Unrated severityNVD Advisory· Published Aug 9, 2010· Updated Apr 29, 2026

CVE-2010-2800

Description

The MS-ZIP decompressor in cabextract before 1.3 allows remote attackers to cause a denial of service (infinite loop) via a malformed MSZIP archive in a .cab file during a (1) test or (2) extract action, related to the libmspack library.

Affected products

Cabextract Project/Cabextract9 versions
cpe:2.3:a:cabextract_project:cabextract:*:*:*:*:*:*:*:*+ 8 more
- cpe:2.3:a:cabextract_project:cabextract:*:*:*:*:*:*:*:*range: <=1.2
- cpe:2.3:a:cabextract_project:cabextract:0.1:*:*:*:*:*:*:*
- cpe:2.3:a:cabextract_project:cabextract:0.2:*:*:*:*:*:*:*
- cpe:2.3:a:cabextract_project:cabextract:0.3:*:*:*:*:*:*:*
- cpe:2.3:a:cabextract_project:cabextract:0.4:*:*:*:*:*:*:*
- cpe:2.3:a:cabextract_project:cabextract:0.5:*:*:*:*:*:*:*
- cpe:2.3:a:cabextract_project:cabextract:0.6:*:*:*:*:*:*:*
- cpe:2.3:a:cabextract_project:cabextract:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:cabextract_project:cabextract:1.1:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

libmspack.svn.sourceforge.net/viewvc/libmspacknvdPatch
libmspack.svn.sourceforge.net/viewvc/libmspacknvdPatch
www.cabextract.org.uknvdPatch
www.vupen.com/english/advisories/2010/1903nvdPatchVendor Advisory
bugs.gentoo.org/show_bug.cginvd
marc.infonvd
marc.infonvd
bugzilla.redhat.com/show_bug.cginvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000