133 matches found
EUVD-2010-2805
Malware in sbrugna...
EUVD-2015-2173
Malware in sbrugna...
EUVD-2004-0914
Malware in sbrugna...
EUVD-2018-10304
Malware in sbrugna...
EUVD-2010-2804
Malware in sbrugna...
SUSE CVE-2004-0916
Directory traversal vulnerability in cabextract before 1.1 allows remote attackers to overwrite arbitrary files via a cabinet file containing .. dot dot sequences in a filename...
SUSE CVE-2010-2801
Integer signedness error in the Quantum decompressor in cabextract before 1.3, when archive test mode is used, allows user-assisted remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted Quantum archive in a .cab file, related to the...
SUSE CVE-2010-2800
The MS-ZIP decompressor in cabextract before 1.3 allows remote attackers to cause a denial of service infinite loop via a malformed MSZIP archive in a .cab file during a 1 test or 2 extract action, related to the libmspack library...
SUSE CVE-2015-2060
cabextract before 1.6 does not properly check for leading slashes when extracting files, which allows remote attackers to conduct absolute directory traversal attacks via a malformed UTF-8 character that is changed to a UTF-8 encoded slash...
SUSE CVE-2018-18584
In mspack/cab.h in libmspack before 0.8alpha and cabextract before 1.8, the CAB block input buffer is one byte too small for the maximal Quantum block, leading to an out-of-bounds write...
Mageia: Security Advisory (MGASA-2015-0086)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2015-0052)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2018-0455)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP2 : libmspack (EulerOS-SA-2021-1318)
According to the version of the libmspack package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - In mspack/cab.h in libmspack before 0.8alpha and cabextract before 1.8, the CAB block input buffer is one byte too small for the maximal Quantum...
Directory Traversal
cabextract is vulnerable to directory traversal. Lack of proper checking for leading slashes when extracting files allows remote attackers to perform directory traversal attacks via a malformed UTF-8 characters that are changed to a UTF-8 encoded slash...
CVE-2015-2060
cabextract before 1.6 does not properly check for leading slashes when extracting files, which allows remote attackers to conduct absolute directory traversal attacks via a malformed UTF-8 character that is changed to a UTF-8 encoded slash...
CVE-2015-2060
cabextract before 1.6 does not properly check for leading slashes when extracting files, which allows remote attackers to conduct absolute directory traversal attacks via a malformed UTF-8 character that is changed to a UTF-8 encoded slash...
DEBIAN-CVE-2015-2060
cabextract before 1.6 does not properly check for leading slashes when extracting files, which allows remote attackers to conduct absolute directory traversal attacks via a malformed UTF-8 character that is changed to a UTF-8 encoded slash...
Directory traversal
cabextract before 1.6 does not properly check for leading slashes when extracting files, which allows remote attackers to conduct absolute directory traversal attacks via a malformed UTF-8 character that is changed to a UTF-8 encoded slash...
CVE-2015-2060
cabextract before 1.6 does not properly check for leading slashes when extracting files, which allows remote attackers to conduct absolute directory traversal attacks via a malformed UTF-8 character that is changed to a UTF-8 encoded slash...