Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2014-9732HistoryJun 11, 2015 - 2:59 p.m.
CVE-2014-9732
2015-06-1114:59:00
Debian Security Bug Tracker
security-tracker.debian.org
5
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
0.025 Low
EPSS
Percentile
90.2%
The cabd_extract function in cabd.c in libmspack before 0.5 does not properly maintain decompression callbacks in certain cases where an invalid file follows a valid file, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted CAB archive.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | libmspack | < 0.5-1 | libmspack_0.5-1_all.deb |
| Debian | 11 | all | libmspack | < 0.5-1 | libmspack_0.5-1_all.deb |
| Debian | 999 | all | libmspack | < 0.5-1 | libmspack_0.5-1_all.deb |
| Debian | 13 | all | libmspack | < 0.5-1 | libmspack_0.5-1_all.deb |
Related
cvelist
cvelist
CVE-2014-9732
2015-06-11 14:00:00
prion
prion
Null pointer dereference
2015-06-11 14:59:00
ubuntucve
ubuntucve
CVE-2014-9732
2015-06-11 00:00:00
cve
cve
CVE-2014-9732
2015-06-11 14:59:00
nvd
nvd
CVE-2014-9732
2015-06-11 14:59:00
nessus
nessus
SUSE SLED11 Security Update : cabextract (SUSE-SU-2015:2131-1)
2015-12-01 00:00:00
SUSE SLED11 / SLES11 Security Update : libmspack (SUSE-SU-2015:2215-1)
2015-12-09 00:00:00
SUSE SLED12 / SLES12 Security Update : libmspack (SUSE-SU-2016:0011-1)
2016-01-12 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2015:2215-1)
2021-06-09 00:00:00
SUSE: Security Advisory (SUSE-SU-2016:0011-1)
2021-04-19 00:00:00
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
0.025 Low
EPSS
Percentile
90.2%
Related for DEBIANCVE:CVE-2014-9732