Debian DLA-1460-1 : libmspack security update

It was discovered that there were several vulnerabilities in libsmpack, a library used to handle Microsoft compression formats. A remote attacker could craft malicious .CAB, .CHM or .KWAJ files and use these flaws to cause a denial of service via application crash, or potentially execute arbitrar...

[SECURITY] [DLA-1460-1] libmspack security update

Package : libmspack Version : 0.5-1+deb8u2 CVE ID : CVE-2018-14681 CVE-2018-14682 CVE-2018-14679 CVE-2018-14680 Debian Bugs : 904799 904800 904801 904802 It was discovered that there were several vulnerabilities in libsmpack, a library used to handle Microsoft compression formats. A remote attack...

DLA-1460-1 libmspack - security update

Bulletin has no description...

Ubuntu 14.04 LTS : ClamAV vulnerabilities (USN-3728-2)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3728-2 advisory. USN-3728-1 fixed several vulnerabilities in libmspack. In Ubuntu 14.04 libmspack is included into ClamAV. This update provides the corresponding update f...

Debian DSA-4260-1 : libmspack - security update

Several vulnerabilities were discovered in libsmpack, a library used to handle Microsoft compression formats. A remote attacker could craft malicious CAB, CHM or KWAJ files and use these flaws to cause a denial of service via application crash, or potentially execute arbitrary code. C Tenable...

[SECURITY] [DSA 4260-1] libmspack security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4260-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso August 02, 2018 https://www.debian.org/security/faq -...

[SECURITY] [DSA 4260-1] libmspack security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4260-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso August 02, 2018 https://www.debian.org/security/faq -...

USN-3728-3: ClamAV vulnerabilities

USN-3728-2 fixed several vulnerabilities in ClamAV. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: Hanno Böck discovered that libmspack incorrectly handled certain CHM files. An attacker could possibly use this issue to cause a denial of service...

DSA-4260-1 libmspack - security update

Bulletin has no description...

Ubuntu 16.04 LTS / 18.04 LTS : libmspack vulnerabilities (USN-3728-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3728-1 advisory. Hanno Bck discovered that libmspack incorrectly handled certain CHM files. An attacker could possibly use this issue to cause a denial of...

USN-3728-2: ClamAV vulnerabilities

USN-3728-1 fixed several vulnerabilities in libmspack. In Ubuntu 14.04 libmspack is included into ClamAV. This update provides the corresponding update for Ubuntu 14.04 LTS. Original advisory details: Hanno Böck discovered that libmspack incorrectly handled certain CHM files. An attacker could...

USN-3728-2 clamav vulnerabilities

USN-3728-1 fixed several vulnerabilities in libmspack. In Ubuntu 14.04 libmspack is included into ClamAV. This update provides the corresponding update for Ubuntu 14.04 LTS. Original advisory details: Hanno Böck discovered that libmspack incorrectly handled certain CHM files. An attacker could...

USN-3728-1: libmspack vulnerabilities

Hanno Böck discovered that libmspack incorrectly handled certain CHM files. An attacker could possibly use this issue to cause a denial of service. CVE-2018-14679, CVE-2018-14680 Jakub Wilk discovered that libmspack incorrectly handled certain KWAJ files. An attacker could possibly use this issue...

USN-3728-1 libmspack vulnerabilities

Hanno Böck discovered that libmspack incorrectly handled certain CHM files. An attacker could possibly use this issue to cause a denial of service. CVE-2018-14679, CVE-2018-14680 Jakub Wilk discovered that libmspack incorrectly handled certain KWAJ files. An attacker could possibly use this issue...

CVE-2018-14680

An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. It does not reject blank CHM filenames...

CVE-2018-14682

An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. There is an off-by-one error in the TOLOWER macro for CHM decompression...

CVE-2018-14681

An issue was discovered in kwajdreadheaders in mspack/kwajd.c in libmspack before 0.7alpha. Bad KWAJ file header extensions could cause a one or two byte overwrite...

Debian: Security Advisory (DSA-4260-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2018-14679

An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. There is an off-by-one error in the CHM PMGI/PMGL chunk number validity checks, which could lead to denial of service uninitialized data dereference and application crash...

CVE-2018-14681

An issue was discovered in kwajdreadheaders in mspack/kwajd.c in libmspack before 0.7alpha. Bad KWAJ file header extensions could cause a one or two byte overwrite...