Security Advisory

CVE-2010-2801

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2010-08-06 19:31:00

Last updated 2024-08-07 02:46:48

Assigner redhat

State PUBLISHED

Description

Integer signedness error in the Quantum decompressor in cabextract before 1.3, when archive test mode is used, allows user-assisted remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Quantum archive in a .cab file, related to the libmspack library.

← Browse all CVEs View on cve.org ↗