17 matches found
EUVD-2015-4489
Malware in sbrugna...
SUSE-SU-2022:0069-1 Security update for libmspack
This update for libmspack fixes the following issues: - CVE-2018-18586: Fixed directory traversal in chmextract by adding anti '../' and leading slash protection bsc1113040...
OPENSUSE-SU-2021:1200-1 Security update for libmspack
This update for libmspack fixes the following issues: - CVE-2018-14681: Bad KWAJ file header extensions could cause a one or two byte overwrite. bsc1103032 - CVE-2018-14682: There is an off-by-one error in the TOLOWER macro for CHM decompression. bsc1103032 - CVE-2018-14679: There is an off-by-on...
OPENSUSE-SU-2021:2802-1 Security update for libmspack
This update for libmspack fixes the following issues: - CVE-2018-14681: Bad KWAJ file header extensions could cause a one or two byte overwrite. bsc1103032 - CVE-2018-14682: There is an off-by-one error in the TOLOWER macro for CHM decompression. bsc1103032 - CVE-2018-14679: There is an off-by-on...
SUSE-SU-2021:2765-1 Security update for libmspack
This update for libmspack fixes the following issues: - CVE-2018-14681: Bad KWAJ file header extensions could cause a one or two byte overwrite. bsc1103032 - CVE-2018-14682: There is an off-by-one error in the TOLOWER macro for CHM decompression. bsc1103032...
Low: Red Hat Security Advisory: libmspack security update
An update for libmspack is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...
SUSE-SU-2020:2711-1 Security update for libmspack
This update for libmspack fixes the following issues: Security issues fixed: - CVE-2019-1010305: Fixed a buffer overflow triggered by a crafted chm file which could have led to information disclosure bsc1141680. - CVE-2018-18584: The CAB block input buffer was one byte too small for the maximal...
Updated libmspack packages fix security vulnerability
Updated libmspack packages fix security vulnerability: It was discovered that libmspack incorrectly handled certain CHM files. A remote attacker could possibly use this issue to access sensitive information CVE-2019-1010305...
DLA-1895-1 libmspack - security update
Bulletin has no description...
SUSE-SU-2019:13992-1 Security update for libmspack
This update for libmspack fixes the following issues: Security issues fixed: - CVE-2018-18584: The CAB block input buffer was one byte too small for the maximal Quantum block, leading to an out-of-bounds write. bsc1113038 - CVE-2018-18585: chmdreadheaders accepted a filename that has '\0' as its...
SUSE-SU-2019:0748-1 Security update for libmspack
This update for libmspack fixes the following issues: Security issues fixed: - CVE-2018-18584: The CAB block input buffer was one byte too small for the maximal Quantum block, leading to an out-of-bounds write. bsc1113038 - CVE-2018-18585: chmdreadheaders accepted a filename that has '\0' as its...
MGASA-2018-0455 Updated libmspack/cabextract packages fix security vulnerabilities
Hanno Böck discovered that libmspack incorrectly handled certain CHM files. An attacker could possibly use this issue to cause a denial of service CVE-2018-14679, CVE-2018-14680. Jakub Wilk discovered that libmspack incorrectly handled certain KWAJ files. An attacker could possibly use this issue...
DLA-1555-1 libmspack - security update
Bulletin has no description...
DLA-1460-1 libmspack - security update
Bulletin has no description...
DSA-3946-1 libmspack - security update
Bulletin has no description...
SUSE-SU-2016:0011-1 Security update for libmspack
libmspack was updated to fix security issues. These security issues were fixed: CVE-2014-9732: The cabdextract function in cabd.c in libmspack did not properly maintain decompression callbacks in certain cases where an invalid file follows a valid file, which allowed remote attackers to cause a...
openSUSE Security Update : libmspack (openSUSE-2015-208)
This update fixes previous security update, which was not considered as complete. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2015-208. The text description of this plugin is C SU...