What is the severity of CVE-2010-1639?

CVE-2010-1639 has a severity rating that indicates it can lead to denial of service attacks through malformed PDF files.

How do I fix CVE-2010-1639?

To fix CVE-2010-1639, upgrade to ClamAV version 0.96.1 or later.

What systems are affected by CVE-2010-1639?

CVE-2010-1639 affects multiple versions of ClamAV including 0.02, 0.15, 0.86.2, and other versions up to 0.96.

How can CVE-2010-1639 be exploited?

CVE-2010-1639 can be exploited by sending a specially crafted PDF file to a vulnerable ClamAV installation, causing a crash.

Is it safe to use older versions of ClamAV with CVE-2010-1639?

Using older versions of ClamAV that are vulnerable to CVE-2010-1639 is not safe as they can be easily targeted for denial of service.

Vulnerability/
CVE-2010-1639

medium

4.3

CWE

NVD-CWE-Other

26/5/2010

7/8/2024

CVE-2010-1639

First published: Wed May 26 2010(Updated: )

The cli_pdf function in libclamav/pdf.c in ClamAV before 0.96.1 allows remote attackers to cause a denial of service (crash) via a malformed PDF file, related to an inconsistency in the calculated stream length and the real stream length.

Credit: secalert@redhat.com

Affected Software	Affected Version	How to fix
ClamAV	=0.95.2
ClamAV	=0.86.2
ClamAV	=0.88.5
ClamAV	=0.02
ClamAV	=0.92
ClamAV	=0.95-rc2
ClamAV	=0.15
ClamAV	=0.90-rc2
ClamAV	=0.75.1
ClamAV	=0.65
ClamAV	=0.88.7
ClamAV	=0.81
ClamAV	=0.86
ClamAV	=0.01
ClamAV	=0.85
ClamAV	=0.84
ClamAV	=0.3
ClamAV	=0.93.1
ClamAV	=0.90-rc1.1
ClamAV	=0.95.1
ClamAV	=0.93
ClamAV	=0.90
ClamAV	=0.70-rc
ClamAV	=0.86-rc1
ClamAV	=0.68.1
ClamAV	=0.03
ClamAV	=0.87.1
ClamAV	=0.9-rc1
ClamAV	=0.74
ClamAV	=0.93.3
ClamAV	=0.88
ClamAV	=0.91-rc1
ClamAV	=0.86.1
ClamAV	=0.71
ClamAV	=0.88.1
ClamAV	=0.60p
ClamAV	=0.94
ClamAV	=0.80-rc
ClamAV	=0.91.2
ClamAV	=0.85.1
ClamAV	=0.90-rc1
ClamAV	=0.13
ClamAV	=0.10
ClamAV	=0.94.2
ClamAV	=0.80-rc3
ClamAV	=0.12
ClamAV	=0.23
ClamAV	=0.84-rc1
ClamAV	=0.80-rc2
ClamAV	=0.95
ClamAV	=0.60
ClamAV	=0.88.2
ClamAV	=0.83
ClamAV	=0.20
ClamAV	=0.80-rc4
ClamAV	=0.90-rc3
ClamAV	=0.70
ClamAV	=0.88.4
ClamAV	=0.14
ClamAV	=0.24
ClamAV	=0.96-rc2
ClamAV	=0.66
ClamAV	<=0.96
ClamAV	=0.51
ClamAV	=0.52
ClamAV	=0.22
ClamAV	=0.72
ClamAV	=0.95-rc1
ClamAV	=0.91-rc2
ClamAV	=0.75
ClamAV	=0.05
ClamAV	=0.91
ClamAV	=0.54
ClamAV	=0.96-rc1
ClamAV	=0.80
ClamAV	=0.87
ClamAV	=0.21
ClamAV	=0.84-rc2
ClamAV	=0.67-1
ClamAV	=0.14-pre
ClamAV	=0.90.1
ClamAV	=0.91.1
ClamAV	=0.95.3
ClamAV	=0.88.3
ClamAV	=0.67
ClamAV	=0.92.1
ClamAV	=0.90.2
ClamAV	=0.68
ClamAV	=0.53
ClamAV	=0.93.2
ClamAV	=0.88.6
ClamAV	=0.94.1
ClamAV	=0.82
ClamAV	=0.73

