SUSE-SU-2015:0506-1 Security update for libmspack

libmspack was updated to fix one security issue. This security issue was fixed: - Possible DoS by infinite loop bnc912214, CVE-2014-9556 The previous fix was not fully fixing this problem...

[ MDVSA-2015:041 ] cabextract

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2015:041 http://www.mandriva.com/en/support/security/ Package : cabextract Date : February 10, 2015 Affected: Business Server 1.0 Problem Description: Updated cabextract packages fix security vulnerability:...

libmspack / cabextract DoS

Infinite loop on extraction...

Mandriva Linux Security Advisory : cabextract (MDVSA-2015:041)

Updated cabextract packages fix security vulnerability : Libmspack, a library to provide compression and decompression of some file formats used by Microsoft, is embedded in cabextract. A specially crafted cab file can cause cabextract to hang forever. If cabextract is exposed to any...

Libmspack 'mspack/lzxd.c' Memory Corruption Vulnerability

Libmspack is a library of related Microsoft compression formats such as CAB, CHM, HLP, LIT, KWAJ and SZDD. A memory corruption vulnerability exists in Libmspack 'mspack/lzxd.c', which can be exploited by an attacker to obtain sensitive information or launch a denial of service attack...

Libmspack CHM decompression pointer arithmetic denial of service vulnerability (CNVD-2015-00970)

Libmspack is a library of related Microsoft compression formats such as CAB, CHM, HLP, LIT, KWAJ and SZDD. A pointer arithmetic overflow denial of service vulnerability exists in Libmspack's handling of specially crafted CHM files, which can be exploited by remote attackers to crash an applicatio...

Libmspack mspack/lzxd.c Out-of-Bounds Read Denial of Service Vulnerability

Libmspack is a library of related Microsoft compression formats such as CAB, CHM, HLP, LIT, KWAJ and SZDD. An out-of-bounds read denial of service vulnerability in Libmspack mspack/lzxd.c allows attackers to exploit the vulnerability to crash an application...

Updated cabextract packages fix CVE-2014-9556

Updated cabextract packages fix security vulnerability: Libmspack, a library to provide compression and decompression of some file formats used by Microsoft, is embedded in cabextract. A specially crafted cab file can cause cabextract to hang forever. If cabextract is exposed to any...

CVE-2014-9556

Integer overflow in the qtmddecompress function in libmspack 0.4 allows remote attackers to cause a denial of service hang via a crafted CAB file, which triggers an infinite loop...

CVE-2014-9556

Integer overflow in the qtmddecompress function in libmspack 0.4 allows remote attackers to cause a denial of service hang via a crafted CAB file, which triggers an infinite loop...

DEBIAN-CVE-2014-9556

Integer overflow in the qtmddecompress function in libmspack 0.4 allows remote attackers to cause a denial of service hang via a crafted CAB file, which triggers an infinite loop...

UBUNTU-CVE-2014-9556

Integer overflow in the qtmddecompress function in libmspack 0.4 allows remote attackers to cause a denial of service hang via a crafted CAB file, which triggers an infinite loop...

CVE-2014-9556

Integer overflow in the qtmddecompress function in libmspack 0.4 allows remote attackers to cause a denial of service hang via a crafted CAB file, which triggers an infinite loop...

CVE-2014-9556

CVE-2014-9556 affects libmspack 0.4 with an integer overflow in qtmd_decompress that can be triggered by a crafted CAB file, causing a remote denial of service via an infinite loop. Connected advisories indicate the issue is addressed by updates in downstream packages (e.g., cabextract/libmspack)...

openSUSE Security Update : libmspack (openSUSE-SU-2015:0187-1)

libmspack was updated to fix a possible infinite loop caused DoS bnc912214, CVE-2014-9556. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2015-87. The text description of this plugin...

Libmspack 'qtmd.c' Infinite Loop Denial of Service Vulnerability

libmspack is a decompression program for various Microsoft packaging formats. Libmspack suffers from a denial of service vulnerability that can be exploited by an attacker to cause the application to enter an infinite loop, which can trigger a denial of service...

libmspack -- frame_end overflow which could cause infinite loop

There is a denial of service vulnerability in libmspack. The libmspack code is built into cabextract, so it is also vulnerable. MITRE reports: Integer overflow in the qtmddecompress function in libmspack 0.4 allows remote attackers to cause a denial of service hang via a crafted CAB file, which...

cabextract: Multiple vulnerabilities

Background cabextract is free software for extracting Microsoft cabinet files. Description Multiple vulnerabilities have been discovered in cabextract. Please review the CVE identifiers referenced below for details. Impact A remote attacker could entice a user to open a specially-crafted archive ...

Fedora Update for libmspack FEDORA-2010-14135

The remote host is missing an update for the SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Fedora 13 : cabextract-1.3-1.fc13 / libmspack-0.2-0.1.20100723alpha.fc13 (2010-14722)

The remote Fedora host is missing one or more security updates : cabextract-1.3-1.fc13 : - Mon Sep 13 2010 Dan Horak - 1.3-1 - updated to 1.3 - built with system copy of libmspack CVE-2010-2800 CVE-2010-2801 libmspack-0.2-0.1.20100723alpha.fc13 : - Mon Aug 30 2010 Dan Horak - 0.2-0.1.20100723alph...