Lucene search
K

610 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 5:18 a.m.3 views

SUSE CVE-2015-4470

Off-by-one error in the inflate function in mszipd.c in libmspack before 0.5 allows remote attackers to cause a denial of service buffer over-read and application crash via a crafted CAB archive...

4.3CVSS6.7AI score0.01455EPSS
Exploits1References7
SUSE CVE
SUSE CVE
added 2023/02/15 5:18 a.m.4 views

SUSE CVE-2015-4471

Off-by-one error in the lzxddecompress function in lzxd.c in libmspack before 0.5 allows remote attackers to cause a denial of service buffer under-read and application crash via a crafted CAB archive...

4.3CVSS6.7AI score0.02319EPSS
Exploits1References7
SUSE CVE
SUSE CVE
added 2023/02/15 5:18 a.m.2 views

SUSE CVE-2015-4472

Off-by-one error in the READENCINT macro in chmd.c in libmspack before 0.5 allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted CHM file...

6.8CVSS7.5AI score0.01586EPSS
Exploits1References7
SUSE CVE
SUSE CVE
added 2023/02/15 4:49 a.m.3 views

SUSE CVE-2017-6419

mspack/lzxd.c in libmspack 0.5alpha, as used in ClamAV 0.99.2, allows remote attackers to cause a denial of service heap-based buffer overflow and application crash or possibly have unspecified other impact via a crafted CHM file...

8.1CVSS9.8AI score0.01976EPSS
Exploits0References10
SUSE CVE
SUSE CVE
added 2023/02/15 4:25 a.m.4 views

SUSE CVE-2018-14679

An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. There is an off-by-one error in the CHM PMGI/PMGL chunk number validity checks, which could lead to denial of service uninitialized data dereference and application crash...

4.4CVSS9.4AI score0.03312EPSS
Exploits0References18
SUSE CVE
SUSE CVE
added 2023/02/15 4:25 a.m.4 views

SUSE CVE-2018-14681

An issue was discovered in kwajdreadheaders in mspack/kwajd.c in libmspack before 0.7alpha. Bad KWAJ file header extensions could cause a one or two byte overwrite...

4.4CVSS9.5AI score0.03806EPSS
Exploits0References16
SUSE CVE
SUSE CVE
added 2023/02/15 4:25 a.m.4 views

SUSE CVE-2018-14682

An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. There is an off-by-one error in the TOLOWER macro for CHM decompression...

4.4CVSS9.6AI score0.03806EPSS
Exploits0References16
SUSE CVE
SUSE CVE
added 2023/02/15 4:25 a.m.3 views

SUSE CVE-2018-14680

An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. It does not reject blank CHM filenames...

4.4CVSS9.6AI score0.03753EPSS
Exploits0References11
SUSE CVE
SUSE CVE
added 2023/02/15 4:22 a.m.2 views

SUSE CVE-2018-18586

chmextract.c in the chmextract sample program, as distributed with libmspack before 0.8alpha, does not protect against absolute/relative pathnames in CHM files, leading to Directory Traversal. NOTE: the vendor disputes that this is a libmspack vulnerability, because chmextract.c was only intended...

5.3CVSS9AI score0.03284EPSS
Exploits1References11
SUSE CVE
SUSE CVE
added 2023/02/15 4:22 a.m.2 views

SUSE CVE-2018-18585

chmdreadheaders in mspack/chmd.c in libmspack before 0.8alpha accepts a filename that has '\0' as its first or second character such as the "/\0" name...

4.3CVSS9.5AI score0.03059EPSS
Exploits1References8
SUSE CVE
SUSE CVE
added 2023/02/15 4:22 a.m.5 views

SUSE CVE-2018-18584

In mspack/cab.h in libmspack before 0.8alpha and cabextract before 1.8, the CAB block input buffer is one byte too small for the maximal Quantum block, leading to an out-of-bounds write...

6.5CVSS9.8AI score0.03086EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2023/02/15 4:4 a.m.4 views

SUSE CVE-2019-1010305

libmspack 0.9.1alpha is affected by: Buffer Overflow. The impact is: Information Disclosure. The component is: function chmdreadheaders in libmspackfile libmspack/mspack/chmd.c. The attack vector is: the victim must open a specially crafted chm file. The fixed version is: after commit...

2.5CVSS8.2AI score0.01464EPSS
Exploits1References7
OpenVAS
OpenVAS
added 2022/11/30 12:0 a.m.13 views

SUSE: Security Advisory (SUSE-SU-2022:4287-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.3CVSS5.8AI score0.03284EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2022/11/30 12:0 a.m.22 views

SUSE SLES12 Security Update : libmspack (SUSE-SU-2022:4287-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:4287-1 advisory. - CVE-2018-18586: Add leading slash protection to chmextract. bsc1113040 Tenable has extracted the preceding description block directly from...

5.3CVSS6.4AI score0.03284EPSS
Exploits1References4
OSV
OSV
added 2022/11/29 2:58 p.m.3 views

SUSE-SU-2022:4287-1 Security update for libmspack

This update for libmspack fixes the following issues: - CVE-2018-18586: Add leading slash protection to chmextract. bsc1113040...

5.3CVSS5.6AI score0.03284EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2022/10/10 12:0 a.m.17 views

Huawei EulerOS: Security Advisory for libmspack (EulerOS-SA-2022-2468)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.9AI score0.03086EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/10/09 12:0 a.m.24 views

EulerOS 2.0 SP8 : libmspack (EulerOS-SA-2022-2468)

According to the versions of the libmspack package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In mspack/cab.h in libmspack before 0.8alpha and cabextract before 1.8, the CAB block input buffer is one byte too small for the maximal Quant...

6.5CVSS7.1AI score0.03086EPSS
Exploits0References2
Rockylinux
Rockylinux
added 2022/05/17 6:58 a.m.16 views

new packages: libmspack

An update is available for libmspack. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Enterpri...

2.3AI score
Exploits0
OpenVAS
OpenVAS
added 2022/02/22 12:0 a.m.10 views

openSUSE: Security Advisory for libmspack (openSUSE-SU-2022:0069-2)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

5.3CVSS5.8AI score0.03284EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2022/02/19 12:0 a.m.20 views

SUSE SLES15 Security Update : libmspack (SUSE-SU-2022:0069-2)

The remote SUSE Linux SLES15 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2022:0069-2 advisory. - CVE-2018-18586: Fixed directory traversal in chmextract by adding anti '../' and leading slash protection bsc1113040. Tenable has extracted the...

5.3CVSS6.4AI score0.03284EPSS
Exploits1References4
Rows per page
Query Builder