medium
5
CWE
Advisory Published
CVE Published
Updated

CVE-2010-4260

First published: Fri Dec 03 2010(Updated: )

Multiple unspecified vulnerabilities in pdf.c in libclamav in ClamAV before 0.96.5 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document, aka (1) "bb #2358" and (2) "bb #2396."

Credit: secalert@redhat.com

Affected SoftwareAffected VersionHow to fix
ClamAV<=0.96.4
ClamAV=0.01
ClamAV=0.02
ClamAV=0.3
ClamAV=0.03
ClamAV=0.05
ClamAV=0.8-rc3
ClamAV=0.9-rc1
ClamAV=0.10
ClamAV=0.12
ClamAV=0.13
ClamAV=0.14
ClamAV=0.14-pre
ClamAV=0.15
ClamAV=0.20
ClamAV=0.21
ClamAV=0.22
ClamAV=0.23
ClamAV=0.24
ClamAV=0.51
ClamAV=0.52
ClamAV=0.53
ClamAV=0.54
ClamAV=0.60
ClamAV=0.60p
ClamAV=0.65
ClamAV=0.66
ClamAV=0.67
ClamAV=0.67-1
ClamAV=0.68
ClamAV=0.68.1
ClamAV=0.70
ClamAV=0.70-rc
ClamAV=0.71
ClamAV=0.72
ClamAV=0.73
ClamAV=0.74
ClamAV=0.75
ClamAV=0.75.1
ClamAV=0.80
ClamAV=0.80-rc
ClamAV=0.80-rc1
ClamAV=0.80-rc2
ClamAV=0.80-rc3
ClamAV=0.80-rc4
ClamAV=0.80_rc
ClamAV=0.81
ClamAV=0.81-rc1
ClamAV=0.82
ClamAV=0.83
ClamAV=0.84
ClamAV=0.84-rc1
ClamAV=0.84-rc2
ClamAV=0.85
ClamAV=0.85.1
ClamAV=0.86
ClamAV=0.86-rc1
ClamAV=0.86.1
ClamAV=0.86.2
ClamAV=0.87
ClamAV=0.87.1
ClamAV=0.88
ClamAV=0.88.1
ClamAV=0.88.2
ClamAV=0.88.3
ClamAV=0.88.4
ClamAV=0.88.5
ClamAV=0.88.6
ClamAV=0.88.7
ClamAV=0.88.7_p0
ClamAV=0.88.7_p1
ClamAV=0.90
ClamAV=0.90-rc1
ClamAV=0.90-rc1.1
ClamAV=0.90-rc2
ClamAV=0.90-rc3
ClamAV=0.90.1
ClamAV=0.90.1_p0
ClamAV=0.90.2
ClamAV=0.90.2_p0
ClamAV=0.90.3
ClamAV=0.90.3_p0
ClamAV=0.90.3_p1
ClamAV=0.91
ClamAV=0.91-rc1
ClamAV=0.91-rc2
ClamAV=0.91.1
ClamAV=0.91.2
ClamAV=0.91.2_p0
ClamAV=0.92
ClamAV=0.92.1
ClamAV=0.92_p0
ClamAV=0.93
ClamAV=0.93.1
ClamAV=0.93.2
ClamAV=0.93.3
ClamAV=0.94
ClamAV=0.94.1
ClamAV=0.94.2
ClamAV=0.95
ClamAV=0.95-rc1
ClamAV=0.95-rc2
ClamAV=0.95-src1
ClamAV=0.95-src2
ClamAV=0.95.1
ClamAV=0.95.2
ClamAV=0.95.3
ClamAV=0.96
ClamAV=0.96-rc1
ClamAV=0.96-rc2
ClamAV=0.96.1
ClamAV=0.96.2
ClamAV=0.96.3

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the severity of CVE-2010-4260?

    CVE-2010-4260 has been classified as a critical vulnerability due to its potential to cause denial of service or execute arbitrary code.

  • How do I fix CVE-2010-4260?

    To fix CVE-2010-4260, upgrade ClamAV to version 0.96.5 or later.

  • What type of attacks does CVE-2010-4260 enable?

    CVE-2010-4260 enables remote attackers to cause application crashes or possibly execute arbitrary code through crafted PDF documents.

  • Which versions of ClamAV are affected by CVE-2010-4260?

    CVE-2010-4260 affects all ClamAV versions prior to 0.96.5.

  • Is CVE-2010-4260 a local or remote vulnerability?

    CVE-2010-4260 is a remote vulnerability, allowing attacks from outside the affected system.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203