Candidate: CVE-2010-2800
PublicDate: 2010-08-09 11:58:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2800
 http://www.vupen.com/english/advisories/2010/1903
Description:
 The MS-ZIP decompressor in cabextract before 1.3 allows remote attackers to
 cause a denial of service (infinite loop) via a malformed MSZIP archive in
 a .cab file during a (1) test or (2) extract action, related to the
 libmspack library.
Ubuntu-Description:
Notes:
Bugs:
 https://bugs.launchpad.net/ubuntu/+source/cabextract/+bug/609708
 http://bugs.gentoo.org/show_bug.cgi?id=329891
 https://bugzilla.redhat.com/show_bug.cgi?id=620450
Priority: low
Discovered-by:
Assigned-to:
CVSS: 

Patches_cabextract:
 upstream: http://libmspack.svn.sourceforge.net/viewvc/libmspack?view=revision&revision=90
 upstream: http://libmspack.svn.sourceforge.net/viewvc/libmspack?view=revision&revision=95
upstream_cabextract: released (1.3)
dapper_cabextract: ignored (reached end-of-life)
hardy_cabextract: ignored (reached end-of-life)
jaunty_cabextract: ignored (reached end-of-life)
karmic_cabextract: ignored (reached end-of-life)
lucid_cabextract: ignored (reached end-of-life)
maverick_cabextract: not-affected (1.3-1)
natty_cabextract: not-affected (1.3-1)
oneiric_cabextract: not-affected (1.3-1)
precise_cabextract: not-affected (1.3-1)
quantal_cabextract: not-affected (1.3-1)
raring_cabextract: not-affected (1.3-1)
saucy_cabextract: not-affected (1.3-1)
devel_cabextract: not-affected (1.3-1)