SUSE CVE-2010-0098

ClamAV before 0.96 does not properly handle the 1 CAB and 2 7z file formats, which allows remote attackers to bypass virus detection via a crafted archive that is compatible with standard archive utilities...

CVE-2020-10126

NCR SelfServ ATMs running APTRA XFS 05.01.00 do not properly validate softare updates for the bunch note acceptor BNA, enabling an attacker with physical access to internal ATM components to restart the host computer and execute arbitrary code with SYSTEM privileges because while booting, the...

Updated libarchive packages fix security vulnerabilities

readheader in archivereadsupportformatrar.c in libarchive 3.3.2 suffers from an off-by-one error for UTF-16 names in RAR archives, leading to an out-of-bounds read in archivereadformatrarreadheader CVE-2017-14502. Multiple security issues were found in libarchive: Processing malformed RAR archive...

[SECURITY] Fedora 29 Update: cabextract-1.9-1.fc29

cabextract is a program which can extract files from cabinet .cab archives...

CVE-2012-4953

The decomposer engine in Symantec Endpoint Protection SEP 11.0, Symantec Endpoint Protection Small Business Edition 12.0, Symantec AntiVirus Corporate Edition SAVCE 10.x, and Symantec Scan Engine SSE before 5.2.8 does not properly perform bounds checks of the contents of CAB archives, which allow...

Out-of-bounds

The decomposer engine in Symantec Endpoint Protection SEP 11.0, Symantec Endpoint Protection Small Business Edition 12.0, Symantec AntiVirus Corporate Edition SAVCE 10.x, and Symantec Scan Engine SSE before 5.2.8 does not properly perform bounds checks of the contents of CAB archives, which allow...

SuSE 11 Security Update : clamav (SAT Patch Number 2298)

Specially crafted CAB archives could crash clamav CVE-2010-1311 or bypass virus detection CVE-2010-0098. clamav has been updated to version 0.96 which fixes those issues. Citing freshmeat.net : This Release introduces new malware detection mechanisms and other significant improvements to the scan...

[SECURITY] Fedora 14 Update: cabextract-1.3-1.fc14

cabextract is a program which can extract files from cabinet .cab archives...

[SECURITY] Fedora 12 Update: cabextract-1.3-1.fc12

cabextract is a program which can extract files from cabinet .cab archives...

SuSE9 Security Update : clamav (YOU Patch Number 12610)

Specially crafted CAB archives could crash clamav CVE-2010-1311 or bypass virus detection CVE-2010-0098. clamav has been updated to version 0.96 which fixes those issues. Citing freshmeat.net : This Release introduces new malware detection mechanisms and other significant improvements to the scan...

DEBIAN-CVE-2010-0098

ClamAV before 0.96 does not properly handle the 1 CAB and 2 7z file formats, which allows remote attackers to bypass virus detection via a crafted archive that is compatible with standard archive utilities...

Debian Security Advisory DSA 1263-1 (clamav)

The remote host is missing an update to clamav announced via advisory DSA 1263-1. Several remote vulnerabilities have been discovered in in the Clam anti-virus toolkit, which may lead to denial of service. The Common Vulnerabilities and Exposures project identifies the following problems:...

Heap overflow

Heap-based buffer overflow in the Decomposer component in multiple Symantec products allows remote attackers to execute arbitrary code via multiple crafted CAB archives...

CVE-2007-0447

Heap-based buffer overflow in the Decomposer component in multiple Symantec products allows remote attackers to execute arbitrary code via multiple crafted CAB archives...

CVE-2007-0447

Heap-based buffer overflow in the Decomposer component in multiple Symantec products allows remote attackers to execute arbitrary code via multiple crafted CAB archives...

[Full-disclosure] ZDI-07-040: Symantec AntiVirus Engine CAB Parsing Heap Overflow Vulnerability

ZDI-07-040: Symantec AntiVirus Engine CAB Parsing Heap Overflow Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-07-040.html July 12, 2007 -- CVE ID: CVE-2007-0447 -- Affected Vendor: Symantec -- Affected Products: Symantec AntiVirus Engine -- TippingPointTM IPS Customer Protection:...

Symantec Antivirus multiple buffer overflows

Buffer overflows on CAB, RAR archives parsing...

CA multiple antiviral products buffer overflow

Buffer overflow on CAB archives parsing...

Computer Associates Anti-Virus engine fails to properly handle long file names in CAB archives

Overview The Computer Associates Anti-Virus engine contains a stack-based buffer overflow that may allow a remote, unauthenticated attacker to execute arbitrary code. Description The Computer Associates Anti-Virus engine contains a stack-based buffer overflow in the code responsible for processin...

Computer Associates Anti-Virus engine fails to properly handle malformed CAB archives

Overview The Computer Associates Anti-Virus engine contains a stack-based buffer overflow that may allow a remote, unauthenticated attacker to execute arbitrary code. Description The Computer Associates Anti-Virus engine contains a stack-based buffer overflow in the code responsible for processin...