Vigil@nce: ClamAV, buffer overflow via PDF
May 2010 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/
SYNTHESIS OF THE VULNERABILITY
An attacker can send a malformed PDF document, in order to stop
ClamAV, and possibly to execute code.
– Severity: 2/4
– Creation date: 21/05/2010
DESCRIPTION OF THE VULNERABILITY
A PDF document contains Streams objects, which can be compressed
with the DEFLATE algorithm.
The cli_pdf() function of the libclamav/pdf.c file allocates a
memory area to store uncompressed data. However, data can be
larger than the allocated size, which generates a buffer overflow.
An attacker can therefore send a malformed PDF document, in order
to stop ClamAV, and possibly to execute code.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/ClamAV-buffer-overflow-via-PDF-9659