An integer wrap-around flaw has been reported in the way cabextract processed certain Cabinet (*.cab) archive files. If a local user was tricked into opening a specially-crafted *.cab archive in test archive mode, it could lead to cabextract executable crash. References: [1] http://bugs.gentoo.org/show_bug.cgi?id=329891 Upstream patches: [2] http://libmspack.svn.sourceforge.net/viewvc/libmspack/libmspack/trunk/mspack/qtmd.c?r1=114&r2=113 [3] http://libmspack.svn.sourceforge.net/viewvc/libmspack?view=revision&revision=118
This issue affects the versions of the cabextract package, as shipped with Fedora release of 12 and 13. Please fix.
Created cabextract tracking bugs for this issue Affects: fedora-all [bug 620457]
The CVE identifier of CVE-2010-2801 has been assigned to this.
cabextract (together with wine and openoffice.org per libmspack upstream) should use the system-wide libmspack library instead of an embedded copy