NVD Vulnerability Detail

CVE-2010-0098

Summary	ClamAV before 0.96 does not properly handle the (1) CAB and (2) 7z file formats, which allows remote attackers to bypass virus detection via a crafted archive that is compatible with standard archive utilities.
Publication Date	April 9, 2010, 2:30 a.m.
Registration Date	Jan. 29, 2021, 10:55 a.m.
Last Update	Nov. 7, 2023, 11:04 a.m.

CVSS2.0 : HIGH
Score	10.0
Vector	AV:N/AC:L/Au:N/C:C/I:C/A:C
攻撃元区分(AV)	ネットワーク
攻撃条件の複雑さ(AC)	低
攻撃前の認証要否(Au)	不要
機密性への影響(C)	高
完全性への影響(I)	高
可用性への影響(A)	高
Get all privileges.	いいえ
Get user privileges	いいえ
Get other privileges	いいえ
User operation required	いいえ

Affected software configurations

Configuration1	or higher	or less	more than	less than
cpe:2.3:a:clamav:clamav:0.95.2:::::::*
cpe:2.3:a:clamav:clamav:0.86.2:::::::*
cpe:2.3:a:clamav:clamav:0.88.5:::::::*
cpe:2.3:a:clamav:clamav:0.02:::::::*
cpe:2.3:a:clamav:clamav:0.92:::::::*
cpe:2.3:a:clamav:clamav:0.95:rc2::::::
cpe:2.3:a:clamav:clamav:0.15:::::::*
cpe:2.3:a:clamav:clamav:0.90:rc2::::::
cpe:2.3:a:clamav:clamav:0.75.1:::::::*
cpe:2.3:a:clamav:clamav:0.65:::::::*
cpe:2.3:a:clamav:clamav:0.88.7:::::::*
cpe:2.3:a:clamav:clamav:0.81:::::::*
cpe:2.3:a:clamav:clamav:0.86:::::::*
cpe:2.3:a:clamav:clamav:0.01:::::::*
cpe:2.3:a:clamav:clamav:0.85:::::::*
cpe:2.3:a:clamav:clamav:0.84:::::::*
cpe:2.3:a:clamav:clamav:0.3:::::::*
cpe:2.3:a:clamav:clamav:0.93.1:::::::*
cpe:2.3:a:clamavs:clamav:0.04:::::::*
cpe:2.3:a:clamav:clamav:0.90:rc1.1::::::
cpe:2.3:a:clamav:clamav:0.95.1:::::::*
cpe:2.3:a:clamav:clamav:0.93:::::::*
cpe:2.3:a:clamav:clamav:0.90:::::::*
cpe:2.3:a:clamav:clamav:0.70:rc::::::
cpe:2.3:a:clamav:clamav:0.86:rc1::::::
cpe:2.3:a:clamav:clamav:0.68.1:::::::*
cpe:2.3:a:clamav:clamav:0.03:::::::*
cpe:2.3:a:clamav:clamav:0.87.1:::::::*
cpe:2.3:a:clamav:clamav:0.9:rc1::::::
cpe:2.3:a:clamav:clamav:0.74:::::::*
cpe:2.3:a:clamav:clamav:0.93.3:::::::*
cpe:2.3:a:clamav:clamav:0.88:::::::*
cpe:2.3:a:clamav:clamav:0.91:rc1::::::
cpe:2.3:a:clamav:clamav:0.86.1:::::::*
cpe:2.3:a:clamav:clamav:0.71:::::::*
cpe:2.3:a:clamav:clamav:0.88.1:::::::*
cpe:2.3:a:clamav:clamav:0.60p:::::::*
cpe:2.3:a:clamav:clamav:0.94:::::::*
cpe:2.3:a:clamav:clamav:0.80:rc::::::
