CVE-2010-0098

Executive Summary

Informations
Name	CVE-2010-0098	First vendor Publication	2010-04-08
Vendor	Cve	Last vendor Modification	2010-08-31

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score	10	Attack Range	Network
Cvss Impact Score	10	Attack Complexity	Low
Cvss Expoit Score	10	Authentification	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

ClamAV before 0.96 does not properly handle the (1) CAB and (2) 7z file formats, which allows remote attackers to bypass virus detection via a crafted archive that is compatible with standard archive utilities.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0098

CPE : Common Platform Enumeration

Type	Description	Count
Application	Clamav Clamav cpe:/a:clamav:clamav:0.96:rc1 cpe:/a:clamav:clamav:0.96:rc2 cpe:/a:clamav:clamav:0.95.3 cpe:/a:clamav:clamav:0.95.2 cpe:/a:clamav:clamav:0.95.1 cpe:/a:clamav:clamav:0.95 cpe:/a:clamav:clamav:0.95:rc2 cpe:/a:clamav:clamav:0.95:rc1 cpe:/a:clamav:clamav:0.94.2 cpe:/a:clamav:clamav:0.94.1 cpe:/a:clamav:clamav:0.94 cpe:/a:clamav:clamav:0.93.3 cpe:/a:clamav:clamav:0.93.2 cpe:/a:clamav:clamav:0.93.1 cpe:/a:clamav:clamav:0.93 cpe:/a:clamav:clamav:0.92.1 cpe:/a:clamav:clamav:0.92 cpe:/a:clamav:clamav:0.91.2 cpe:/a:clamav:clamav:0.91.1 cpe:/a:clamav:clamav:0.91:rc2 cpe:/a:clamav:clamav:0.91:rc1 cpe:/a:clamav:clamav:0.91 cpe:/a:clamav:clamav:0.90.3 cpe:/a:clamav:clamav:0.90.2 cpe:/a:clamav:clamav:0.90.1 cpe:/a:clamav:clamav:0.90:rc1 cpe:/a:clamav:clamav:0.90:rc2 cpe:/a:clamav:clamav:0.90:rc1.1 cpe:/a:clamav:clamav:0.90:rc3 cpe:/a:clamav:clamav:0.90 cpe:/a:clamav:clamav:0.9:rc1 cpe:/a:clamav:clamav:0.88.7 cpe:/a:clamav:clamav:0.88.6 cpe:/a:clamav:clamav:0.88.5 cpe:/a:clamav:clamav:0.88.4 cpe:/a:clamav:clamav:0.88.3 cpe:/a:clamav:clamav:0.88.2 cpe:/a:clamav:clamav:0.88.1 cpe:/a:clamav:clamav:0.88 cpe:/a:clamav:clamav:0.87.1 cpe:/a:clamav:clamav:0.87 cpe:/a:clamav:clamav:0.86.2 cpe:/a:clamav:clamav:0.86.1 cpe:/a:clamav:clamav:0.86 cpe:/a:clamav:clamav:0.86:rc1 cpe:/a:clamav:clamav:0.85.1 cpe:/a:clamav:clamav:0.85 cpe:/a:clamav:clamav:0.84:rc2 cpe:/a:clamav:clamav:0.84:rc1 cpe:/a:clamav:clamav:0.84 cpe:/a:clamav:clamav:0.83 cpe:/a:clamav:clamav:0.82 cpe:/a:clamav:clamav:0.81 cpe:/a:clamav:clamav:0.80:rc2 cpe:/a:clamav:clamav:0.80:rc cpe:/a:clamav:clamav:0.80:rc4 cpe:/a:clamav:clamav:0.80:rc3 cpe:/a:clamav:clamav:0.80 cpe:/a:clamav:clamav:0.75.1 cpe:/a:clamav:clamav:0.75 cpe:/a:clamav:clamav:0.74 cpe:/a:clamav:clamav:0.73 cpe:/a:clamav:clamav:0.72 cpe:/a:clamav:clamav:0.71 cpe:/a:clamav:clamav:0.70 cpe:/a:clamav:clamav:0.70:rc cpe:/a:clamav:clamav:0.68.1 cpe:/a:clamav:clamav:0.68 cpe:/a:clamav:clamav:0.67-1 cpe:/a:clamav:clamav:0.67 cpe:/a:clamav:clamav:0.66 cpe:/a:clamav:clamav:0.65 cpe:/a:clamav:clamav:0.60p cpe:/a:clamav:clamav:0.60 cpe:/a:clamav:clamav:0.54 cpe:/a:clamav:clamav:0.53 cpe:/a:clamav:clamav:0.52 cpe:/a:clamav:clamav:0.51 cpe:/a:clamav:clamav:0.3 cpe:/a:clamav:clamav:0.24 cpe:/a:clamav:clamav:0.23 cpe:/a:clamav:clamav:0.22 cpe:/a:clamav:clamav:0.21 cpe:/a:clamav:clamav:0.20 cpe:/a:clamav:clamav:0.15 cpe:/a:clamav:clamav:0.14 cpe:/a:clamav:clamav:0.14:pre cpe:/a:clamav:clamav:0.13 cpe:/a:clamav:clamav:0.12 cpe:/a:clamav:clamav:0.10 cpe:/a:clamav:clamav:0.05 cpe:/a:clamav:clamav:0.03 cpe:/a:clamav:clamav:0.02 cpe:/a:clamav:clamav:0.01	94
Application	Clamavs Clamav cpe:/a:clamavs:clamav:0.06 cpe:/a:clamavs:clamav:0.04	2

Open Source Vulnerability Database (OSVDB)

id	Description
63861	ClamAV Malformed CAB File Scanning Bypass

Internal Sources (Detail)

Source	Url
APPLE	http://lists.apple.com/archives/security-announce/2010//Aug/msg00003.html
BID	http://www.securityfocus.com/bid/39262
CONFIRM	http://git.clamav.net/gitweb?p=clamav-devel.git;a=blob_plain;f=ChangeLog;hb=c... http://support.apple.com/kb/HT4312 https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1826
MANDRIVA	http://www.mandriva.com/security/advisories?name=MDVSA-2010:082
MLIST	http://www.openwall.com/lists/oss-security/2010/04/06/4 http://www.openwall.com/lists/oss-security/2010/04/08/3
SECUNIA	http://secunia.com/advisories/39293 http://secunia.com/advisories/39329 http://secunia.com/advisories/39656
SUSE	http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00006.html
UBUNTU	http://www.ubuntu.com/usn/USN-926-1
VUPEN	http://www.vupen.com/english/advisories/2010/0827 http://www.vupen.com/english/advisories/2010/0832 http://www.vupen.com/english/advisories/2010/0909 http://www.vupen.com/english/advisories/2010/1001 http://www.vupen.com/english/advisories/2010/1206

Alert History

If you want to see full details history, please login or register.

Date	Informations
2013-05-10 23:16:02	Multiple Updates

Type	Count
CPE ID(s)	96
osvdb(s)	1

Related	Severity
USN-926-1	(Critical)
MDVSA-2010:082-1	(Critical)
MDVSA-2010:082	(Critical)
GLSA-201009-06	(Critical)

Same Subject	Severity
Login to view 3 more Alert(s)

CVE-2010-0098

Executive Summary

Security-Database Scoring CVSS v2

Detail

Original Source

CPE : Common Platform Enumeration

Open Source Vulnerability Database (OSVDB)

Internal Sources (Detail)

Alert History

Global Informations

Open Standards

Other Databases

COMPANY

STANDARDS

RECENT POSTS

MENU