Oracle Linux 7 : libmspack (ELSA-2020-3848)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2020-3848 advisory. 0.5-0.8.alpha - Fix for CVE-2019-1010305 resolves: rhbz1736744 Tenable has extracted the preceding description block directly from the Oracle Linux security...

libmspack security update

0.5-0.8.alpha - Fix for CVE-2019-1010305 resolves: rhbz1736744...

libmspack: buffer overflow in function chmd_read_headers()

libmspack 0.9.1alpha is affected by: Buffer Overflow. The impact is: Information Disclosure. The component is: function chmdreadheaders in libmspackfile libmspack/mspack/chmd.c. The attack vector is: the victim must open a specially crafted chm file. The fixed version is: after commit...

Low: Red Hat Security Advisory: libmspack security update

An update for libmspack is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

SUSE-SU-2020:2711-1 Security update for libmspack

This update for libmspack fixes the following issues: Security issues fixed: - CVE-2019-1010305: Fixed a buffer overflow triggered by a crafted chm file which could have led to information disclosure bsc1141680. - CVE-2018-18584: The CAB block input buffer was one byte too small for the maximal...

SUSE SLED15 / SLES15 Security Update : libmspack (SUSE-SU-2020:1493-1)

This update for libmspack fixes the following issues : Security issue fixed : CVE-2019-1010305: Fixed a buffer overflow triggered by a crafted chm file which could have led to information disclosure bsc1141680. Other issue addressed : Enable build-time tests bsc1130489 Note that Tenable Network...

openSUSE: Security Advisory for libmspack (openSUSE-SU-2020:0746-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

openSUSE Security Update : libmspack (openSUSE-2020-746)

This update for libmspack fixes the following issues : Security issue fixed : - CVE-2019-1010305: Fixed a buffer overflow triggered by a crafted chm file which could have led to information disclosure bsc1141680. Other issue addressed : - Enable build-time tests bsc1130489 This update was importe...

OPENSUSE-SU-2020:0746-1 Security update for libmspack

This update for libmspack fixes the following issues: Security issue fixed: - CVE-2019-1010305: Fixed a buffer overflow triggered by a crafted chm file which could have led to information disclosure bsc1141680. Other issue addressed: - Enable build-time tests bsc1130489 This update was imported...

Security update for libmspack (low)

openSUSE Security Update: Security update for libmspack Announcement ID: openSUSE-SU-2020:0746-1 Rating: low References: 1130489 1141680 Cross-References: CVE-2019-1010305 Affected Products: openSUSE Leap 15.1 An update that solves one vulnerability and has one errata is now available. Descriptio...

Arbitrary Code Execution

libmspack is vulnerable to arbitrary code execution. A stack-based buffer overflow in the function cabdreadstring function in mspack/cabd.c allows a remote attacker to execute arbitrary code on the system or cause an application crash via a malicious CAB file...

Photon OS 3.0: Libmspack PHSA-2020-3.0-0085

An update of the libmspack package has been released. C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2020-3.0-0085. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid136346;...

libmspack security and bug fix update

0.7-0.2.alpha.4 - Fix for CVE-2019-1010305 - Remove 'fix' for CVE-2018-14680 as this fix is included in base tar ball. resolves: rhbz1736745, rhbz1736743 0.7-0.2.alpha.3 - Add gating tests resolves: rhbz1682770...

Important Photon OS Security Update - PHSA-2020-0085

Updates of 'libmspack', 'docker' packages of Photon OS have been released...

Important Photon OS Security Update - PHSA-2020-3.0-0085

Updates of 'docker', 'libmspack' packages of Photon OS have been released...

The vulnerability of the kwajd_read_headers function in the Libmspack library and the CAB-file decompression tool SABExtract allows a hacker to cause a service failure.

The vulnerability of the kwajdreadheaders function in the Libmspack library and the CAB-file decompression utility SabExtract is related to writing beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to cause a service failure using a KWAJ format file...

libmspack: buffer overflow in function chmd_read_headers()

libmspack 0.9.1alpha is affected by: Buffer Overflow. The impact is: Information Disclosure. The component is: function chmdreadheaders in libmspackfile libmspack/mspack/chmd.c. The attack vector is: the victim must open a specially crafted chm file. The fixed version is: after commit...

Low: Red Hat Security Advisory: libmspack security and bug fix update

An update for libmspack is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

ALSA-2020:1686 Low: libmspack security and bug fix update

The libmspack packages contain a library providing compression and extraction of the Cabinet CAB file format used by Microsoft. Security Fixes: libmspack: buffer overflow in function chmdreadheaders CVE-2019-1010305 For more details about the security issues, including the impact, a CVSS score,...

RLSA-2020:1686 Low: libmspack security and bug fix update

The libmspack packages contain a library providing compression and extraction of the Cabinet CAB file format used by Microsoft. Security Fixes: libmspack: buffer overflow in function chmdreadheaders CVE-2019-1010305 For more details about the security issues, including the impact, a CVSS score,...