[SECURITY] Fedora 25 Update: upx-3.94-1.fc25

UPX is a free, portable, extendable, high-performance executable packer for several different executable formats. It achieves an excellent compression ratio and offers very fast decompression. Your executables suffer no memory overhead or other drawbacks...

[SECURITY] Fedora 27 Update: upx-3.94-1.fc27

UPX is a free, portable, extendable, high-performance executable packer for several different executable formats. It achieves an excellent compression ratio and offers very fast decompression. Your executables suffer no memory overhead or other drawbacks...

[SECURITY] Fedora 25 Update: libmspack-0.6-0.1.alpha.fc25

The purpose of libmspack is to provide both compression and decompression of some loosely related file formats used by Microsoft...

[SECURITY] Fedora 27 Update: libmspack-0.6-0.1.alpha.fc27

The purpose of libmspack is to provide both compression and decompression of some loosely related file formats used by Microsoft...

[SECURITY] Fedora 26 Update: libmspack-0.6-0.1.alpha.fc26

The purpose of libmspack is to provide both compression and decompression of some loosely related file formats used by Microsoft...

Iceni Argus PDF Inflate+LZW Decompression Heap-Based Buffer Overflow Vulnerability(CVE-2016-8387)

Summary An exploitable heap-based buffer overflow exists in Iceni Argus. When it attempts to convert a malformed PDF with an object encoded w/ multiple encoding types terminating with an LZW encoded type, an overflow may occur due to a lack of bounds checking by the LZW decoder. This can lead to...

The vulnerability of the VMSF_DELTA memory component of the UnRAR file decompression tool and the Sophos Anti-Virus antivirus protection allows a perpetrator to execute arbitrary code.

The vulnerability of the VMSFDELTA component, a file decompression tool, and the UnRAR decompression tool is caused by a numerical overflow. This occurs when the variable MemDestPos exceeds its allowable limits due to the negative value of the argument DestPos during the summation of DataSize and...

unrar directory traversal vulnerability

unrar also known as unrar-free or unrar-gpl is a decompression software used in Linux. A directory traversal vulnerability exists in unrar version 0.0.1. An attacker can exploit this vulnerability to decompress RAR v2 archives into an upper level directory...

CVE-2017-11235

Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability in the image conversion engine when decompressing JPEG data. Successful exploitation could lead to arbitrary code...

graphite2: heap-buffer-overflow write "lz4::decompress" (src/Decompressor)

A heap-based buffer overflow flaw related to "lz4::decompress" src/Decompressor has been reported in graphite2. An attacker could exploit this issue to cause a crash or, possibly, execute arbitrary code...

graphite2: heap-buffer-overflow write "lz4::decompress" (CVE-2017-7772)

A heap-based buffer overflow flaw related to "lz4::decompress" has been reported in graphite2. An attacker could exploit this issue to cause a crash or, possibly, execute arbitrary code...

graphite2: heap-buffer-overflow write "lz4::decompress" (CVE-2017-7772)

A heap-based buffer overflow flaw related to "lz4::decompress" has been reported in graphite2. An attacker could exploit this issue to cause a crash or, possibly, execute arbitrary code...

graphite2: heap-buffer-overflow write "lz4::decompress" (src/Decompressor)

A heap-based buffer overflow flaw related to "lz4::decompress" src/Decompressor has been reported in graphite2. An attacker could exploit this issue to cause a crash or, possibly, execute arbitrary code...

graphite2: heap-buffer-overflow write "lz4::decompress" (src/Decompressor)

A heap-based buffer overflow flaw related to "lz4::decompress" src/Decompressor has been reported in graphite2. An attacker could exploit this issue to cause a crash or, possibly, execute arbitrary code...

UBUNTU-CVE-2017-7773

Heap-based Buffer Overflow write in Graphite2 library in Firefox before 54 in lz4::decompress src/Decompressor...

UBUNTU-CVE-2017-7772

Heap-based Buffer Overflow in Graphite2 library in Firefox before 54 in lz4::decompress function...

CVE-2016-5004

The Content-Encoding HTTP header feature in ws-xmlrpc 3.1.3 as used in Apache Archiva allows remote attackers to cause a denial of service resource consumption by decompressing a large file containing zeroes...

UBUNTU-CVE-2017-8845

The lzo1xdecompress function in lzo1xd.ch in LZO 2.08, as used in lrzip 0.631, allows remote attackers to cause a denial of service invalid memory read and application crash via a crafted archive...

DEBIAN-CVE-2017-8845

The lzo1xdecompress function in lzo1xd.ch in LZO 2.08, as used in lrzip 0.631, allows remote attackers to cause a denial of service invalid memory read and application crash via a crafted archive...

PT-2017-18575 · Conan +1 · Lrzip +1

Name of the Vulnerable Software and Affected Versions: LZO version 2.08 lrzip version 0.631 Description: The issue allows remote attackers to cause a denial of service, resulting in an invalid memory read and application crash, via a crafted archive. This is due to a problem in the lzo1x decompre...