10 matches found
SUSE-SU-2022:4287-1 Security update for libmspack
This update for libmspack fixes the following issues: - CVE-2018-18586: Add leading slash protection to chmextract. bsc1113040...
Mageia: Security Advisory (MGASA-2018-0455)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLED15 / SLES15 Security Update : libmspack (SUSE-SU-2022:0069-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:0069-1 advisory. - CVE-2018-18586: Fixed directory traversal in chmextract by adding anti '../' and leading slash protection bsc1113040...
SUSE-SU-2022:0069-1 Security update for libmspack
This update for libmspack fixes the following issues: - CVE-2018-18586: Fixed directory traversal in chmextract by adding anti '../' and leading slash protection bsc1113040...
Security update for libmspack (low)
openSUSE Security Update: Security update for libmspack Announcement ID: openSUSE-SU-2022:0069-1 Rating: low References: 1113040 Cross-References: CVE-2018-18586 CVSS scores: CVE-2018-18586 NVD : 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Affected Products: openSUSE Leap 15.3 An update that...
Huawei EulerOS: Security Advisory for libmspack (EulerOS-SA-2019-2534)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for libmspack (EulerOS-SA-2020-1014)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2018-18586
chmextract.c in the chmextract sample program, as distributed with libmspack before 0.8alpha, does not protect against absolute/relative pathnames in CHM files, leading to Directory Traversal. NOTE: the vendor disputes that this is a libmspack vulnerability, because chmextract.c was only intended...
CVE-2018-18586
CVE-2018-18586 affects libmspack (chmextract.c). The issue is directory traversal via absolute/relative CHM file paths due to insufficient path protection. OpenSUSE/SUSE advisories fix by adding anti-â../â and leading-slash checks (e.g., libmspack-devel-0.11-2 and related patches). Exploitation d...
CVE-2018-18586
chmextract.c in the chmextract sample program, as distributed with libmspack before 0.8alpha, does not protect against absolute/relative pathnames in CHM files, leading to Directory Traversal. NOTE: the vendor disputes that this is a libmspack vulnerability, because chmextract.c was only intended...