33 matches found
F-Secure antivirus engine 安全漏洞
F-secure F-Secure antivirus engine is a security engine from the Finnish company F-Secure F-secure. A security vulnerability exists in F-Secure antivirus engine, which originates from the decompression of an ACE file that causes the scanner service to stop. An attacker can remotely exploit the...
The vulnerability of the Libmspack library and the CAB-file decompression utility SabExtract, which allows a hacker to execute arbitrary code or cause a service failure.
The vulnerability of the Libmspack library mspack/cab.h and the CAB-file decompression utilities provided by SabExtract are related to memory buffer overflow attacks. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or cause system failures remotely...
CVE-2018-8413
A remote code execution vulnerability exists when "Windows Theme API" does not properly decompress files, aka "Windows Theme API Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows...
CVE-2017-2693
CVE-2017-2693 is a path traversal vulnerability affecting Huawei EMUI prior to certain fixes, enabling an attacker to decompress malicious files to a target path during unzip operations. The CVE entry is corroborated across sources (NVD, CNVD, CVE listing) with Huawei EMUI versions impacted (as l...
MGASA-2016-0318 Updated libarchive packages fix security vulnerability
The updated packages fix several security vulnerabilities: A flaw was found in the way libarchive handled hardlink archive entries of non-zero size. Combined with flaws in libarchive's file system sandboxing, this issue could cause an application using libarchive to overwrite arbitrary files with...
unzoo 'EntrReadArch' function buffer overflow vulnerability
unzoo is a file decompression package. A buffer overflow vulnerability exists in the 'EntrReadArch' function of unzoo. A remote attacker could exploit this vulnerability to execute arbitrary code...
Libmspack CHM Decompression Divide by Zero Denial of Service Vulnerability
Libmspack is a library of related Microsoft compression formats such as CAB, CHM, HLP, LIT, KWAJ and SZDD. Libmspack's handling of specially crafted CHM files suffers from a divide-by-zero denial-of-service vulnerability, which can be exploited by remote attackers to crash an application...
Lhaplus buffer overflow vulnerability
Overview Lhaplus, file compression/decompression software supporting multiple compression file formats, contains a buffer overflow vulnerability. Lhaplus, file compression/decompression software supporting multiple compression file formats, contains a buffer overflow vulnerability. If a user...
ZOO - .ZOO Decompression Infinite Loop Denial of Service (PoC)
ZOO - .ZOO Decompression Infinite Loop Denial of Service PoC / Exploit for the vulnerability: Multiple vendors ZOO file decompression infinite loop DoS coded by Jean-Sébastien Guay-Leroux September 2006 / include include include // Structure of a ZOO header define ZOOHEADERSIZE 0x0000002a define...
Kaspersky Anti-Virus UPX File Decompression DoS
The version of Kaspersky Anti-Virus installed on the remote host reportedly may enter an infinite loop when it attempts to process an executable with specially crafted compressed UPX data. A remote attacker may be able to exploit this issue to cause the affected host to consume all available CPU...
MS02-054: Unchecked Buffer in File Decompression Functions Could Lead to Code Execution (329048)
The remote host contains a version of Windows that has a security flaw in the compressed files ZIP implementation. An attacker can exploit this flaw by sending a malicious zip file to the remote user. When the user opens the file with Explorer, arbitrary code will be executed. C Tenable Network...
Security Bulletin MS02-054: Unchecked Buffer in File Decompression Functions Could Lead to Code Execution (Q329048)
---------------------------------------------------------------------- Title: Unchecked Buffer in File Decompression Functions Could Lead to Code Execution Q329048 Date: 02 October 2002 Software: Microsoft Windows 98 with Plus! Pack, Windows Me, or Windows XP Impact: Two vulnerabilities, the most...
ZIP archives containing files with large filenames can cause buffer overflows
Overview Multiple file decompression utilities contain buffer overflow vulnerabilities for which the impacts vary. Description Researchers at Rapid7, Inc. have discovered that multiple file decompression utilities are susceptible to buffer overflows as a result of large filenames embedded in...