7 matches found
SUSE: Security Advisory (SUSE-SU-2015:2215-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLED12 / SLES12 Security Update : libmspack (SUSE-SU-2016:0011-1)
libmspack was updated to fix security issues. These security issues were fixed : - CVE-2014-9732: The cabdextract function in cabd.c in libmspack did not properly maintain decompression callbacks in certain cases where an invalid file follows a valid file, which allowed remote attackers to cause ...
SUSE SLED11 / SLES11 Security Update : libmspack (SUSE-SU-2015:2215-1)
libmspack was updated to fix several security vulnerabilities. - Fix NULL pointer dereference on a crafted CAB. bsc934524, CVE-2014-9732 - Fix denial of service while processing crafted CHM file. bsc934525, CVE-2015-4467 - Fix denial of service while processing crafted CHM file. bsc934529,...
SUSE SLED11 Security Update : cabextract (SUSE-SU-2015:2131-1)
This security update fixes the following issues : - Fix possible infinite loop caused DoS bsc919283, CVE-2014-9556 - Fix zero dereference bsc934524, CVE-2014-9732 - Fix off by one bsc934527, CVE-2015-4470 - Fix buffer under-read crash bsc934528, CVE-2015-4471 Note that Tenable Network Security ha...
CVE-2015-4471
Off-by-one error in the lzxddecompress function in lzxd.c in libmspack before 0.5 allows remote attackers to cause a denial of service buffer under-read and application crash via a crafted CAB archive...
CVE-2015-4471
Off-by-one error in the lzxddecompress function in lzxd.c in libmspack before 0.5 allows remote attackers to cause a denial of service buffer under-read and application crash via a crafted CAB archive...
CVE-2015-4471
CVE-2015-4471 affects libmspack (component: lzxd_decompress in lzxd.c) with an off-by-one error in pre-0.5 versions. A crafted CAB archive can trigger a denial of service via a buffer under-read. Affected products are libmspack deployments; remote attackers can exploit it without authentication. ...