cpe:2.3:a:clamav:clamav:0.91.2:::::::*
cpe:2.3:a:clamav:clamav:0.90.3:::::::*
cpe:2.3:a:clamav:clamav:0.85.1:::::::*
cpe:2.3:a:clamav:clamav:0.90:rc1::::::
cpe:2.3:a:clamav:clamav:0.13:::::::*
cpe:2.3:a:clamav:clamav:0.10:::::::*
cpe:2.3:a:clamav:clamav:0.94.2:::::::*
cpe:2.3:a:clamav:clamav:0.80:rc3::::::
cpe:2.3:a:clamav:clamav:0.12:::::::*
cpe:2.3:a:clamav:clamav:0.23:::::::*
cpe:2.3:a:clamav:clamav:0.84:rc1::::::
cpe:2.3:a:clamav:clamav:0.80:rc2::::::
cpe:2.3:a:clamav:clamav:0.95:::::::*
cpe:2.3:a:clamav:clamav:0.60:::::::*
cpe:2.3:a:clamav:clamav:0.88.2:::::::*
cpe:2.3:a:clamav:clamav:0.83:::::::*
cpe:2.3:a:clamav:clamav:0.20:::::::*
cpe:2.3:a:clamav:clamav:0.80:rc4::::::
cpe:2.3:a:clamav:clamav:0.90:rc3::::::
cpe:2.3:a:clamav:clamav:0.70:::::::*
cpe:2.3:a:clamav:clamav:0.88.4:::::::*
cpe:2.3:a:clamav:clamav:0.14:::::::*
cpe:2.3:a:clamav:clamav:0.24:::::::*
cpe:2.3:a:clamav:clamav:0.66:::::::*
cpe:2.3:a:clamav:clamav:0.51:::::::*
cpe:2.3:a:clamav:clamav:0.52:::::::*
cpe:2.3:a:clamav:clamav:0.22:::::::*
cpe:2.3:a:clamav:clamav:0.72:::::::*
cpe:2.3:a:clamav:clamav:0.95:rc1::::::
cpe:2.3:a:clamavs:clamav:0.06:::::::*
cpe:2.3:a:clamav:clamav:0.91:rc2::::::
cpe:2.3:a:clamav:clamav:0.75:::::::*
cpe:2.3:a:clamav:clamav:0.05:::::::*
cpe:2.3:a:clamav:clamav:0.91:::::::*
cpe:2.3:a:clamav:clamav:0.54:::::::*
cpe:2.3:a:clamav:clamav:0.96:rc1::::::
cpe:2.3:a:clamav:clamav:0.80:::::::*
cpe:2.3:a:clamav:clamav::rc2::::::*		0.96
cpe:2.3:a:clamav:clamav:0.87:::::::*
cpe:2.3:a:clamav:clamav:0.21:::::::*
cpe:2.3:a:clamav:clamav:0.84:rc2::::::
cpe:2.3:a:clamav:clamav:0.67-1:::::::*
cpe:2.3:a:clamav:clamav:0.14:pre::::::
cpe:2.3:a:clamav:clamav:0.90.1:::::::*
cpe:2.3:a:clamav:clamav:0.91.1:::::::*
cpe:2.3:a:clamav:clamav:0.95.3:::::::*
cpe:2.3:a:clamav:clamav:0.88.3:::::::*
cpe:2.3:a:clamav:clamav:0.67:::::::*
cpe:2.3:a:clamav:clamav:0.92.1:::::::*
cpe:2.3:a:clamav:clamav:0.90.2:::::::*
cpe:2.3:a:clamav:clamav:0.68:::::::*
cpe:2.3:a:clamav:clamav:0.53:::::::*
cpe:2.3:a:clamav:clamav:0.93.2:::::::*
cpe:2.3:a:clamav:clamav:0.88.6:::::::*
cpe:2.3:a:clamav:clamav:0.94.1:::::::*
cpe:2.3:a:clamav:clamav:0.82:::::::*
cpe:2.3:a:clamav:clamav:0.73:::::::*

