VYPR
Unrated severityNVD Advisory· Published Aug 9, 2010· Updated Jun 16, 2026

CVE-2010-2801

CVE-2010-2801

Description

Integer signedness error in the Quantum decompressor in cabextract before 1.3, when archive test mode is used, allows user-assisted remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Quantum archive in a .cab file, related to the libmspack library.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

11
  • cpe:2.3:a:cabextract_project:cabextract:*:*:*:*:*:*:*:*+ 9 more
    • cpe:2.3:a:cabextract_project:cabextract:*:*:*:*:*:*:*:*range: <=1.2
    • cpe:2.3:a:cabextract_project:cabextract:0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:cabextract_project:cabextract:0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:cabextract_project:cabextract:0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:cabextract_project:cabextract:0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:cabextract_project:cabextract:0.5:*:*:*:*:*:*:*
    • cpe:2.3:a:cabextract_project:cabextract:0.6:*:*:*:*:*:*:*
    • cpe:2.3:a:cabextract_project:cabextract:1.0:*:*:*:*:*:*:*
    • cpe:2.3:a:cabextract_project:cabextract:1.1:*:*:*:*:*:*:*
    • (no CPE)range: <1.3

Patches

Vulnerability mechanics

References

12

News mentions

0

No linked articles in our index yet.