Remedy

https://wwws.clamav.net/bugzilla/show_bug.cgi?id=2016

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2010-1639?
CVE-2010-1639 has a severity rating that indicates it can lead to denial of service attacks through malformed PDF files.
How do I fix CVE-2010-1639?
To fix CVE-2010-1639, upgrade to ClamAV version 0.96.1 or later.
What systems are affected by CVE-2010-1639?
CVE-2010-1639 affects multiple versions of ClamAV including 0.02, 0.15, 0.86.2, and other versions up to 0.96.
How can CVE-2010-1639 be exploited?
CVE-2010-1639 can be exploited by sending a specially crafted PDF file to a vulnerable ClamAV installation, causing a crash.
Is it safe to use older versions of ClamAV with CVE-2010-1639?
Using older versions of ClamAV that are vulnerable to CVE-2010-1639 is not safe as they can be easily targeted for denial of service.

agent/references
agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/severity
agent/remedy
agent/weakness
agent/author
agent/description
agent/event
agent/first-publish-date
agent/source
agent/tags
collector/nvd-historical
agent/software-canonical-lookup-request
collector/nvd-index
vendor/clamav
canonical/clamav
version/clamav/0.95.2
version/clamav/0.86.2
version/clamav/0.88.5
version/clamav/0.02
version/clamav/0.92
version/clamav/0.95-rc2
version/clamav/0.15
version/clamav/0.90-rc2
version/clamav/0.75.1
version/clamav/0.65
version/clamav/0.88.7
version/clamav/0.81
version/clamav/0.86
version/clamav/0.01
version/clamav/0.85
version/clamav/0.84
version/clamav/0.3
version/clamav/0.93.1
version/clamav/0.90-rc1.1
version/clamav/0.95.1
version/clamav/0.93
version/clamav/0.90
version/clamav/0.70-rc
version/clamav/0.86-rc1
version/clamav/0.68.1
version/clamav/0.03
version/clamav/0.87.1
version/clamav/0.9-rc1
version/clamav/0.74
version/clamav/0.93.3
version/clamav/0.88
version/clamav/0.91-rc1
version/clamav/0.86.1
version/clamav/0.71
version/clamav/0.88.1
version/clamav/0.60p
version/clamav/0.94
version/clamav/0.80-rc
version/clamav/0.91.2
version/clamav/0.85.1
version/clamav/0.90-rc1
version/clamav/0.13
version/clamav/0.10
version/clamav/0.94.2
version/clamav/0.80-rc3
version/clamav/0.12
version/clamav/0.23
version/clamav/0.84-rc1
version/clamav/0.80-rc2
version/clamav/0.95
version/clamav/0.60
version/clamav/0.88.2
version/clamav/0.83
version/clamav/0.20
version/clamav/0.80-rc4
version/clamav/0.90-rc3
version/clamav/0.70
version/clamav/0.88.4
version/clamav/0.14
version/clamav/0.24
version/clamav/0.96-rc2
version/clamav/0.66
version/clamav/0.96
version/clamav/0.51
version/clamav/0.52
version/clamav/0.22
version/clamav/0.72
version/clamav/0.95-rc1
version/clamav/0.91-rc2
version/clamav/0.75
version/clamav/0.05
version/clamav/0.91
version/clamav/0.54
version/clamav/0.96-rc1
version/clamav/0.80
version/clamav/0.87
version/clamav/0.21
version/clamav/0.84-rc2
version/clamav/0.67-1
version/clamav/0.14-pre
version/clamav/0.90.1
version/clamav/0.91.1
version/clamav/0.95.3
version/clamav/0.88.3
version/clamav/0.67
version/clamav/0.92.1
version/clamav/0.90.2
version/clamav/0.68
version/clamav/0.53
version/clamav/0.93.2
version/clamav/0.88.6
version/clamav/0.94.1
version/clamav/0.82
version/clamav/0.73