ByteOS Network

NVD Vulnerability Details :

CVE-2013-2021

Deferred

Source-secalert@redhat.com

Published At-13 May, 2013 | 23:55

Updated At-11 Apr, 2025 | 00:51

pdf.c in ClamAV 0.97.1 through 0.97.7 allows remote attackers to cause a denial of service (out-of-bounds-read) via a crafted length value in an encrypted PDF file.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Primary	2.0	4.3	MEDIUM	AV:N/AC:M/Au:N/C:N/I:N/A:P

CPE Matches

Canonical Ltd.

>>ubuntu_linux>>10.04

cpe:2.3:o:canonical:ubuntu_linux:10.04:-:lts:*:*:*:*:*

Canonical Ltd.

>>ubuntu_linux>>11.10

cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:*

Canonical Ltd.

>>ubuntu_linux>>12.04

cpe:2.3:o:canonical:ubuntu_linux:12.04:-:lts:*:*:*:*:*

Canonical Ltd.

>>ubuntu_linux>>12.10

cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*

Canonical Ltd.

>>ubuntu_linux>>13.04

cpe:2.3:o:canonical:ubuntu_linux:13.04:*:*:*:*:*:*:*

SUSE

>>linux_enterprise_server>>11.0

cpe:2.3:o:suse:linux_enterprise_server:11.0:sp1:*:*:*:*:*:*

SUSE

>>linux_enterprise_server>>11.0

cpe:2.3:o:suse:linux_enterprise_server:11.0:sp2:*:*:*:*:*:*

ClamAV

>>clamav>>0.97.1

cpe:2.3:a:clamav:clamav:0.97.1:*:*:*:*:*:*:*

ClamAV

>>clamav>>0.97.2

cpe:2.3:a:clamav:clamav:0.97.2:*:*:*:*:*:*:*

ClamAV

>>clamav>>0.97.3

cpe:2.3:a:clamav:clamav:0.97.3:*:*:*:*:*:*:*

ClamAV

>>clamav>>0.97.4

cpe:2.3:a:clamav:clamav:0.97.4:*:*:*:*:*:*:*

ClamAV

>>clamav>>0.97.5

cpe:2.3:a:clamav:clamav:0.97.5:*:*:*:*:*:*:*

ClamAV

>>clamav>>0.97.6

cpe:2.3:a:clamav:clamav:0.97.6:*:*:*:*:*:*:*

ClamAV

>>clamav>>0.97.7

cpe:2.3:a:clamav:clamav:0.97.7:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
CWE-119	Primary	nvd@nist.gov

Evaluator Impact

Per http://www.ubuntu.com/usn/USN-1816-1/ "A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 13.04 Ubuntu 12.10 Ubuntu 12.04 LTS Ubuntu 11.10 Ubuntu 10.04 LTS"

References

Hyperlink	Source	Resource
http://blog.clamav.net/2013/04/clamav-0978-has-been-released.html	secalert@redhat.com	N/A
http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.html	secalert@redhat.com	N/A
http://lists.apple.com/archives/security-announce/2013/Sep/msg00004.html	secalert@redhat.com	N/A
http://lists.fedoraproject.org/pipermail/package-announce/2013-June/109514.html	secalert@redhat.com	N/A
http://lists.fedoraproject.org/pipermail/package-announce/2013-June/109639.html	secalert@redhat.com	N/A
http://lists.fedoraproject.org/pipermail/package-announce/2013-June/109652.html	secalert@redhat.com	N/A
http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105575.html	secalert@redhat.com	N/A
http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00006.html	secalert@redhat.com	N/A
http://lists.opensuse.org/opensuse-updates/2013-06/msg00018.html	secalert@redhat.com	N/A
http://lists.opensuse.org/opensuse-updates/2013-06/msg00020.html	secalert@redhat.com	N/A
http://secunia.com/advisories/53150	secalert@redhat.com	Vendor Advisory
http://secunia.com/advisories/53182	secalert@redhat.com	Vendor Advisory
http://support.apple.com/kb/HT5880	secalert@redhat.com	N/A
http://support.apple.com/kb/HT5892	secalert@redhat.com	N/A
http://www.mandriva.com/security/advisories?name=MDVSA-2013:159	secalert@redhat.com	N/A
http://www.openwall.com/lists/oss-security/2013/04/25/2	secalert@redhat.com	N/A
http://www.openwall.com/lists/oss-security/2013/04/29/20	secalert@redhat.com	N/A
http://www.securityfocus.com/bid/59434	secalert@redhat.com	N/A
http://www.ubuntu.com/usn/USN-1816-1	secalert@redhat.com	N/A
https://bugzilla.clamav.net/show_bug.cgi?id=7053	secalert@redhat.com	N/A
https://github.com/vrtadmin/clamav-devel/commit/24ff855c82d3f5c62bc5788a5776cefbffce2971	secalert@redhat.com	N/A
http://blog.clamav.net/2013/04/clamav-0978-has-been-released.html	af854a3a-2127-422b-91ae-364da2661108	N/A
http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.html	af854a3a-2127-422b-91ae-364da2661108	N/A
http://lists.apple.com/archives/security-announce/2013/Sep/msg00004.html	af854a3a-2127-422b-91ae-364da2661108	N/A
http://lists.fedoraproject.org/pipermail/package-announce/2013-June/109514.html	af854a3a-2127-422b-91ae-364da2661108	N/A
http://lists.fedoraproject.org/pipermail/package-announce/2013-June/109639.html	af854a3a-2127-422b-91ae-364da2661108	N/A
http://lists.fedoraproject.org/pipermail/package-announce/2013-June/109652.html	af854a3a-2127-422b-91ae-364da2661108	N/A
http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105575.html	af854a3a-2127-422b-91ae-364da2661108	N/A
http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00006.html	af854a3a-2127-422b-91ae-364da2661108	N/A
http://lists.opensuse.org/opensuse-updates/2013-06/msg00018.html	af854a3a-2127-422b-91ae-364da2661108	N/A
http://lists.opensuse.org/opensuse-updates/2013-06/msg00020.html	af854a3a-2127-422b-91ae-364da2661108	N/A
http://secunia.com/advisories/53150	af854a3a-2127-422b-91ae-364da2661108	Vendor Advisory
http://secunia.com/advisories/53182	af854a3a-2127-422b-91ae-364da2661108	Vendor Advisory
http://support.apple.com/kb/HT5880	af854a3a-2127-422b-91ae-364da2661108	N/A
http://support.apple.com/kb/HT5892	af854a3a-2127-422b-91ae-364da2661108	N/A
http://www.mandriva.com/security/advisories?name=MDVSA-2013:159	af854a3a-2127-422b-91ae-364da2661108	N/A
http://www.openwall.com/lists/oss-security/2013/04/25/2	af854a3a-2127-422b-91ae-364da2661108	N/A
http://www.openwall.com/lists/oss-security/2013/04/29/20	af854a3a-2127-422b-91ae-364da2661108	N/A
http://www.securityfocus.com/bid/59434	af854a3a-2127-422b-91ae-364da2661108	N/A
http://www.ubuntu.com/usn/USN-1816-1	af854a3a-2127-422b-91ae-364da2661108	N/A
https://bugzilla.clamav.net/show_bug.cgi?id=7053	af854a3a-2127-422b-91ae-364da2661108	N/A
https://github.com/vrtadmin/clamav-devel/commit/24ff855c82d3f5c62bc5788a5776cefbffce2971	af854a3a-2127-422b-91ae-364da2661108	N/A

CISA Catalog

Metrics

CPE Matches

Weaknesses

Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References

Change History