What is the severity of CVE-2010-0098?

CVE-2010-0098 has a moderate severity level due to its potential to allow bypassing of virus detection.

How do I fix CVE-2010-0098?

To fix CVE-2010-0098, update ClamAV to version 0.96 or later, where this vulnerability is addressed.

Which versions of ClamAV are affected by CVE-2010-0098?

CVE-2010-0098 affects multiple versions of ClamAV prior to 0.96, including 0.95.2 and earlier.

What types of files are improperly handled due to CVE-2010-0098?

CVE-2010-0098 specifically affects CAB and 7z file formats within ClamAV.

Can CVE-2010-0098 be exploited remotely?

Yes, CVE-2010-0098 can be exploited remotely through crafted archive files.

Vulnerability/
CVE-2010-0098

critical

CWE

8/4/2010

11/4/2025

CVE-2010-0098

First published: Thu Apr 08 2010(Updated: )

ClamAV before 0.96 does not properly handle the (1) CAB and (2) 7z file formats, which allows remote attackers to bypass virus detection via a crafted archive that is compatible with standard archive utilities.

Credit: cret@cert.org

Affected Software	Affected Version	How to fix
ClamAV	=0.95.2
ClamAV	=0.86.2
ClamAV	=0.88.5
ClamAV	=0.02
ClamAV	=0.92
ClamAV	=0.95-rc2
ClamAV	=0.15
ClamAV	=0.90-rc2
ClamAV	=0.75.1
ClamAV	=0.65
ClamAV	=0.88.7
ClamAV	=0.81
ClamAV	=0.86
ClamAV	=0.01
ClamAV	=0.85
ClamAV	=0.84
ClamAV	=0.3
ClamAV	=0.93.1
ClamAV Daemon	=0.04
ClamAV	=0.90-rc1.1
ClamAV	=0.95.1
ClamAV	=0.93
ClamAV	=0.90
ClamAV	=0.70-rc
ClamAV	=0.86-rc1
ClamAV	=0.68.1
ClamAV	=0.03
ClamAV	=0.87.1
ClamAV	=0.9-rc1
ClamAV	=0.74
ClamAV	=0.93.3
ClamAV	=0.88
ClamAV	=0.91-rc1
ClamAV	=0.86.1
ClamAV	=0.71
ClamAV	=0.88.1
ClamAV	=0.60p
ClamAV	=0.94
ClamAV	=0.80-rc
ClamAV	=0.91.2
ClamAV	=0.90.3
ClamAV	=0.85.1
ClamAV	=0.90-rc1
ClamAV	=0.13
ClamAV	=0.10
ClamAV	=0.94.2
ClamAV	=0.80-rc3
ClamAV	=0.12
ClamAV	=0.23
ClamAV	=0.84-rc1
ClamAV	=0.80-rc2
ClamAV	=0.95
ClamAV	=0.60
ClamAV	=0.88.2
ClamAV	=0.83
ClamAV	=0.20
ClamAV	=0.80-rc4
ClamAV	=0.90-rc3
ClamAV	=0.70
ClamAV	=0.88.4
ClamAV	=0.14
ClamAV	=0.24
ClamAV	=0.66
ClamAV	=0.51
ClamAV	=0.52
ClamAV	=0.22
ClamAV	=0.72
ClamAV	=0.95-rc1
ClamAV Daemon	=0.06
ClamAV	=0.91-rc2
ClamAV	=0.75
ClamAV	=0.05
ClamAV	=0.91
ClamAV	=0.54
ClamAV	=0.96-rc1
ClamAV	=0.80
ClamAV	<=0.96
ClamAV	=0.87
ClamAV	=0.21
ClamAV	=0.84-rc2
ClamAV	=0.67-1
ClamAV	=0.14-pre
ClamAV	=0.90.1
ClamAV	=0.91.1
ClamAV	=0.95.3
ClamAV	=0.88.3
ClamAV	=0.67
ClamAV	=0.92.1
ClamAV	=0.90.2
ClamAV	=0.68
ClamAV	=0.53
ClamAV	=0.93.2
ClamAV	=0.88.6
ClamAV	=0.94.1
ClamAV	=0.82
ClamAV	=0.73
	<=0.96
	=0.01
	=0.02
	=0.3
	=0.03
	=0.05
	=0.9-rc1
	=0.10
	=0.12
	=0.13
	=0.14
	=0.14-pre
	=0.15
	=0.20
	=0.21
	=0.22
	=0.23
	=0.24
	=0.51
	=0.52
	=0.53
	=0.54
	=0.60
	=0.60p
	=0.65
	=0.66
	=0.67
	=0.67-1
	=0.68
	=0.68.1
	=0.70
	=0.70-rc
	=0.71
	=0.72
	=0.73
	=0.74
	=0.75
	=0.75.1
	=0.80
	=0.80-rc
	=0.80-rc2
	=0.80-rc3
	=0.80-rc4
	=0.81
	=0.82
	=0.83
	=0.84
	=0.84-rc1
	=0.84-rc2
	=0.85
	=0.85.1
	=0.86
	=0.86-rc1
	=0.86.1
	=0.86.2
	=0.87
	=0.87.1
	=0.88
	=0.88.1
	=0.88.2
	=0.88.3
	=0.88.4
	=0.88.5
	=0.88.6
	=0.88.7
	=0.90
	=0.90-rc1
	=0.90-rc1.1
	=0.90-rc2
	=0.90-rc3
	=0.90.1
	=0.90.2
	=0.90.3
	=0.91
	=0.91-rc1
	=0.91-rc2
	=0.91.1
	=0.91.2
	=0.92
	=0.92.1
	=0.93
	=0.93.1
	=0.93.2
	=0.93.3
	=0.94
	=0.94.1
	=0.94.2
	=0.95
	=0.95-rc1
	=0.95-rc2
	=0.95.1
	=0.95.2
	=0.95.3
	=0.96-rc1
	=0.04
	=0.06

