Lucene search
+L

33 matches found

CNNVD
CNNVD
added 2022/02/09 12:0 a.m.5 views

F-Secure antivirus engine 安全漏洞

F-secure F-Secure antivirus engine is a security engine from the Finnish company F-Secure F-secure. A security vulnerability exists in F-Secure antivirus engine, which originates from the decompression of an ACE file that causes the scanner service to stop. An attacker can remotely exploit the...

5.3CVSS5.8AI score0.00657EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2019/04/12 12:0 a.m.4 views

The vulnerability of the Libmspack library and the CAB-file decompression utility SabExtract, which allows a hacker to execute arbitrary code or cause a service failure.

The vulnerability of the Libmspack library mspack/cab.h and the CAB-file decompression utilities provided by SabExtract are related to memory buffer overflow attacks. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or cause system failures remotely...

8.6CVSS7.5AI score0.03086EPSS
Exploits0References4Affected Software5
ATTACKERKB
ATTACKERKB
added 2018/10/10 1:29 p.m.3 views

CVE-2018-8413

A remote code execution vulnerability exists when "Windows Theme API" does not properly decompress files, aka "Windows Theme API Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows...

9.3CVSS6.6AI score0.46406EPSS
Exploits3References5
CVE
CVE
added 2017/11/22 7:0 p.m.60 views

CVE-2017-2693

CVE-2017-2693 is a path traversal vulnerability affecting Huawei EMUI prior to certain fixes, enabling an attacker to decompress malicious files to a target path during unzip operations. The CVE entry is corroborated across sources (NVD, CNVD, CVE listing) with Huawei EMUI versions impacted (as l...

7.8CVSS7.5AI score0.01052EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2016/09/25 11:41 a.m.11 views

MGASA-2016-0318 Updated libarchive packages fix security vulnerability

The updated packages fix several security vulnerabilities: A flaw was found in the way libarchive handled hardlink archive entries of non-zero size. Combined with flaws in libarchive's file system sandboxing, this issue could cause an application using libarchive to overwrite arbitrary files with...

7.5CVSS7.9AI score0.04707EPSS
Exploits1References10
CNVD
CNVD
added 2015/05/20 12:0 a.m.5 views

unzoo 'EntrReadArch' function buffer overflow vulnerability

unzoo is a file decompression package. A buffer overflow vulnerability exists in the 'EntrReadArch' function of unzoo. A remote attacker could exploit this vulnerability to execute arbitrary code...

10CVSS7.9AI score0.05937EPSS
Exploits0References1
CNVD
CNVD
added 2015/02/06 12:0 a.m.5 views

Libmspack CHM Decompression Divide by Zero Denial of Service Vulnerability

Libmspack is a library of related Microsoft compression formats such as CAB, CHM, HLP, LIT, KWAJ and SZDD. Libmspack's handling of specially crafted CHM files suffers from a divide-by-zero denial-of-service vulnerability, which can be exploited by remote attackers to crash an application...

6.9AI score
Exploits0References1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2008/05/20 3:0 p.m.3 views

Lhaplus buffer overflow vulnerability

Overview Lhaplus, file compression/decompression software supporting multiple compression file formats, contains a buffer overflow vulnerability. Lhaplus, file compression/decompression software supporting multiple compression file formats, contains a buffer overflow vulnerability. If a user...

7.5CVSS7.8AI score0.03481EPSS
Exploits0References10
exploitpack
exploitpack
added 2007/05/04 12:0 a.m.16 views

ZOO - .ZOO Decompression Infinite Loop Denial of Service (PoC)

ZOO - .ZOO Decompression Infinite Loop Denial of Service PoC / Exploit for the vulnerability: Multiple vendors ZOO file decompression infinite loop DoS coded by Jean-Sébastien Guay-Leroux September 2006 / include include include // Structure of a ZOO header define ZOOHEADERSIZE 0x0000002a define...

0.9AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2007/03/05 12:0 a.m.30 views

Kaspersky Anti-Virus UPX File Decompression DoS

The version of Kaspersky Anti-Virus installed on the remote host reportedly may enter an infinite loop when it attempts to process an executable with specially crafted compressed UPX data. A remote attacker may be able to exploit this issue to cause the affected host to consume all available CPU...

7.8CVSS5.6AI score0.02916EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2002/10/24 12:0 a.m.31 views

MS02-054: Unchecked Buffer in File Decompression Functions Could Lead to Code Execution (329048)

The remote host contains a version of Windows that has a security flaw in the compressed files ZIP implementation. An attacker can exploit this flaw by sending a malicious zip file to the remote user. When the user opens the file with Explorer, arbitrary code will be executed. C Tenable Network...

7.5CVSS5.8AI score0.43298EPSS
Exploits0References3
securityvulns
securityvulns
added 2002/10/03 12:0 a.m.45 views

Security Bulletin MS02-054: Unchecked Buffer in File Decompression Functions Could Lead to Code Execution (Q329048)

---------------------------------------------------------------------- Title: Unchecked Buffer in File Decompression Functions Could Lead to Code Execution Q329048 Date: 02 October 2002 Software: Microsoft Windows 98 with Plus! Pack, Windows Me, or Windows XP Impact: Two vulnerabilities, the most...

7.7AI score
Exploits0
CERT
CERT
added 2002/10/02 12:0 a.m.61 views

ZIP archives containing files with large filenames can cause buffer overflows

Overview Multiple file decompression utilities contain buffer overflow vulnerabilities for which the impacts vary. Description Researchers at Rapid7, Inc. have discovered that multiple file decompression utilities are susceptible to buffer overflows as a result of large filenames embedded in...

7.5CVSS7.2AI score0.43298EPSS
Exploits0References1
Rows per page
Query Builder