Mandriva Linux Security Advisory : clamav (MDVSA-2010:110)

Multiple vulnerabilities was discovered and fixed in clamav : The clipdf function in libclamav/pdf.c in ClamAV before 0.96.1 allows remote attackers to cause a denial of service crash via a malformed PDF file, related to an inconsistency in the calculated stream length and the real stream length...

CVE-2010-1639

The clipdf function in libclamav/pdf.c in ClamAV before 0.96.1 allows remote attackers to cause a denial of service crash via a malformed PDF file, related to an inconsistency in the calculated stream length and the real stream length...

PT-2010-3301 · Cisco · Clamav

Name of the Vulnerable Software and Affected Versions: ClamAV versions prior to 0.96.1 Description: The issue allows remote attackers to cause a denial of service crash via a malformed PDF file. This is related to an inconsistency in the calculated stream length and the real stream length in the...

CVE-2008-5984

Untrusted search path vulnerability in the Python plugin in Dia 0.96.1, and possibly other versions, allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to a vulnerability in the PySysSetArgv function CVE-2008-5983...

Design/Logic Flaw

Untrusted search path vulnerability in the Python plugin in Dia 0.96.1, and possibly other versions, allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to a vulnerability in the PySysSetArgv function CVE-2008-5983...

CVE-2008-5984

CVE-2008-5984 describes an untrusted search path vulnerability in the Python plugin used by Dia 0.96.1, enabling local users to run arbitrary code via a Trojan Python file in the current working directory. The underlying root cause is tied to PySys_SetArgv (CVE-2008-5983), which can prepend an em...