CVE-2010-0098
Published: 8 April 2010
ClamAV before 0.96 does not properly handle the (1) CAB and (2) 7z file formats, which allows remote attackers to bypass virus detection via a crafted archive that is compatible with standard archive utilities.
Notes
Author | Note |
---|---|
jdstrand | scan bypass via crafted CAB files |
Priority
Status
Package | Release | Status |
---|---|---|
clamav Launchpad, Ubuntu, Debian |
upstream |
Released
(0.96)
|
dapper |
Released
(0.95.3+dfsg-1ubuntu0.09.04~dapper3)
|
|
hardy |
Released
(0.95.3+dfsg-1ubuntu0.09.04~hardy2.3)
|
|
intrepid |
Released
(0.95.3+dfsg-1ubuntu0.09.04~intrepid3)
|
|
jaunty |
Released
(0.95.3+dfsg-1ubuntu0.09.04.1)
|
|
karmic |
Released
(0.95.3+dfsg-1ubuntu0.09.10.1)
|
|
Patches: debdiff: https://bugs.launchpad.net/ubuntu/+source/clamav/+bug/553266 |