CVE-2013-2021 – Apple Security Advisory 2013-09-12-1

https://notcve.org/view.php?id=CVE-2013-2021

13 May 2013 — pdf.c in ClamAV 0.97.1 through 0.97.7 allows remote attackers to cause a denial of service (out-of-bounds-read) via a crafted length value in an encrypted PDF file. pdf.c en ClamAV v0.97.1 hasta v0.97.7 ermite a atacantes remotos provocar una denegación de servicio (lectura fuera de limite) a través de la modificación de longitud en un fichero PDF cifrado. Multiple vulnerabilities have been found in ClamAV, the worst of which could lead to arbitrary code execution. Versions less than 0.98 are affected. • http://blog.clamav.net/2013/04/clamav-0978-has-been-released.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •