Lucene search
K

133 matches found

OSV
OSV
added 2019/11/29 9:15 p.m.3 views

UBUNTU-CVE-2015-2060

cabextract before 1.6 does not properly check for leading slashes when extracting files, which allows remote attackers to conduct absolute directory traversal attacks via a malformed UTF-8 character that is changed to a UTF-8 encoded slash...

5.3CVSS6.1AI score0.02308EPSS
Exploits1References3
Debian CVE
Debian CVE
added 2019/11/29 8:55 p.m.46 views

CVE-2015-2060

cabextract before 1.6 does not properly check for leading slashes when extracting files, which allows remote attackers to conduct absolute directory traversal attacks via a malformed UTF-8 character that is changed to a UTF-8 encoded slash...

5.3CVSS5.2AI score0.02308EPSS
Exploits1
CVE
CVE
added 2019/11/29 8:55 p.m.72 views

CVE-2015-2060

CVE-2015-2060 affects cabextract prior to 1.6. The vulnerability arises because cabextract does not properly check for leading slashes when extracting files, allowing an attacker to perform absolute directory traversal via a malformed UTF-8 character that is changed to a UTF-8 encoded slash. This...

5.3CVSS5.1AI score0.02308EPSS
Exploits1References7Affected Software1
Cvelist
Cvelist
added 2019/11/29 8:55 p.m.29 views

CVE-2015-2060

cabextract before 1.6 does not properly check for leading slashes when extracting files, which allows remote attackers to conduct absolute directory traversal attacks via a malformed UTF-8 character that is changed to a UTF-8 encoded slash...

5.1AI score0.02308EPSS
Exploits1References7
RedhatCVE
RedhatCVE
added 2019/10/09 10:10 a.m.29 views

CVE-2018-18584

In mspack/cab.h in libmspack before 0.8alpha and cabextract before 1.8, the CAB block input buffer is one byte too small for the maximal Quantum block, leading to an out-of-bounds write...

6.5CVSS2.4AI score0.03086EPSS
Exploits0References2
Amazon
Amazon
added 2019/10/08 12:0 a.m.32 views

Medium: libmspack

Issue Overview: In mspack/cab.h in libmspack before 0.8alpha and cabextract before 1.8, the CAB block input buffer is one byte too small for the maximal Quantum block, leading to an out-of-bounds write.CVE-2018-18584 chmdreadheaders in mspack/chmd.c in libmspack before 0.8alpha accepts a filename...

6.5CVSS7.4AI score0.03086EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2019/08/06 1:56 p.m.3 views

libmspack: Out-of-bounds write in mspack/cab.h

In mspack/cab.h in libmspack before 0.8alpha and cabextract before 1.8, the CAB block input buffer is one byte too small for the maximal Quantum block, leading to an out-of-bounds write...

6.5CVSS7.5AI score0.03086EPSS
Exploits0References4
Gentoo Linux
Gentoo Linux
added 2019/03/28 12:0 a.m.123 views

cabextract, libmspack: Multiple vulnerabilities

Background cabextract is free software for extracting Microsoft cabinet files. libmspack is a portable library for some loosely related Microsoft compression formats Description Multiple vulnerabilities have been discovered in cabextract and libmspack. Please review the CVE identifiers referenced...

8.8CVSS7.3AI score0.03806EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2019/03/28 12:0 a.m.28 views

GLSA-201903-20 : cabextract, libmspack: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201903-20 cabextract, libmspack: Multiple vulnerabilities Multiple vulnerabilities have been discovered in cabextract and libmspack. Please review the CVE identifiers referenced below for details. Impact : Please review the...

8.8CVSS6.6AI score0.03806EPSS
Exploits2References8
Tenable Nessus
Tenable Nessus
added 2019/01/03 12:0 a.m.34 views

Fedora 28 : cabextract / libmspack (2018-cb337fb199)

Latest stable releases of libmspack and cabextract, includes security fixes for CVE-2018-14680, CVE-2018-14681, CVE-2018-14682, CVE-2018-18584, CVE-2018-18585 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable h...

8.8CVSS6.5AI score0.03806EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2019/01/03 12:0 a.m.30 views

Fedora 29 : cabextract / libmspack (2018-a5953af115)

Latest stable releases of libmspack and cabextract, includes security fixes for CVE-2018-14680, CVE-2018-14681, CVE-2018-14682, CVE-2018-18584, CVE-2018-18585 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable h...

8.8CVSS6.5AI score0.03806EPSS
Exploits1References6
OpenVAS
OpenVAS
added 2018/11/20 12:0 a.m.24 views

Fedora Update for cabextract FEDORA-2018-c73d257297

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS7.4AI score0.03806EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2018/11/19 12:0 a.m.32 views

Fedora 27 : cabextract / libmspack (2018-c73d257297)

Latest stable releases of libmspack and cabextract, includes security fixes for CVE-2018-14680, CVE-2018-14681, CVE-2018-14682, CVE-2018-18584, CVE-2018-18585 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable h...

8.8CVSS6.5AI score0.03806EPSS
Exploits1References6
OSV
OSV
added 2018/11/17 10:23 p.m.8 views

MGASA-2018-0455 Updated libmspack/cabextract packages fix security vulnerabilities

Hanno Böck discovered that libmspack incorrectly handled certain CHM files. An attacker could possibly use this issue to cause a denial of service CVE-2018-14679, CVE-2018-14680. Jakub Wilk discovered that libmspack incorrectly handled certain KWAJ files. An attacker could possibly use this issue...

8.8CVSS7.1AI score0.03806EPSS
Exploits2References5
Mageia
Mageia
added 2018/11/17 10:23 p.m.47 views

Updated libmspack/cabextract packages fix security vulnerabilities

Hanno Böck discovered that libmspack incorrectly handled certain CHM files. An attacker could possibly use this issue to cause a denial of service CVE-2018-14679, CVE-2018-14680. Jakub Wilk discovered that libmspack incorrectly handled certain KWAJ files. An attacker could possibly use this issue...

8.8CVSS1.9AI score0.03806EPSS
Exploits2References4
Fedora
Fedora
added 2018/11/17 2:8 a.m.32 views

[SECURITY] Fedora 27 Update: cabextract-1.9-1.fc27

cabextract is a program which can extract files from cabinet .cab archives...

8.8CVSS2AI score0.03806EPSS
Exploits1
Fedora
Fedora
added 2018/11/13 2:28 a.m.37 views

[SECURITY] Fedora 28 Update: cabextract-1.9-1.fc28

cabextract is a program which can extract files from cabinet .cab archives...

8.8CVSS2AI score0.03806EPSS
Exploits1
Fedora
Fedora
added 2018/11/13 2:25 a.m.29 views

[SECURITY] Fedora 29 Update: cabextract-1.9-1.fc29

cabextract is a program which can extract files from cabinet .cab archives...

8.8CVSS2AI score0.03806EPSS
Exploits1
OpenVAS
OpenVAS
added 2018/11/13 12:0 a.m.56 views

Fedora Update for cabextract FEDORA-2018-cb337fb199

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS7.4AI score0.03806EPSS
Exploits1References2
NVD
NVD
added 2018/10/23 2:29 a.m.21 views

CVE-2018-18584

In mspack/cab.h in libmspack before 0.8alpha and cabextract before 1.8, the CAB block input buffer is one byte too small for the maximal Quantum block, leading to an out-of-bounds write...

6.5CVSS6.7AI score0.03086EPSS
Exploits0References11
Rows per page
Query Builder