CVE-2010-2801 - Vulnerability Details - OpenCVE

Integer signedness error in the Quantum decompressor in cabextract before 1.3, when archive test mode is used, allows user-assisted remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Quantum archive in a .cab file, related to the libmspack library.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity High

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Cabextract Project	Cabextract

Configuration 1 [-]

OR	cpe:2.3:a:cabextract_project:cabextract::::::::
	cpe:2.3:a:cabextract_project:cabextract:0.1:::::::*
	cpe:2.3:a:cabextract_project:cabextract:0.2:::::::*
	cpe:2.3:a:cabextract_project:cabextract:0.3:::::::*
	cpe:2.3:a:cabextract_project:cabextract:0.4:::::::*
	cpe:2.3:a:cabextract_project:cabextract:0.5:::::::*
	cpe:2.3:a:cabextract_project:cabextract:0.6:::::::*
	cpe:2.3:a:cabextract_project:cabextract:1.0:::::::*
	cpe:2.3:a:cabextract_project:cabextract:1.1:::::::*

No data.

References

Link	Providers
http://bugs.gentoo.org/show_bug.cgi?id=329891
http://libmspack.svn.sourceforge.net/viewvc/libmspack/libmspack/trunk/mspack/qtmd.c?r1=114&r2=113
http://libmspack.svn.sourceforge.net/viewvc/libmspack?view=revision&revision=118
http://marc.info/?l=oss-security&m=128076168623266&w=2
http://marc.info/?l=oss-security&m=128077976522470&w=2
http://www.cabextract.org.uk/#changes
http://www.debian.org/security/2010/dsa-2087
http://www.securityfocus.com/bid/42173
http://www.vupen.com/english/advisories/2010/1903
http://www.vupen.com/english/advisories/2010/1997
https://bugzilla.redhat.com/show_bug.cgi?id=620454
https://exchange.xforce.ibmcloud.com/vulnerabilities/60891

History

No history.

MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2010-08-06T19:31:00

Updated: 2024-08-07T02:46:48.441Z

Reserved: 2010-07-22T00:00:00

Link: CVE-2010-2801

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2010-08-09T11:58:17.487

Modified: 2025-04-11T00:51:21.963

Link: CVE-2010-2801

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2010-07-23T00:00:00", "descriptions": [{"lang": "en", "value": "Integer signedness error in the Quantum decompressor in cabextract before 1.3, when archive test mode is used, allows user-assisted remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Quantum archive in a .cab file, related to the libmspack library."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-16T14:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"name": "ADV-2010-1903", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2010/1903"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://libmspack.svn.sourceforge.net/viewvc/libmspack?view=revision&revision=118"}, {"name": "[oss-security] 20100802 CVE Request [two ids] -- cabextract -- 1, Infinite loop in MS-ZIP and Quantum decoders (minor) 2, Integer wrap-around (crash) by processing certain *.cab files in test archive mode", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://marc.info/?l=oss-security&m=128076168623266&w=2"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://libmspack.svn.sourceforge.net/viewvc/libmspack/libmspack/trunk/mspack/qtmd.c?r1=114&r2=113"}, {"name": "[oss-security] 20100802 Re: CVE Request [two ids] -- cabextract -- 1, Infinite loop in MS-ZIP and Quantum decoders (minor) 2, Integer wrap-around (crash) by processing certain *.cab files in test archive mode", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://marc.info/?l=oss-security&m=128077976522470&w=2"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.cabextract.org.uk/#changes"}, {"name": "DSA-2087", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2010/dsa-2087"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://bugs.gentoo.org/show_bug.cgi?id=329891"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=620454"}, {"name": "ADV-2010-1997", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2010/1997"}, {"name": "cabextract-archive-code-execution(60891)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/60891"}, {"name": "42173", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/42173"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T02:46:48.441Z"}, "title": "CVE Program Container", "references": [{"name": "ADV-2010-1903", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2010/1903"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://libmspack.svn.sourceforge.net/viewvc/libmspack?view=revision&revision=118"}, {"name": "[oss-security] 20100802 CVE Request [two ids] -- cabextract -- 1, Infinite loop in MS-ZIP and Quantum decoders (minor) 2, Integer wrap-around (crash) by processing certain *.cab files in test archive mode", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://marc.info/?l=oss-security&m=128076168623266&w=2"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://libmspack.svn.sourceforge.net/viewvc/libmspack/libmspack/trunk/mspack/qtmd.c?r1=114&r2=113"}, {"name": "[oss-security] 20100802 Re: CVE Request [two ids] -- cabextract -- 1, Infinite loop in MS-ZIP and Quantum decoders (minor) 2, Integer wrap-around (crash) by processing certain *.cab files in test archive mode", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://marc.info/?l=oss-security&m=128077976522470&w=2"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.cabextract.org.uk/#changes"}, {"name": "DSA-2087", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2010/dsa-2087"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://bugs.gentoo.org/show_bug.cgi?id=329891"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=620454"}, {"name": "ADV-2010-1997", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2010/1997"}, {"name": "cabextract-archive-code-execution(60891)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/60891"}, {"name": "42173", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/42173"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2010-2801", "datePublished": "2010-08-06T19:31:00", "dateReserved": "2010-07-22T00:00:00", "dateUpdated": "2024-08-07T02:46:48.441Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cabextract_project:cabextract:*:*:*:*:*:*:*:*", "matchCriteriaId": "33B40EA4-BB4F-4A35-973F-BA856014B2F1", "versionEndIncluding": "1.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:cabextract_project:cabextract:0.1:*:*:*:*:*:*:*", "matchCriteriaId": "7D7B9CCF-67F3-4DC5-9362-09EE3D0FD87F", "vulnerable": true}, {"criteria": "cpe:2.3:a:cabextract_project:cabextract:0.2:*:*:*:*:*:*:*", "matchCriteriaId": "924128C3-DE58-4B6A-A497-59B5D3D311DE", "vulnerable": true}, {"criteria": "cpe:2.3:a:cabextract_project:cabextract:0.3:*:*:*:*:*:*:*", "matchCriteriaId": "24D2543F-BE6B-46FB-93E0-C0F9DEC4490D", "vulnerable": true}, {"criteria": "cpe:2.3:a:cabextract_project:cabextract:0.4:*:*:*:*:*:*:*", "matchCriteriaId": "4B596E7E-F51E-4DFF-A81F-21E4C3C81F63", "vulnerable": true}, {"criteria": "cpe:2.3:a:cabextract_project:cabextract:0.5:*:*:*:*:*:*:*", "matchCriteriaId": "63BDBB7A-673E-412B-BE69-05672AA3050D", "vulnerable": true}, {"criteria": "cpe:2.3:a:cabextract_project:cabextract:0.6:*:*:*:*:*:*:*", "matchCriteriaId": "8D5EC4F7-C88D-4DBA-A371-58DF4E6344A7", "vulnerable": true}, {"criteria": "cpe:2.3:a:cabextract_project:cabextract:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "670769A1-4133-4834-94E0-BF5F3EF2FFF5", "vulnerable": true}, {"criteria": "cpe:2.3:a:cabextract_project:cabextract:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "FDBD05D3-31A4-4079-A9E2-2B7EF6403624", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Integer signedness error in the Quantum decompressor in cabextract before 1.3, when archive test mode is used, allows user-assisted remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Quantum archive in a .cab file, related to the libmspack library."}, {"lang": "es", "value": "Error de presencia de signo en el decompresor Quantum en cabextract anteriores a v1.3, cuando est\u00e1 activado el modo test, permite a atacantes remotos asistidos por usuarios, provocar una denegaci\u00f3n de servicio (ca\u00edda de la aplicaci\u00f3n) o posiblemente ejecuci\u00f3n de c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un fichero Quatum modificado en un fichero .cab, relativo a la biblioteca libmspack.\r\n"}], "id": "CVE-2010-2801", "lastModified": "2025-04-11T00:51:21.963", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 4.9, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2010-08-09T11:58:17.487", "references": [{"source": "secalert@redhat.com", "url": "http://bugs.gentoo.org/show_bug.cgi?id=329891"}, {"source": "secalert@redhat.com", "tags": ["Patch"], "url": "http://libmspack.svn.sourceforge.net/viewvc/libmspack/libmspack/trunk/mspack/qtmd.c?r1=114&r2=113"}, {"source": "secalert@redhat.com", "tags": ["Patch"], "url": "http://libmspack.svn.sourceforge.net/viewvc/libmspack?view=revision&revision=118"}, {"source": "secalert@redhat.com", "url": "http://marc.info/?l=oss-security&m=128076168623266&w=2"}, {"source": "secalert@redhat.com", "url": "http://marc.info/?l=oss-security&m=128077976522470&w=2"}, {"source": "secalert@redhat.com", "tags": ["Patch"], "url": "http://www.cabextract.org.uk/#changes"}, {"source": "secalert@redhat.com", "url": "http://www.debian.org/security/2010/dsa-2087"}, {"source": "secalert@redhat.com", "url": "http://www.securityfocus.com/bid/42173"}, {"source": "secalert@redhat.com", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2010/1903"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2010/1997"}, {"source": "secalert@redhat.com", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=620454"}, {"source": "secalert@redhat.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/60891"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://bugs.gentoo.org/show_bug.cgi?id=329891"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "http://libmspack.svn.sourceforge.net/viewvc/libmspack/libmspack/trunk/mspack/qtmd.c?r1=114&r2=113"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "http://libmspack.svn.sourceforge.net/viewvc/libmspack?view=revision&revision=118"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=oss-security&m=128076168623266&w=2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=oss-security&m=128077976522470&w=2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "http://www.cabextract.org.uk/#changes"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2010/dsa-2087"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/42173"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2010/1903"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2010/1997"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=620454"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/60891"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-189"}], "source": "nvd@nist.gov", "type": "Primary"}]}