Computer Security
[EN] securityvulns.ru no-pyccku


cabextract code execution
Published:05.08.2010
Source:
SecurityVulns ID:11036
Type:local
Threat Level:
4/10
Affected:CABEXTRACT : cabextract 1.2
CVE:CVE-2010-2801 (Integer signedness error in the Quantum decompressor in cabextract before 1.3, when archive test mode is used, allows user-assisted remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Quantum archive in a .cab file, related to the libmspack library.)
Original documentdocumentDEBIAN, [SECURITY] [DSA 2087-1] New cabextract packages fix arbitrary code execution (05.08.2010)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod