CVE-2010-2801
First published: Mon Aug 02 2010(Updated: )
An integer wrap-around flaw has been reported in the way cabextract processed certain Cabinet (*.cab) archive files. If a local user was tricked into opening a specially-crafted *.cab archive in test archive mode, it could lead to cabextract executable crash. References: [1] <a href="http://bugs.gentoo.org/show_bug.cgi?id=329891">http://bugs.gentoo.org/show_bug.cgi?id=329891</a> Upstream patches: [2] <a href="http://libmspack.svn.sourceforge.net/viewvc/libmspack/libmspack/trunk/mspack/qtmd.c?r1=114&r2=113">http://libmspack.svn.sourceforge.net/viewvc/libmspack/libmspack/trunk/mspack/qtmd.c?r1=114&r2=113</a> [3] <a href="http://libmspack.svn.sourceforge.net/viewvc/libmspack?view=revision&revision=118">http://libmspack.svn.sourceforge.net/viewvc/libmspack?view=revision&revision=118</a>
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cabextract | <=1.2 | |
| Cabextract | =0.1 | |
| Cabextract | =0.2 | |
| Cabextract | =0.3 | |
| Cabextract | =0.4 | |
| Cabextract | =0.5 | |
| Cabextract | =0.6 | |
| Cabextract | =1.0 | |
| Cabextract | =1.1 |
Remedy
http://libmspack.svn.sourceforge.net/viewvc/libmspack/libmspack/trunk/mspack/qtmd.c?r1=114&r2=113
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.vupen.com/english/advisories/2010/1997
- http://libmspack.svn.sourceforge.net/viewvc/libmspack/libmspack/trunk/mspack/qtmd.c?r1=114&r2=113
- http://libmspack.svn.sourceforge.net/viewvc/libmspack?view=revision&revision=118
- http://www.debian.org/security/2010/dsa-2087
- http://marc.info/?l=oss-security&m=128077976522470&w=2
- http://www.cabextract.org.uk/#changes
- http://www.vupen.com/english/advisories/2010/1903
- http://www.securityfocus.com/bid/42173
- http://bugs.gentoo.org/show_bug.cgi?id=329891
- https://bugzilla.redhat.com/show_bug.cgi?id=620454
- http://marc.info/?l=oss-security&m=128076168623266&w=2
- https://exchange.xforce.ibmcloud.com/vulnerabilities/60891
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=620457
- https://access.redhat.com/security/cve/CVE-2010-2801
Frequently Asked Questions
What is the severity of CVE-2010-2801?
CVE-2010-2801 is classified as a moderate severity vulnerability due to the potential for application crashes.
How do I fix CVE-2010-2801?
To mitigate CVE-2010-2801, users should upgrade to a version of cabextract later than 1.2.
What causes the vulnerability in CVE-2010-2801?
CVE-2010-2801 is caused by an integer wrap-around flaw when processing certain specially-crafted Cabinet archive files.
Who is affected by CVE-2010-2801?
CVE-2010-2801 affects users of cabextract versions 0.1 to 1.2.
What type of attack is possible with CVE-2010-2801?
An attacker could use CVE-2010-2801 to craft a malicious cabinet file that, when opened, results in a crash of the cabextract executable.
- collector/redhat-bugzilla
- alias/CVE-2010-2801
- agent/references
- agent/type
- agent/first-publish-date
- agent/last-modified-date
- agent/remedy
- agent/event
- agent/severity
- agent/author
- agent/weakness
- agent/description
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-historical
- agent/softwarecombine
- vendor/cabextract project
- canonical/cabextract
- version/cabextract/1.2
- version/cabextract/0.1
- version/cabextract/0.2
- version/cabextract/0.3
- version/cabextract/0.4
- version/cabextract/0.5
- version/cabextract/0.6
- version/cabextract/1.0
- version/cabextract/1.1