CVE-2010-1311

CVSS 5.0 - MEDIUM
Description

The qtm_decompress function in libclamav/mspack.c in ClamAV before 0.96 allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted CAB archive that uses the Quantum (aka .Q) compression format. NOTE: some of these details are obtained from third party information.

Affected Products
50 of 96
Vendor Product Version
clamav clamav All versions
clamav clamav 0.01
clamav clamav 0.02
clamav clamav 0.3
clamav clamav 0.03
clamav clamav 0.05
clamav clamav 0.9
clamav clamav 0.10
clamav clamav 0.12
clamav clamav 0.13
clamav clamav 0.14
clamav clamav 0.14
clamav clamav 0.15
clamav clamav 0.20
clamav clamav 0.21
clamav clamav 0.22
clamav clamav 0.23
clamav clamav 0.24
clamav clamav 0.51
clamav clamav 0.52
clamav clamav 0.53
clamav clamav 0.54
clamav clamav 0.60
clamav clamav 0.60p
clamav clamav 0.65
clamav clamav 0.66
clamav clamav 0.67
clamav clamav 0.67-1
clamav clamav 0.68
clamav clamav 0.68.1
clamav clamav 0.70
clamav clamav 0.70
clamav clamav 0.71
clamav clamav 0.72
clamav clamav 0.73
clamav clamav 0.74
clamav clamav 0.75
clamav clamav 0.75.1
clamav clamav 0.80
clamav clamav 0.80
clamav clamav 0.80
clamav clamav 0.80
clamav clamav 0.80
clamav clamav 0.81
clamav clamav 0.82
clamav clamav 0.83
clamav clamav 0.84
clamav clamav 0.84
clamav clamav 0.84
clamav clamav 0.85
Showing first 50 of 96 affected products.
References
http://git.clamav.net/gitweb?p=clamav-devel.git%3B...
http://lists.apple.com/archives/security-announce/...
http://lists.opensuse.org/opensuse-security-announ...
http://secunia.com/advisories/39293
http://secunia.com/advisories/39329
http://secunia.com/advisories/39656
http://support.apple.com/kb/HT4312
http://www.mandriva.com/security/advisories?name=M...
http://www.securityfocus.com/bid/39262
http://www.ubuntu.com/usn/USN-926-1
http://www.vupen.com/english/advisories/2010/0827
http://www.vupen.com/english/advisories/2010/0832
http://www.vupen.com/english/advisories/2010/0909
http://www.vupen.com/english/advisories/2010/1001
http://www.vupen.com/english/advisories/2010/1206
https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1...
http://git.clamav.net/gitweb?p=clamav-devel.git%3B...
http://lists.apple.com/archives/security-announce/...
http://lists.opensuse.org/opensuse-security-announ...
http://secunia.com/advisories/39293
Weakness Types
CWE-20
CVE Information
CVE ID:
CVE-2010-1311
Published:
2010-04-08
Modified:
2026-04-29
CVSS Score:
5.0
Severity:
MEDIUM
Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P
Affected Vendors
clamav clamavs
Quick Actions
View on NVD Find Similar CVEs
CVSS Severity Scale
0.0 - 3.9 LOW
4.0 - 6.9 MEDIUM
7.0 - 8.9 HIGH
9.0 - 10.0 CRITICAL