133 matches found
UBUNTU-CVE-2015-2060
cabextract before 1.6 does not properly check for leading slashes when extracting files, which allows remote attackers to conduct absolute directory traversal attacks via a malformed UTF-8 character that is changed to a UTF-8 encoded slash...
CVE-2015-2060
cabextract before 1.6 does not properly check for leading slashes when extracting files, which allows remote attackers to conduct absolute directory traversal attacks via a malformed UTF-8 character that is changed to a UTF-8 encoded slash...
CVE-2015-2060
CVE-2015-2060 affects cabextract prior to 1.6. The vulnerability arises because cabextract does not properly check for leading slashes when extracting files, allowing an attacker to perform absolute directory traversal via a malformed UTF-8 character that is changed to a UTF-8 encoded slash. This...
CVE-2015-2060
cabextract before 1.6 does not properly check for leading slashes when extracting files, which allows remote attackers to conduct absolute directory traversal attacks via a malformed UTF-8 character that is changed to a UTF-8 encoded slash...
CVE-2018-18584
In mspack/cab.h in libmspack before 0.8alpha and cabextract before 1.8, the CAB block input buffer is one byte too small for the maximal Quantum block, leading to an out-of-bounds write...
Medium: libmspack
Issue Overview: In mspack/cab.h in libmspack before 0.8alpha and cabextract before 1.8, the CAB block input buffer is one byte too small for the maximal Quantum block, leading to an out-of-bounds write.CVE-2018-18584 chmdreadheaders in mspack/chmd.c in libmspack before 0.8alpha accepts a filename...
libmspack: Out-of-bounds write in mspack/cab.h
In mspack/cab.h in libmspack before 0.8alpha and cabextract before 1.8, the CAB block input buffer is one byte too small for the maximal Quantum block, leading to an out-of-bounds write...
cabextract, libmspack: Multiple vulnerabilities
Background cabextract is free software for extracting Microsoft cabinet files. libmspack is a portable library for some loosely related Microsoft compression formats Description Multiple vulnerabilities have been discovered in cabextract and libmspack. Please review the CVE identifiers referenced...
GLSA-201903-20 : cabextract, libmspack: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-201903-20 cabextract, libmspack: Multiple vulnerabilities Multiple vulnerabilities have been discovered in cabextract and libmspack. Please review the CVE identifiers referenced below for details. Impact : Please review the...
Fedora 28 : cabextract / libmspack (2018-cb337fb199)
Latest stable releases of libmspack and cabextract, includes security fixes for CVE-2018-14680, CVE-2018-14681, CVE-2018-14682, CVE-2018-18584, CVE-2018-18585 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable h...
Fedora 29 : cabextract / libmspack (2018-a5953af115)
Latest stable releases of libmspack and cabextract, includes security fixes for CVE-2018-14680, CVE-2018-14681, CVE-2018-14682, CVE-2018-18584, CVE-2018-18585 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable h...
Fedora Update for cabextract FEDORA-2018-c73d257297
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 27 : cabextract / libmspack (2018-c73d257297)
Latest stable releases of libmspack and cabextract, includes security fixes for CVE-2018-14680, CVE-2018-14681, CVE-2018-14682, CVE-2018-18584, CVE-2018-18585 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable h...
MGASA-2018-0455 Updated libmspack/cabextract packages fix security vulnerabilities
Hanno Böck discovered that libmspack incorrectly handled certain CHM files. An attacker could possibly use this issue to cause a denial of service CVE-2018-14679, CVE-2018-14680. Jakub Wilk discovered that libmspack incorrectly handled certain KWAJ files. An attacker could possibly use this issue...
Updated libmspack/cabextract packages fix security vulnerabilities
Hanno Böck discovered that libmspack incorrectly handled certain CHM files. An attacker could possibly use this issue to cause a denial of service CVE-2018-14679, CVE-2018-14680. Jakub Wilk discovered that libmspack incorrectly handled certain KWAJ files. An attacker could possibly use this issue...
[SECURITY] Fedora 27 Update: cabextract-1.9-1.fc27
cabextract is a program which can extract files from cabinet .cab archives...
[SECURITY] Fedora 28 Update: cabextract-1.9-1.fc28
cabextract is a program which can extract files from cabinet .cab archives...
[SECURITY] Fedora 29 Update: cabextract-1.9-1.fc29
cabextract is a program which can extract files from cabinet .cab archives...
Fedora Update for cabextract FEDORA-2018-cb337fb199
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2018-18584
In mspack/cab.h in libmspack before 0.8alpha and cabextract before 1.8, the CAB block input buffer is one byte too small for the maximal Quantum block, leading to an out-of-bounds write...