Bug 597358 (CVE-2010-1640)

Summary: CVE-2010-1640 Clam AntiVirus: Off-by-one error (DoS, crash) by parsing a specially-crafted PE icon file
Product: [Other] Security Response Reporter: Jan Lieskovsky <jlieskov>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED ERRATA QA Contact:
Severity: low Docs Contact:
Priority: low    
Version: unspecifiedCC: rh-bugzilla
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
URL: https://wwws.clamav.net/bugzilla/show_bug.cgi?id=2031
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2021-10-19 09:12:00 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Jan Lieskovsky 2010-05-28 17:50:10 UTC 
Common Vulnerabilities and Exposures assigned an identifier CVE-2010-1640 to
the following vulnerability:

Off-by-one error in the parseicon function in libclamav/pe_icons.c in
ClamAV 0.96 allows remote attackers to cause a denial of service
(crash) via a crafted PE icon that triggers an out-of-bounds read,
related to improper rounding during scaling.

Upstream bug report:
  [1] https://wwws.clamav.net/bugzilla/show_bug.cgi?id=2031

Upstream changeset:
  [2] http://git.clamav.net/gitweb?p=clamav-devel.git;a=blobdiff;f=libclamav/pe_icons.c;h=3f1bc5be69d0f9d84e576814d1a3cc6f40c4ff2c;hp=39a714f05968f9e929576bf171dd0eb58bf06bef;hb=7f0e3bbf77382d9782e0189bf80f5f59a95779b3;hpb=f0eb394501ec21b9fe67f36cbf5db788711d4236

References:
  [3] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1640
  [4] http://www.openwall.com/lists/oss-security/2010/05/21/7
  [5] http://git.clamav.net/gitweb?p=clamav-devel.git;a=blob_plain;f=ChangeLog;hb=clamav-0.96.1
  [6] http://www.securityfocus.com/bid/40318
  [7] http://secunia.com/advisories/39895
  [8] http://www.vupen.com/english/advisories/2010/1214
  [9] http://xforce.iss.net/xforce/xfdb/58825
Comment 1 Jan Lieskovsky 2010-05-28 17:52:31 UTC 
This issue affects the current version (clamav-0.96-1402.fc14)
of the clamav package, as present in Rawhide. Please fix.

This issue does NOT affect the versions of the clamav package,
as shipped with Fedora releases of 11 and 12.

This issue does NOT affect the versions of the clamav package,
as present within EPEL-4 and EPEL-5 repositories.