Related information, measures and tools

No	URL	refsource	タグ
1	http://secunia.com/advisories/39329	SECUNIA	Vendor Advisory
2	https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1826	CONFIRM
3	http://www.securityfocus.com/bid/39262	BID	Patch
4	http://www.vupen.com/english/advisories/2010/0827	VUPEN
5	http://secunia.com/advisories/39293	SECUNIA
6	http://www.vupen.com/english/advisories/2010/0832	VUPEN
7	http://www.ubuntu.com/usn/USN-926-1	UBUNTU
8	http://www.vupen.com/english/advisories/2010/0909	VUPEN
9	http://www.mandriva.com/security/advisories?name=MDVSA-2010:082	MANDRIVA
10	http://www.vupen.com/english/advisories/2010/1001	VUPEN
11	http://secunia.com/advisories/39656	SECUNIA
12	http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00006.html	SUSE
13	http://www.vupen.com/english/advisories/2010/1206	VUPEN
14	http://www.openwall.com/lists/oss-security/2010/04/08/3	MLIST
15	http://www.openwall.com/lists/oss-security/2010/04/06/4	MLIST
16	http://lists.apple.com/archives/security-announce/2010//Aug/msg00003.html	APPLE
17	http://support.apple.com/kb/HT4312	CONFIRM
18	http://git.clamav.net/gitweb?p=clamav-devel.git%3Ba=blob_plain%3Bf=ChangeLog%3Bhb=clamav-0.96

Common Vulnerabilities List

JVN Vulnerability Information

複数のアンチウィルス製品に脆弱性

Title	複数のアンチウィルス製品に脆弱性
Summary	複数のアンチウィルス製品が影響を受ける可能性があります。詳しくは各ベンダおよび CERT-FI が提供する情報をご確認ください。複数のアンチウィルス製品には、圧縮アーカイブの処理に問題があり、悪意あるファイルが同梱されていることを検知できない脆弱性が存在します。本件は、アンチウイルス製品の脆弱性であり、圧縮アーカイバ製品や圧縮形式の脆弱性ではありません。なお、CERT-FI のアドバイザリには、発見者が本脆弱性を発見した際に調査を行った圧縮形式として、ZIP、CAB、GZIP、7Z および RAR が記載されていますが、これら 5 形式のみならず LZH や ACE など、他の圧縮形式でも同じ問題が発生する可能性があります。
Possible impacts	悪意あるファイルが細工された圧縮アーカイブに同梱されることで、アンチウィルス製品が提供する検知機能を迂回される可能性があります。
Solution	[アップデートする] 各ベンダが提供する情報をもとに最新版にアップデートしてください。
Publication Date	April 13, 2010, midnight
Registration Date	May 10, 2010, 7:08 p.m.
Last Update	Sept. 8, 2010, 3:50 p.m.

Affected System

アップル

Apple Mac OS X Server v10.5.8

Apple Mac OS X Server v10.6.4

ソースネクスト

ウイルスセキュリティ 10.0.0057 未満

ウイルスセキュリティ 9.30.0537 未満

ウイルスセキュリティZERO 10.0.0057 未満

ウイルスセキュリティZERO 9.30.0537 未満

ClamAV

ClamAV 0.96 未満

ESET

ESET NOD32アンチウイルス V3.0

ESET NOD32アンチウイルス V4.0

ESET Smart Security V3.0

ESET Smart Security V4.0

CVE (情報セキュリティ共通脆弱性識別子)

No	Name	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2010-0098	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0098
National Vulnerability Database (NVD)
2	CVE-2010-0098	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0098

CWE (共通脆弱性タイプ一覧)

No	Name	URL
JVNDB
1	CWE-noinfo	https://www.ipa.go.jp/security/vuln/CWE.html#CWEnoinfo

ベンダー情報

No	Name	URL
Apple Security Updates
1	HT4312	http://support.apple.com/kb/HT4312
Apple セキュリティアップデート
2	HT4312	http://support.apple.com/kb/HT4312?viewlocale=ja_JP
ClamAV
3	Bug 1826	https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1826
ESET
4	Top Page	http://www.eset.com/
「ウイルスセキュリティ」の脆弱性情報について
5	圧縮アーカイブの処理に関する脆弱性（2010/04/13）	http://sec.sourcenext.info/support/bulletin.html
キヤノンITソリューションズ
6	notify20100401	http://canon-its.jp/supp/eset/notify20100401.html

