EUVD-2018-10304

Malware in sbrugna...

Denial Of Service (Dos)

libmspack is vulnerable to denial of service. The CAB block input buffer is one byte too small for the maximal Quantum block, which would allow an attacker to crash the application via an out-of-bounds write using a malicious CAB block input...

SUSE SLES11 Security Update : libmspack (SUSE-SU-2019:13992-1)

This update for libmspack fixes the following issues : Security issues fixed : CVE-2018-18584: The CAB block input buffer was one byte too small for the maximal Quantum block, leading to an out-of-bounds write. bsc1113038 CVE-2018-18585: chmdreadheaders accepted a filename that has '\0' as its...

SUSE SLED15 / SLES15 Security Update : libmspack (SUSE-SU-2019:0748-1)

This update for libmspack fixes the following issues : Security issues fixed : CVE-2018-18584: The CAB block input buffer was one byte too small for the maximal Quantum block, leading to an out-of-bounds write. bsc1113038 CVE-2018-18585: chmdreadheaders accepted a filename that has '\0' as its...

CVE-2018-18584

In mspack/cab.h in libmspack before 0.8alpha and cabextract before 1.8, the CAB block input buffer is one byte too small for the maximal Quantum block, leading to an out-of-bounds write...

CVE-2018-18584

In mspack/cab.h in libmspack before 0.8alpha and cabextract before 1.8, the CAB block input buffer is one byte too small for the maximal Quantum block, leading to an out-of-bounds write...