Remedy

http://www.securityfocus.com/bid/39262

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2010-0098?
CVE-2010-0098 has a moderate severity level due to its potential to allow bypassing of virus detection.
How do I fix CVE-2010-0098?
To fix CVE-2010-0098, update ClamAV to version 0.96 or later, where this vulnerability is addressed.
Which versions of ClamAV are affected by CVE-2010-0098?
CVE-2010-0098 affects multiple versions of ClamAV prior to 0.96, including 0.95.2 and earlier.
What types of files are improperly handled due to CVE-2010-0098?
CVE-2010-0098 specifically affects CAB and 7z file formats within ClamAV.
Can CVE-2010-0098 be exploited remotely?
Yes, CVE-2010-0098 can be exploited remotely through crafted archive files.

agent/type
collector/mitre-cve
source/MITRE
agent/remedy
agent/references
agent/weakness
agent/severity
agent/description
agent/first-publish-date
agent/author
collector/nvd-historical
agent/software-canonical-lookup-request
collector/nvd-index
agent/last-modified-date
agent/source
agent/softwarecombine
agent/tags
collector/nvd-api
source/NVD
agent/software-canonical-lookup
agent/event
vendor/clamav
canonical/clamav
version/clamav/0.95.2
version/clamav/0.86.2
version/clamav/0.88.5
version/clamav/0.02
version/clamav/0.92
version/clamav/0.95-rc2
version/clamav/0.15
version/clamav/0.90-rc2
version/clamav/0.75.1
version/clamav/0.65
version/clamav/0.88.7
version/clamav/0.81
version/clamav/0.86
version/clamav/0.01
version/clamav/0.85
version/clamav/0.84
version/clamav/0.3
version/clamav/0.93.1
vendor/clamavs
canonical/clamav daemon
version/clamav daemon/0.04
version/clamav/0.90-rc1.1
version/clamav/0.95.1
version/clamav/0.93
version/clamav/0.90
version/clamav/0.70-rc
version/clamav/0.86-rc1
version/clamav/0.68.1
version/clamav/0.03
version/clamav/0.87.1
version/clamav/0.9-rc1
version/clamav/0.74
version/clamav/0.93.3
version/clamav/0.88
version/clamav/0.91-rc1
version/clamav/0.86.1
version/clamav/0.71
version/clamav/0.88.1
version/clamav/0.60p
version/clamav/0.94
version/clamav/0.80-rc
version/clamav/0.91.2
version/clamav/0.90.3
version/clamav/0.85.1
version/clamav/0.90-rc1
version/clamav/0.13
version/clamav/0.10
version/clamav/0.94.2
version/clamav/0.80-rc3
version/clamav/0.12
version/clamav/0.23
version/clamav/0.84-rc1
version/clamav/0.80-rc2
version/clamav/0.95
version/clamav/0.60
version/clamav/0.88.2
version/clamav/0.83
version/clamav/0.20
version/clamav/0.80-rc4
version/clamav/0.90-rc3
version/clamav/0.70
version/clamav/0.88.4
version/clamav/0.14
version/clamav/0.24
version/clamav/0.66
version/clamav/0.51
version/clamav/0.52
version/clamav/0.22
version/clamav/0.72
version/clamav/0.95-rc1
version/clamav daemon/0.06
version/clamav/0.91-rc2
version/clamav/0.75
version/clamav/0.05
version/clamav/0.91
version/clamav/0.54
version/clamav/0.96-rc1
version/clamav/0.80
version/clamav/0.96
version/clamav/0.87
version/clamav/0.21
version/clamav/0.84-rc2
version/clamav/0.67-1
version/clamav/0.14-pre
version/clamav/0.90.1
version/clamav/0.91.1
version/clamav/0.95.3
version/clamav/0.88.3
version/clamav/0.67
version/clamav/0.92.1
version/clamav/0.90.2
version/clamav/0.68
version/clamav/0.53
version/clamav/0.93.2
version/clamav/0.88.6
version/clamav/0.94.1
version/clamav/0.82
version/clamav/0.73