K000161631: libmspack vulnerability CVE-2018-18585

Security Advisory Description chmdreadheaders in mspack/chmd.c in libmspack before 0.8alpha accepts a filename that has '\0' as its first or second character such as the "/\0" name. CVE-2018-18585 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory...

EUVD-2014-9370

Malware in sbrugna...

EUVD-2018-10304

Malware in sbrugna...

EUVD-2015-4487

Malware in sbrugna...

EUVD-2015-4492

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2018-18585

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - chmdreadheaders in mspack/chmd.c in libmspack before 0.8alpha accepts a filename that has '\0' as its first or second character such as the /\0 name...

Alibaba Cloud Linux 3 : 0058: libmspack (ALINUX3-SA-2022:0058)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2022:0058 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2019-1010305: libmspack 0.9.1alpha is affected...

SUSE SLED15 / SLES15 Security Update : libmspack (SUSE-SU-2021:2802-1)

The remote SUSE Linux SLED15 / SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:2802-1 advisory. - An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. There is an off-by-one error in the CHM PMGI/PMGL chunk numbe...

RHEL 7 : libmspack (RHSA-2020:3848)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:3848 advisory. The libmspack packages contain a library providing compression and extraction of the Cabinet CAB file format used by Microsoft. Security Fixes:...

The vulnerability of the kwajd_read_headers function in the Libmspack library and the CAB-file decompression tool SABExtract allows a hacker to cause a service failure.

The vulnerability of the kwajdreadheaders function in the Libmspack library and the CAB-file decompression utility SabExtract is related to writing beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to cause a service failure using a KWAJ format file...

The vulnerability of the chmd_read_headers() function in the Libmspack library allows a hacker to disclose protected information.

The vulnerability of the chmdreadheaders function libmspack/mspack/chmd.c in the Libmspack library arises from operations that go beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a remote attacker to disclose sensitive information through a specially created chm fil...

The vulnerability of the Libmspack library and the CAB-file decompression utility SabExtract, which allows a hacker to execute arbitrary code or cause a service failure.

The vulnerability of the Libmspack library mspack/cab.h and the CAB-file decompression utilities provided by SabExtract are related to memory buffer overflow attacks. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or cause system failures remotely...

USN-3814-1 libmspack vulnerabilities

It was discovered libmspack incorrectly handled certain malformed CAB files. A remote attacker could use this issue to cause libmspack to crash, resulting in a denial of service. CVE-2018-18584, CVE-2018-18585...

CVE-2018-18586

chmextract.c in the chmextract sample program, as distributed with libmspack before 0.8alpha, does not protect against absolute/relative pathnames in CHM files, leading to Directory Traversal. NOTE: the vendor disputes that this is a libmspack vulnerability, because chmextract.c was only intended...

CVE-2018-18585

chmdreadheaders in mspack/chmd.c in libmspack before 0.8alpha accepts a filename that has '\0' as its first or second character such as the "/\0" name...

CVE-2015-4469

The chmdreadheaders function in chmd.c in libmspack before 0.5 does not validate name lengths, which allows remote attackers to cause a denial of service buffer over-read and application crash via a crafted CHM file...

CVE-2014-9732

The cabdextract function in cabd.c in libmspack before 0.5 does not properly maintain decompression callbacks in certain cases where an invalid file follows a valid file, which allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted CAB...