Lucene search
HistoryJun 11, 2015 - 2:59 p.m.
CVE-2015-4471
cve-2015-4471
buffer under-read
application crash
denial of service
remote attackers
libmspack
lzxd_decompress
cab archive
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
6.4 Medium
AI Score
Confidence
Low
0.009 Low
EPSS
Percentile
82.6%
Off-by-one error in the lzxd_decompress function in lzxd.c in libmspack before 0.5 allows remote attackers to cause a denial of service (buffer under-read and application crash) via a crafted CAB archive.
Affected configurations
Node
libmspack_projectlibmspackRange≤0.4-3
| CPE | Name | Operator | Version |
|---|---|---|---|
| libmspack_project:libmspack | libmspack project libmspack | le | 0.4-3 |
Related
nvd
nvd
CVE-2015-4471
2015-06-11 14:59:06
cvelist
cvelist
CVE-2015-4471
2015-06-11 14:00:00
ubuntucve
ubuntucve
CVE-2015-4471
2015-06-11 00:00:00
debiancve
debiancve
CVE-2015-4471
2015-06-11 14:59:06
prion
prion
Design/Logic Flaw
2015-06-11 14:59:00
nessus
nessus
SUSE SLED11 Security Update : cabextract (SUSE-SU-2015:2131-1)
2015-12-01 00:00:00
SUSE SLED11 / SLES11 Security Update : libmspack (SUSE-SU-2015:2215-1)
2015-12-09 00:00:00
SUSE SLED12 / SLES12 Security Update : libmspack (SUSE-SU-2016:0011-1)
2016-01-12 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2015:2215-1)
2021-06-09 00:00:00
SUSE: Security Advisory (SUSE-SU-2016:0011-1)
2021-04-19 00:00:00
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
6.4 Medium
AI Score
Confidence
Low
0.009 Low
EPSS
Percentile
82.6%
Related for CVE-2015-4471