Your submission was sent successfully! Close

CVE-2010-1311

Published: 9 April 2010

The qtm_decompress function in libclamav/mspack.c in ClamAV before 0.96 allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted CAB archive that uses the Quantum (aka .Q) compression format. NOTE: some of these details are obtained from third party information.

Priority

Medium

Status

Package Release Status
clamav
Launchpad, Ubuntu, Debian
dapper
Released (0.95.3+dfsg-1ubuntu0.09.04~dapper3)
hardy
Released (0.95.3+dfsg-1ubuntu0.09.04~hardy2.3)
intrepid
Released (0.95.3+dfsg-1ubuntu0.09.04~intrepid3)
jaunty
Released (0.95.3+dfsg-1ubuntu0.09.04.1)
karmic
Released (0.95.3+dfsg-1ubuntu0.09.10.1)
upstream
Released (0.96)