Ubuntu Update For Clamav USN-1816-1 Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

It was discovered that ClamAV would incorrectly parse a UPX-packed executable, leading to possible inappropriate heap reads. An attacker could use this issue to cause ClamAV to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2013-2020) It was discovered that ClamAV would incorrectly parse a PDF document, potentially writing beyond the size of a static array. An attacker could use this issue to cause ClamAV to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2013-2021)

Affected

clamav on Ubuntu 13.04 , Ubuntu 12.10 , Ubuntu 12.04 LTS , Ubuntu 11.10 , Ubuntu 10.04 LTS

Severity

Classification

CVE CVE-2013-2020, CVE-2013-2021

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Ubuntu Update for apache2 USN-1903-1
Ubuntu Update for backuppc USN-1249-1
Ubuntu Update for dovecot USN-1295-1
Ubuntu Update for clamav vulnerability USN-1076-1
Ubuntu Update for apt USN-2246-1

Ubuntu Update for clamav USN-1816-1

Take action and discover your vulnerabilities