CVE-2010-2801

Severity

51%

Complexity

49%

Confidentiality

106%

Integer signedness error in the Quantum decompressor in cabextract before 1.3, when archive test mode is used, allows user-assisted remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Quantum archive in a .cab file, related to the libmspack library.

CVSS 2.0 Base Score 5.1. CVSS Attack Vector: network. CVSS Attack Complexity: high. CVSS Vector: (AV:N/AC:H/Au:N/C:P/I:P/A:P).

Overview

Type

cabextract

First reported 14 years ago

2010-08-09 11:58:00

Last updated 7 years ago

2017-08-17 01:32:00

Affected Software

cabextract 0.1

0.1

cabextract 0.2

0.2

cabextract 0.3

0.3

cabextract 0.4

0.4

cabextract 0.5

0.5

cabextract 0.6

0.6

cabextract 1.0

1.0

cabextract 1.1

1.1

References

http://bugs.gentoo.org/show_bug.cgi?id=329891

http://libmspack.svn.sourceforge.net/viewvc/libmspack/libmspack/trunk/mspack/qtmd.c?r1=114&r2=113

Patch

http://libmspack.svn.sourceforge.net/viewvc/libmspack?view=revision&revision=118

Patch

[oss-security] 20100802 CVE Request [two ids] -- cabextract -- 1, Infinite loop in MS-ZIP and Quantum decoders (minor) 2, Integer wrap-around (crash) by processing certain *.cab files in test archive mode

[oss-security] 20100802 Re: CVE Request [two ids] -- cabextract -- 1, Infinite loop in MS-ZIP and Quantum decoders (minor) 2, Integer wrap-around (crash) by processing certain *.cab files in test archive mode

http://www.cabextract.org.uk/#changes

Patch

DSA-2087

42173

ADV-2010-1903

Patch, Vendor Advisory

ADV-2010-1997

Vendor Advisory

https://bugzilla.redhat.com/show_bug.cgi?id=620454

cabextract-archive-code-execution(60891)

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.

CVE-2010-2801

Severity

What is severity?

Complexity

What is complexity?

Confidentiality

What is confidentiality?

Overview

Type

First reported 14 years ago

Last updated 7 years ago

Affected Software

cabextract 0.1

cabextract 0.2

cabextract 0.3

cabextract 0.4

cabextract 0.5

cabextract 0.6

cabextract 1.0

cabextract 1.1

References

http://bugs.gentoo.org/show_bug.cgi?id=329891

http://libmspack.svn.sourceforge.net/viewvc/libmspack/libmspack/trunk/mspack/qtmd.c?r1=114&r2=113

http://libmspack.svn.sourceforge.net/viewvc/libmspack?view=revision&revision=118

[oss-security] 20100802 CVE Request [two ids] -- cabextract -- 1, Infinite loop in MS-ZIP and Quantum decoders (minor) 2, Integer wrap-around (crash) by processing certain *.cab files in test archive mode

[oss-security] 20100802 Re: CVE Request [two ids] -- cabextract -- 1, Infinite loop in MS-ZIP and Quantum decoders (minor) 2, Integer wrap-around (crash) by processing certain *.cab files in test archive mode

http://www.cabextract.org.uk/#changes

DSA-2087

42173

ADV-2010-1903

ADV-2010-1997

https://bugzilla.redhat.com/show_bug.cgi?id=620454

cabextract-archive-code-execution(60891)

Stay updated

Get in touch