SECUNIA
Type: UNKNOWN
42720

Source: CCN
Type: SECTRACK ID: 1024818
Clam AntiVirus Bugs Let Remote Users Deny Service and Execute Arbitrary Code

Source: CCN
Type: Apple Web site
About the security content of Mac OS X v10.6.7 and Security Update 2011-001

Source: CONFIRM
Type: UNKNOWN
http://support.apple.com/kb/HT4581

Source: CCN
Type: Clam AntiVirus Web site
Clam AntiVirus

Source: MANDRIVA
Type: UNKNOWN
MDVSA-2010:249

Source: CCN
Type: OSVDB ID: 69656
ClamAV libclamav pdf.c PDF File Handling DoS (2010-4479)

Source: BID
Type: UNKNOWN
45152

Source: CCN
Type: BID-45152
ClamAV Prior to 0.96.5 Multiple Vulnerabilities

Source: SECTRACK
Type: UNKNOWN
1024818

Source: UBUNTU
Type: UNKNOWN
USN-1031-1

Source: VUPEN
Type: Vendor Advisory
ADV-2010-3135

Source: VUPEN
Type: Vendor Advisory
ADV-2010-3137

Source: VUPEN
Type: UNKNOWN
ADV-2010-3185

Source: MISC
Type: UNKNOWN
http://xorl.wordpress.com/2010/12/06/cve-2010-4260-clamav-multiple-pdf-vulnerabilities/

Source: CONFIRM
Type: UNKNOWN
https://bugzilla.redhat.com/show_bug.cgi?id=659861

Source: XF
Type: UNKNOWN
clamav-pdf-files-dos(63661)

Source: SUSE
Type: SUSE-SR:2010:024
SUSE Security Summary Report

Source: CONFIRM
Type: UNKNOWN
https://wwws.clamav.net/bugzilla/show_bug.cgi?id=2380

Vulnerable Configuration:

Configuration 1:

cpe:/a:clamav:clamav:0.01:*:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.02:*:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.03:*:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.3:*:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.05:*:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.8:rc3:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.9:rc1:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.10:*:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.12:*:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.13:*:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.14:*:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.14:pre:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.15:*:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.20:*:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.21:*:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.22:*:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.23:*:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.24:*:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.51:*:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.52:*:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.53:*:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.54:*:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.60:*:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.60p:*:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.65:*:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.66:*:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.67:*:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.67-1:*:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.68:*:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.68.1:*:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.70:*:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.70:rc:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.71:*:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.72:*:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.73:*:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.74:*:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.75:*:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.75.1:*:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.80:*:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.80:rc:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.80:rc1:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.80:rc2:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.80:rc3:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.80:rc4:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.80_rc:*:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.81:*:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.81:rc1:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.82:*:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.83:*:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.84:*:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.84:rc1:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.84:rc2:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.85:*:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.85.1:*:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.86:*:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.86:rc1:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.86.1:*:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.86.2:*:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.87:*:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.87.1:*:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.88:*:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.88.1:*:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.88.2:*:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.88.3:*:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.88.4:*:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.88.5:*:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.88.6:*:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.88.7:*:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.88.7_p0:*:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.88.7_p1:*:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.90:*:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.90:rc1:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.90:rc1.1:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.90:rc2:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.90:rc3:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.90.1:*:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.90.1_p0:*:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.90.2:*:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.90.2_p0:*:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.90.3:*:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.90.3_p0:*:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.90.3_p1:*:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.91:*:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.91:rc1:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.91:rc2:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.91.1:*:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.91.2:*:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.91.2_p0:*:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.92:*:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.92.1:*:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.92_p0:*:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.93:*:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.93.1:*:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.93.2:*:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.93.3:*:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.94:*:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.94.1:*:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.94.2:*:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.95:*:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.95:rc1:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.95:rc2:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.95:src1:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.95:src2:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.95.1:*:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.95.2:*:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.95.3:*:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.96:*:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.96:rc1:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.96:rc2:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.96.1:*:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.96.2:*:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.96.3:*:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:*:*:*:*:*:*:*:* (Version <= 0.96.4)

Configuration CCN 1:

cpe:/o:apple:mac_os_x_server:10.6:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x:10.6:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x_server:10.6.1:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x:10.6.1:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x_server:10.6.2:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x:10.6.2:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x:10.6.3:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x_server:10.6.3:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x_server:10.6.4:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x:10.6.4:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x_server:10.6.5:*:*:*:*:*:*:*

OR cpe:/a:clamav:clamav:0.96.4:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x:10.6.5:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x_server:10.6.6:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x:10.6.6:*:*:*:*:*:*:*

AND

cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0::x86_64:*:*:*:*:*

OR cpe:/o:mandriva:linux:2009.0:*:*:*:*:*:*:*

OR cpe:/o:mandriva:linux:2009.0:-:x86_64:*:*:*:*:*

OR cpe:/o:mandriva:enterprise_server:5:*:*:*:*:*:*:*

OR cpe:/o:mandriva:enterprise_server:5:*:*:*:x86_64:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.mitre.oval:def:12559	P	USN-1031-1 -- clamav vulnerabilities	2014-06-30