3202 matches found
JVN#02527990: Lhaplus vulnerable to directory traversal
Lhaplus is a file compression/decompression software. Lhaplus contains an issue in processing file names, which may result in a directory traversal vulnerability. Impact Decompressing a file with a specially crafted file name may result in a creation of an arbitrary file or an overwrite of an...
Mandriva Linux Security Advisory : cabextract (MDVSA-2015:064)
Updated cabextract packages fix security vulnerabilities : Libmspack, a library to provide compression and decompression of some file formats used by Microsoft, is embedded in cabextract. A specially crafted cab file can cause cabextract to hang forever. If cabextract is exposed to any...
[SECURITY] Fedora 22 Update: libmspack-0.5-0.1.alpha.fc22
The purpose of libmspack is to provide both compression and decompression of some loosely related file formats used by Microsoft...
[SECURITY] Fedora 21 Update: libmspack-0.5-0.1.alpha.fc21
The purpose of libmspack is to provide both compression and decompression of some loosely related file formats used by Microsoft...
[SECURITY] Fedora 20 Update: libmspack-0.5-0.1.alpha.fc20
The purpose of libmspack is to provide both compression and decompression of some loosely related file formats used by Microsoft...
[SECURITY] Fedora 22 Update: suricata-2.0.7-1.fc22
The Suricata Engine is an Open Source Next Generation Intrusion Detection and Prevention Engine. This engine is not intended to just replace or emulate the existing tools in the industry, but will bring new ideas and technologies to the field. This new Engine supports Multi-threading, Automatic...
[SECURITY] Fedora 21 Update: suricata-2.0.7-1.fc21
The Suricata Engine is an Open Source Next Generation Intrusion Detection and Prevention Engine. This engine is not intended to just replace or emulate the existing tools in the industry, but will bring new ideas and technologies to the field. This new Engine supports Multi-threading, Automatic...
DEBIAN-CVE-2015-2188
epan/dissectors/packet-wcp.c in the WCP dissector in Wireshark 1.10.x before 1.10.13 and 1.12.x before 1.12.4 does not properly initialize a data structure, which allows remote attackers to cause a denial of service out-of-bounds read and application crash via a crafted packet that is improperly...
CVE-2015-2188
epan/dissectors/packet-wcp.c in the WCP dissector in Wireshark 1.10.x before 1.10.13 and 1.12.x before 1.12.4 does not properly initialize a data structure, which allows remote attackers to cause a denial of service out-of-bounds read and application crash via a crafted packet that is improperly...
CVE-2015-2188
epan/dissectors/packet-wcp.c in the WCP dissector in Wireshark 1.10.x before 1.10.13 and 1.12.x before 1.12.4 does not properly initialize a data structure, which allows remote attackers to cause a denial of service out-of-bounds read and application crash via a crafted packet that is improperly...
UBUNTU-CVE-2015-2188
epan/dissectors/packet-wcp.c in the WCP dissector in Wireshark 1.10.x before 1.10.13 and 1.12.x before 1.12.4 does not properly initialize a data structure, which allows remote attackers to cause a denial of service out-of-bounds read and application crash via a crafted packet that is improperly...
CVE-2015-2188
epan/dissectors/packet-wcp.c in the WCP dissector in Wireshark 1.10.x before 1.10.13 and 1.12.x before 1.12.4 does not properly initialize a data structure, which allows remote attackers to cause a denial of service out-of-bounds read and application crash via a crafted packet that is improperly...
UnAce buffer overflow vulnerability
UnAce is a decompression application. A security vulnerability exists in UnAce's handling of special files, allowing an attacker to exploit the vulnerability to crash the application...
Fedora 20 : pigz-2.3.3-1.fc20 (2015-1510)
Update to 2.3.3, fixes CVE-2015-1191 : - Return zero exit code when only warnings are issued - Increase speed of unlzw Unix compress decompression - Update zopfli to current google state - Allow larger maximum blocksize -b, now 512 MiB - Do not require that -d precede -N, -n, -T options - Strip a...
Fedora 21 : pigz-2.3.3-1.fc21 (2015-1488)
Update to 2.3.3, fixes CVE-2015-1191 : - Return zero exit code when only warnings are issued - Increase speed of unlzw Unix compress decompression - Update zopfli to current google state - Allow larger maximum blocksize -b, now 512 MiB - Do not require that -d precede -N, -n, -T options - Strip a...
Mandriva Linux Security Advisory : cabextract (MDVSA-2015:041)
Updated cabextract packages fix security vulnerability : Libmspack, a library to provide compression and decompression of some file formats used by Microsoft, is embedded in cabextract. A specially crafted cab file can cause cabextract to hang forever. If cabextract is exposed to any...
Libmspack CHM Decompression Denial of Service Vulnerability
Libmspack is a library of related Microsoft compression formats such as CAB, CHM, HLP, LIT, KWAJ and SZDD. A denial-of-service vulnerability exists in Libmspack CHM Decompression, which can be exploited by an attacker to crash an affected application and deny service to legitimate users...
Libmspack CHM Decompression Divide by Zero Denial of Service Vulnerability
Libmspack is a library of related Microsoft compression formats such as CAB, CHM, HLP, LIT, KWAJ and SZDD. Libmspack's handling of specially crafted CHM files suffers from a divide-by-zero denial-of-service vulnerability, which can be exploited by remote attackers to crash an application...
Updated cabextract packages fix CVE-2014-9556
Updated cabextract packages fix security vulnerability: Libmspack, a library to provide compression and decompression of some file formats used by Microsoft, is embedded in cabextract. A specially crafted cab file can cause cabextract to hang forever. If cabextract is exposed to any...
[SECURITY] Fedora 20 Update: suricata-2.0.6-1.fc20
The Suricata Engine is an Open Source Next Generation Intrusion Detection and Prevention Engine. This engine is not intended to just replace or emulate the existing tools in the industry, but will bring new ideas and technologies to the field. This new Engine supports Multi-threading, Automatic...