その他

No	Name	URL
CERT-FI
1	CERT-FI Advisory on Antivirus Signature Evasion Using Archive Files	http://www.cert.fi/en/reports/2010/vulnerability343848.html
JVN
2	JVNVU#545953	http://jvn.jp/cert/JVNVU545953/
Secunia Advisory
3	SA39329	http://secunia.com/advisories/39329
SecurityFocus
4	39262	http://www.securityfocus.com/bid/39262
VUPEN Security
5	VUPEN/ADV-2010-0827	http://www.vupen.com/english/advisories/2010/0827

Change Log

No	Changed Details	Date of change
0	[2010年05月10日] 掲載 [2010年07月15日] 概要：概要の情報を更新 [2010年09月08日] 影響を受けるシステム：アップル (HT4312) の情報を追加ベンダ情報：アップル (HT4312) を追加	Feb. 17, 2018, 10:37 a.m.

Configuration1	or higher	or less	more than	less than
cpe:2.3:a:clamav:clamav:0.95.2:::::::*
cpe:2.3:a:clamav:clamav:0.86.2:::::::*
cpe:2.3:a:clamav:clamav:0.88.5:::::::*
cpe:2.3:a:clamav:clamav:0.02:::::::*
cpe:2.3:a:clamav:clamav:0.92:::::::*
cpe:2.3:a:clamav:clamav:0.95:rc2::::::
cpe:2.3:a:clamav:clamav:0.15:::::::*
cpe:2.3:a:clamav:clamav:0.90:rc2::::::
cpe:2.3:a:clamav:clamav:0.75.1:::::::*
cpe:2.3:a:clamav:clamav:0.65:::::::*
cpe:2.3:a:clamav:clamav:0.88.7:::::::*
cpe:2.3:a:clamav:clamav:0.81:::::::*
cpe:2.3:a:clamav:clamav:0.86:::::::*
cpe:2.3:a:clamav:clamav:0.01:::::::*
cpe:2.3:a:clamav:clamav:0.85:::::::*
cpe:2.3:a:clamav:clamav:0.84:::::::*
cpe:2.3:a:clamav:clamav:0.3:::::::*
cpe:2.3:a:clamav:clamav:0.93.1:::::::*
cpe:2.3:a:clamavs:clamav:0.04:::::::*
cpe:2.3:a:clamav:clamav:0.90:rc1.1::::::
cpe:2.3:a:clamav:clamav:0.95.1:::::::*
cpe:2.3:a:clamav:clamav:0.93:::::::*
cpe:2.3:a:clamav:clamav:0.90:::::::*
cpe:2.3:a:clamav:clamav:0.70:rc::::::
cpe:2.3:a:clamav:clamav:0.86:rc1::::::
cpe:2.3:a:clamav:clamav:0.68.1:::::::*
cpe:2.3:a:clamav:clamav:0.03:::::::*
cpe:2.3:a:clamav:clamav:0.87.1:::::::*
cpe:2.3:a:clamav:clamav:0.9:rc1::::::
cpe:2.3:a:clamav:clamav:0.74:::::::*
cpe:2.3:a:clamav:clamav:0.93.3:::::::*
cpe:2.3:a:clamav:clamav:0.88:::::::*
cpe:2.3:a:clamav:clamav:0.91:rc1::::::
cpe:2.3:a:clamav:clamav:0.86.1:::::::*
cpe:2.3:a:clamav:clamav:0.71:::::::*
cpe:2.3:a:clamav:clamav:0.88.1:::::::*
cpe:2.3:a:clamav:clamav:0.60p:::::::*
cpe:2.3:a:clamav:clamav:0.94:::::::*
cpe:2.3:a:clamav:clamav:0.80:rc::::::
