oss-sec mailing list archives
Re: CVE Request [two ids] -- cabextract -- 1, Infinite loop in MS-ZIP and Quantum decoders (minor) 2, Integer wrap-around (crash) by processing certain *.cab files in test archive mode
From: Josh Bressers <bressers () redhat com>
Date: Mon, 2 Aug 2010 16:08:58 -0400 (EDT)
----- "Jan Lieskovsky" <jlieskov () redhat com> wrote:
Hi Steve, vendors, two security issues have been reported against cabextract: 1, Infinite loop in MS-ZIP and Quantum decoders (minor issue): A deficiency has been reported in the way cabextract extracted certain Cabinet (*.cab) files, using the MZ-ZIP and Quantum decompressors. If a local user was tricked into opening a specially-crafted *.cab file, it could lead to infinite loop.
CVE-2010-2800
2, Integer wrap-around (crash) by processing certain *.cab files in test archive mode An integer wrap-around flaw has been reported in the way cabextract processed certain Cabinet (*.cab) archive files. If a local user was tricked into opening a specially-crafted *.cab archive in test archive mode, it could lead to cabextract executable crash.
CVE-2010-2801 Thanks. -- JB
Current thread:
- CVE Request [two ids] -- cabextract -- 1, Infinite loop in MS-ZIP and Quantum decoders (minor) 2, Integer wrap-around (crash) by processing certain *.cab files in test archive mode Jan Lieskovsky (Aug 02)
- <Possible follow-ups>
- Re: CVE Request [two ids] -- cabextract -- 1, Infinite loop in MS-ZIP and Quantum decoders (minor) 2, Integer wrap-around (crash) by processing certain *.cab files in test archive mode Josh Bressers (Aug 02)