Executive Summary

Informations
NameCVE-2010-1311First vendor Publication2010-04-08
VendorCveLast vendor Modification2010-08-31

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:P)
Cvss Base Score5Attack RangeNetwork
Cvss Impact Score2.9Attack ComplexityLow
Cvss Expoit Score10AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

The qtm_decompress function in libclamav/mspack.c in ClamAV before 0.96 allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted CAB archive that uses the Quantum (aka .Q) compression format. NOTE: some of these details are obtained from third party information.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1311

CWE : Common Weakness Enumeration

idName
CWE-20Improper Input Validation

CPE : Common Platform Enumeration

TypeDescriptionCount
Application94
Application2

OpenVAS Exploits

DateDescription
2011-03-09Name : Gentoo Security Advisory GLSA 201009-06 (clamav)
File : nvt/glsa_201009_06.nasl
2010-05-28Name : Mandriva Update for clamav MDVSA-2010:082-1 (clamav)
File : nvt/gb_mandriva_MDVSA_2010_082_1.nasl
2010-04-19Name : Mandriva Update for clamav MDVSA-2010:082 (clamav)
File : nvt/gb_mandriva_MDVSA_2010_082.nasl
2010-04-13Name : ClamAV Security Bypass And Memory Corruption Vulnerabilities (Win)
File : nvt/gb_clamav_sec_bypass_n_mem_corr_vuln_win.nasl
2010-04-09Name : Ubuntu Update for clamav vulnerabilities USN-926-1
File : nvt/gb_ubuntu_USN_926_1.nasl
2010-03-02Name : Mandriva Update for drakxtools MDVA-2010:082 (drakxtools)
File : nvt/gb_mandriva_MDVA_2010_082.nasl

Open Source Vulnerability Database (OSVDB)

idDescription
63818ClamAV libclamav/mspack.c qtm_decompress Function Crafted CAB Archive DoS

Nessus® Vulnerability Scanner

DateDescription
2010-12-02Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_clamav-100414.nasl - Type : ACT_GATHER_INFO
2010-10-11Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_clamav-6990.nasl - Type : ACT_GATHER_INFO
2010-09-08Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201009-06.nasl - Type : ACT_GATHER_INFO
2010-08-24Name : The remote host is missing a Mac OS X update that fixes security issues.
File : macosx_SecUpd2010-005.nasl - Type : ACT_GATHER_INFO
2010-04-28Name : The remote SuSE 9 host is missing a security-related patch.
File : suse9_12610.nasl - Type : ACT_GATHER_INFO
2010-04-26Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_clamav-6983.nasl - Type : ACT_GATHER_INFO
2010-04-19Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2010-082.nasl - Type : ACT_GATHER_INFO
2010-04-09Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-926-1.nasl - Type : ACT_GATHER_INFO
2010-04-07Name : The remote antivirus service is vulnerable to a file scan evasion attack.
File : clamav_0_96.nasl - Type : ACT_GATHER_INFO

Internal Sources (Detail)

SourceUrl
APPLEhttp://lists.apple.com/archives/security-announce/2010//Aug/msg00003.html
BIDhttp://www.securityfocus.com/bid/39262
CONFIRMhttp://git.clamav.net/gitweb?p=clamav-devel.git;a=blob_plain;f=ChangeLog;hb=c...
http://support.apple.com/kb/HT4312
https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1771
MANDRIVAhttp://www.mandriva.com/security/advisories?name=MDVSA-2010:082
SECUNIAhttp://secunia.com/advisories/39293
http://secunia.com/advisories/39329
http://secunia.com/advisories/39656
SUSEhttp://lists.opensuse.org/opensuse-security-announce/2010-04/msg00006.html
UBUNTUhttp://www.ubuntu.com/usn/USN-926-1
VUPENhttp://www.vupen.com/english/advisories/2010/0827
http://www.vupen.com/english/advisories/2010/0832
http://www.vupen.com/english/advisories/2010/0909
http://www.vupen.com/english/advisories/2010/1001
http://www.vupen.com/english/advisories/2010/1206

Alert History

If you want to see full details history, please login or register.
0
1
DateInformations
2014-02-17 10:54:43
  • Multiple Updates
2013-05-10 23:22:03
  • Multiple Updates