cpe:2.3:a:clamav:clamav:0.91.2:::::::*
cpe:2.3:a:clamav:clamav:0.90.3:::::::*
cpe:2.3:a:clamav:clamav:0.85.1:::::::*
cpe:2.3:a:clamav:clamav:0.90:rc1::::::
cpe:2.3:a:clamav:clamav:0.13:::::::*
cpe:2.3:a:clamav:clamav:0.10:::::::*
cpe:2.3:a:clamav:clamav:0.94.2:::::::*
cpe:2.3:a:clamav:clamav:0.80:rc3::::::
cpe:2.3:a:clamav:clamav:0.12:::::::*
cpe:2.3:a:clamav:clamav:0.23:::::::*
cpe:2.3:a:clamav:clamav:0.84:rc1::::::
cpe:2.3:a:clamav:clamav:0.80:rc2::::::
cpe:2.3:a:clamav:clamav:0.95:::::::*
cpe:2.3:a:clamav:clamav:0.60:::::::*
cpe:2.3:a:clamav:clamav:0.88.2:::::::*
cpe:2.3:a:clamav:clamav:0.83:::::::*
cpe:2.3:a:clamav:clamav:0.20:::::::*
cpe:2.3:a:clamav:clamav:0.80:rc4::::::
cpe:2.3:a:clamav:clamav:0.90:rc3::::::
cpe:2.3:a:clamav:clamav:0.70:::::::*
cpe:2.3:a:clamav:clamav:0.88.4:::::::*
cpe:2.3:a:clamav:clamav:0.14:::::::*
cpe:2.3:a:clamav:clamav:0.24:::::::*
cpe:2.3:a:clamav:clamav:0.66:::::::*
cpe:2.3:a:clamav:clamav:0.51:::::::*
cpe:2.3:a:clamav:clamav:0.52:::::::*
cpe:2.3:a:clamav:clamav:0.22:::::::*
cpe:2.3:a:clamav:clamav:0.72:::::::*
cpe:2.3:a:clamav:clamav:0.95:rc1::::::
cpe:2.3:a:clamavs:clamav:0.06:::::::*
cpe:2.3:a:clamav:clamav:0.91:rc2::::::
cpe:2.3:a:clamav:clamav:0.75:::::::*
cpe:2.3:a:clamav:clamav:0.05:::::::*
cpe:2.3:a:clamav:clamav:0.91:::::::*
cpe:2.3:a:clamav:clamav:0.54:::::::*
cpe:2.3:a:clamav:clamav:0.96:rc1::::::
cpe:2.3:a:clamav:clamav:0.80:::::::*
cpe:2.3:a:clamav:clamav::rc2::::::*		0.96
cpe:2.3:a:clamav:clamav:0.87:::::::*
cpe:2.3:a:clamav:clamav:0.21:::::::*
cpe:2.3:a:clamav:clamav:0.84:rc2::::::
cpe:2.3:a:clamav:clamav:0.67-1:::::::*
cpe:2.3:a:clamav:clamav:0.14:pre::::::
cpe:2.3:a:clamav:clamav:0.90.1:::::::*
cpe:2.3:a:clamav:clamav:0.91.1:::::::*
cpe:2.3:a:clamav:clamav:0.95.3:::::::*
cpe:2.3:a:clamav:clamav:0.88.3:::::::*
cpe:2.3:a:clamav:clamav:0.67:::::::*
cpe:2.3:a:clamav:clamav:0.92.1:::::::*
cpe:2.3:a:clamav:clamav:0.90.2:::::::*
cpe:2.3:a:clamav:clamav:0.68:::::::*
cpe:2.3:a:clamav:clamav:0.53:::::::*
cpe:2.3:a:clamav:clamav:0.93.2:::::::*
cpe:2.3:a:clamav:clamav:0.88.6:::::::*
cpe:2.3:a:clamav:clamav:0.94.1:::::::*
cpe:2.3:a:clamav:clamav:0.82:::::::*
cpe:2.3:a:clamav:clamav:0.73:::::::*