CVE-2018-18584

In mspack/cab.h in libmspack before 0.8alpha and cabextract before 1.8, the CAB block input buffer is one byte too small for the maximal Quantum block, leading to an out-of-bounds write...

CVE-2018-18585

chmdreadheaders in mspack/chmd.c in libmspack before 0.8alpha accepts a filename that has '\0' as its first or second character such as the "/\0" name...

PT-2018-14529

Name of the Vulnerable Software and Affected Versions libmspack versions prior to 0.8alpha Description The issue arises from the chmd read headers function in mspack/chmd.c, which improperly handles filenames starting with '0' as their first or second character. This could potentially lead to...

PT-2018-2693 · None +5 · Libmspack +6

Name of the Vulnerable Software and Affected Versions: libmspack versions prior to 0.8alpha cabextract versions prior to 1.8 Description: The issue is related to an out-of-bounds write in the CAB block input buffer, which can be exploited by a remote attacker to execute arbitrary code or cause a...

UBUNTU-CVE-2018-18585

chmdreadheaders in mspack/chmd.c in libmspack before 0.8alpha accepts a filename that has '\0' as its first or second character such as the "/\0" name...

UBUNTU-CVE-2018-18584

In mspack/cab.h in libmspack before 0.8alpha and cabextract before 1.8, the CAB block input buffer is one byte too small for the maximal Quantum block, leading to an out-of-bounds write...

SUSE-SU-2018:3250-1 Security update for clamav

This update for clamav fixes the following issues: clamav was updated to version 0.100.2. Following security issues were fixed: - CVE-2018-15378: Vulnerability in ClamAV's MEW unpacking feature that could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an...

FreeBSD : clamav -- multiple vulnerabilities (8b812395-c739-11e8-ab5b-9c5c8e75236a)

Joel Esler reports : - CVE-2018-15378 : - Vulnerability in ClamAV's MEW unpacking feature that could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. - Reported by Secunia Research at Flexera. - Fix for a 2-byte buffer over-read bug in...

clamav -- multiple vulnerabilities

Joel Esler reports: CVE-2018-15378: Vulnerability in ClamAV's MEW unpacking feature that could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. Reported by Secunia Research at Flexera. Fix for a 2-byte buffer over-read bug in ClamAV&s PDF...

Photon OS 2.0: Libmspack / Strongswan PHSA-2018-2.0-0075 (deprecated)

An update of 'libmspack', 'strongswan' packages of Photon OS has been released. C Tenable Network Security, Inc. @DEPRECATED@ Disabled on 2/7/2019 The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2018-2.0-0075. The text itself is copyright C...

Photon OS 1.0: Blktrace / Libmspack / Ntp / Openjdk / Perl / Systemd / Vim PHSA-2018-1.0-0167 (deprecated)

An update of 'vim', 'ntp', 'openjdk', 'libmspack', 'blktrace', 'systemd', 'perl' packages of Photon OS has been released. C Tenable Network Security, Inc. @DEPRECATED@ Disabled on 2/7/2019 The descriptive text and package checks in this plugin were extracted from VMware Security Advisory...

Fedora Update for libmspack FEDORA-2018-e1adecd46c

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 27 : libmspack (2018-e1adecd46c)

New upstream version 0.7alpha. Fixes CVE-2018-14679 libmspack: off-by-one error in the CHM PMGI/PMGL chunk number validity checks Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically...

[SECURITY] Fedora 27 Update: libmspack-0.7-0.1.alpha.fc27

The purpose of libmspack is to provide both compression and decompression of some loosely related file formats used by Microsoft...

Security update for clamav (moderate)

This update for clamav to version 0.100.1 fixes the following issues: The following security vulnerabilities were addressed: - CVE-2018-0360: HWP integer overflow, infinite loop vulnerability bsc1101410 - CVE-2018-0361: PDF object length check, unreasonably long time to parse relatively small fil...

Debian: Security Advisory (DLA-1460-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Update : clamav (openSUSE-2018-838)

This update for clamav to version 0.100.1 fixes the following issues: The following security vulnerabilities were addressed : - CVE-2018-0360: HWP integer overflow, infinite loop vulnerability bsc1101410 - CVE-2018-0361: PDF object length check, unreasonably long time to parse relatively small fi...

Fedora Update for libmspack FEDORA-2018-ddda173f56

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES11 Security Update : clamav (SUSE-SU-2018:2232-1)

This update for clamav to version 0.100.1 fixes the following issues: The following security vulnerabilities were addressed : - CVE-2018-0360: HWP integer overflow, infinite loop vulnerability bsc1101410 - CVE-2018-0361: PDF object length check, unreasonably long time to parse relatively small fi...

[SECURITY] Fedora 28 Update: libmspack-0.7-0.1.alpha.fc28

The purpose of libmspack is to provide both compression and decompression of some loosely related file formats used by Microsoft...