CVE-2010-0098 Information

Feb 14, 2021 cve

Description

ClamAV before 0.96 does not properly handle the (1) CAB and (2) 7z file formats which allows remote attackers to bypass virus detection via a crafted archive that is compatible with standard archive utilities.

Reference

http://git.clamav.net/gitweb?p=clamav-devel.git;a=blob_plain;f=ChangeLog;hb=clamav-0.96 http://lists.apple.com/archives/security-announce/2010//Aug/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00006.html http://secunia.com/advisories/39293 http://secunia.com/advisories/39329 http://secunia.com/advisories/39656 http://support.apple.com/kb/HT4312 http://www.mandriva.com/security/advisories?name=MDVSA-2010:082 http://www.openwall.com/lists/oss-security/2010/04/06/4 http://www.openwall.com/lists/oss-security/2010/04/08/3 http://www.securityfocus.com/bid/39262 http://www.ubuntu.com/usn/USN-926-1 http://www.vupen.com/english/advisories/2010/0827 http://www.vupen.com/english/advisories/2010/0832 http://www.vupen.com/english/advisories/2010/0909 http://www.vupen.com/english/advisories/2010/1001 http://www.vupen.com/english/advisories/2010/1206 https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1826

Share on: