EUVD-2019-2041

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2018-18585

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - chmdreadheaders in mspack/chmd.c in libmspack before 0.8alpha accepts a filename that has '\0' as its first or second character such as the /\0 name...

Rocky Linux 8 : libmspack (RLSA-2020:1686)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2020:1686 advisory. - libmspack 0.9.1alpha is affected by: Buffer Overflow. The impact is: Information Disclosure. The component is: function chmdreadheaders in libmspackfile...

Denial Of Service (DoS)

libmspack is vulnerable to Denial Of Service DoS. The vulnerability exists due to the chmdreadheaders function of chmd.c which does not properly validate name lengths, which allows an attacker to cause an application crash through the maliciously crafted CHM file...

Oracle Linux 8 : libmspack (ELSA-2020-1686)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2020-1686 advisory. - Fix for CVE-2019-1010305 - Remove 'fix' for CVE-2018-14680 as this fix is included in base tar ball. resolves: rhbz1736745, rhbz1736743 Tenable has extracted...

SUSE CVE-2018-18585

chmdreadheaders in mspack/chmd.c in libmspack before 0.8alpha accepts a filename that has '\0' as its first or second character such as the "/\0" name...

AlmaLinux 8 : libmspack (ALSA-2020:1686)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2020:1686 advisory. - libmspack 0.9.1alpha is affected by: Buffer Overflow. The impact is: Information Disclosure. The component is: function chmdreadheaders in libmspackfile...

Debian DLA-2805-1 : libmspack - LTS security update

The remote Debian 9 host has packages installed that are affected by a vulnerability as referenced in the dla-2805 advisory. - libmspack 0.9.1alpha is affected by: Buffer Overflow. The impact is: Information Disclosure. The component is: function chmdreadheaders in libmspackfile...

SUSE: Security Advisory (SUSE-SU-2019:13992-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Amazon Linux 2 : libmspack (ALAS-2020-1525)

The version of libmspack installed on the remote host is prior to 0.5-0.8.alpha. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2020-1525 advisory. libmspack 0.9.1alpha is affected by: Buffer Overflow. The impact is: Information Disclosure. The component is: function...

Low: libmspack

Issue Overview: libmspack 0.9.1alpha is affected by: Buffer Overflow. The impact is: Information Disclosure. The component is: function chmdreadheaders in libmspackfile libmspack/mspack/chmd.c. The attack vector is: the victim must open a specially crafted chm file. The fixed version is: after...

libmspack security update

CentOS Errata and Security Advisory CESA-2020:3848 An update for libmspack is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

Oracle Linux 7 : libmspack (ELSA-2020-3848)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2020-3848 advisory. 0.5-0.8.alpha - Fix for CVE-2019-1010305 resolves: rhbz1736744 Tenable has extracted the preceding description block directly from the Oracle Linux security...

Low: Red Hat Security Advisory: libmspack security and bug fix update

An update for libmspack is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

libmspack: buffer overflow in function chmd_read_headers()

libmspack 0.9.1alpha is affected by: Buffer Overflow. The impact is: Information Disclosure. The component is: function chmdreadheaders in libmspackfile libmspack/mspack/chmd.c. The attack vector is: the victim must open a specially crafted chm file. The fixed version is: after commit...

Huawei EulerOS: Security Advisory for libmspack (EulerOS-SA-2019-1852)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

NewStart CGSL CORE 5.05 / MAIN 5.05 : libmspack Multiple Vulnerabilities (NS-SA-2019-0237)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has libmspack packages installed that are affected by multiple vulnerabilities: - In mspack/cab.h in libmspack before 0.8alpha and cabextract before 1.8, the CAB block input buffer is one byte too small for the maximal Quantum...

EulerOS 2.0 SP5 : libmspack (EulerOS-SA-2019-2534)

According to the versions of the libmspack package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - chmdreadheaders in mspack/chmd.c in libmspack before 0.8alpha accepts a filename that has '\0' as its first or second character such as the...

EulerOS 2.0 SP2 : libmspack (EulerOS-SA-2019-2454)

According to the versions of the libmspack package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - chmdreadheaders in mspack/chmd.c in libmspack before 0.8alpha accepts a filename that has '\0' as its first or second character such as the...

EulerOS 2.0 SP8 : libmspack (EulerOS-SA-2019-2285)

According to the version of the libmspack package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - chmdreadheaders in mspack/chmd.c in libmspack before 0.8alpha accepts a filename that has '\0' as its first or second character such as the '/\0'...