Bugzilla will be upgraded to version 5.0. The upgrade date is tentatively scheduled for 2 December 2018, pending final testing and feedback.
Bug 595318 - (CVE-2010-1639) CVE-2010-1639 Clam AntiVirus: Heap-based overflow, when processing malicious PDF file(s)
CVE-2010-1639 Clam AntiVirus: Heap-based overflow, when processing malicious ...
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
All Linux
medium Severity medium
: ---
: ---
Assigned To: Red Hat Product Security
: Security
Depends On: 595321 667203
  Show dependency treegraph
Reported: 2010-05-24 07:26 EDT by Jan Lieskovsky
Modified: 2015-07-31 02:26 EDT (History)
4 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2011-04-07 18:02:37 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Jan Lieskovsky 2010-05-24 07:26:12 EDT
BBabba found a heap-based overflow flaw, in the way Clam AntiVirus's
command line anti-virus scanner performed scanning of Portable Document
Format (PDF) files. If a local user was tricked into scanning a
specially-crafted PDF file, it could lead to clamscan executable
crash, or, potentially, arbitrary code execution with the privileges
of the user running the clamscan tool.

Upstream bug report:
  [1] https://wwws.clamav.net/bugzilla/show_bug.cgi?id=2016

Upstream changeset:
  [2] http://git.clamav.net/gitweb?p=clamav-devel.git;a=commitdiff;h=f0eb394501ec21b9fe67f36cbf5db788711d4236

CVE Request:
  [3] http://www.openwall.com/lists/oss-security/2010/05/21/5
Comment 1 Jan Lieskovsky 2010-05-24 07:30:52 EDT
This issue affects the current versions of the clamav package, as shipped
with Fedora releases of 11 and 12.

This issue affects the current versions of the clamav package, as shipped
within EPEL-4 and EPEL-5 repositories.

Please fix.
Comment 3 Vincent Danen 2010-05-25 17:24:06 EDT
This has been assigned CVE-2010-1639.
Comment 4 Christoph Wickert 2010-12-29 12:37:27 EST
Why is this still in state ON_QA if the blocking bug was closed on AUgust 18, 2010?
Comment 5 Vincent Danen 2011-01-04 12:33:58 EST
Most likely due to EPEL4 and 5 still providing clamav-0.95.1 which does not have this fix.  The blocking bug probably shouldn't have been closed until EPEL was updated.
Comment 6 Christoph Wickert 2011-01-04 12:43:35 EST
I suggest to make individual bugs for all affected releases and let this bug block all of them to avoid confusion.
Comment 7 Vincent Danen 2011-01-04 13:45:58 EST
We used to do that, and folks were (understandably) annoyed at the volume of bugs, so now we use one when it affects everything and get more granular if an issue affects one release and not another.  It should have probably been clearer that EPEL was affected, although comment #1 did indicate that.
Comment 8 Vincent Danen 2011-01-04 14:37:28 EST
Created clamav tracking bugs for this issue

Affects: epel-all [bug 667203]
Comment 9 Nick Bebout 2011-04-07 18:02:37 EDT
They should be pushed to stable, or will be soon.  Please reopen if bug still exists.

Note You need to log in before you can comment on or make changes to this bug.