ClamAV is prone to a denial-of-service vulnerability because it fails to properly bounds-check specially crafted PDF files. An attacker can exploit this issue to cause denial-of-service conditions. Due to the nature of this issue, arbitrary code execution may be possible this has not been confirmed. ClamAV 0.96.2 is vulnerable other versions may also be affected.
Updates are available. Please see the references for more information.