3 matches found
Directory Traversal
cabextract is vulnerable to directory traversal. Lack of proper checking for leading slashes when extracting files allows remote attackers to perform directory traversal attacks via a malformed UTF-8 characters that are changed to a UTF-8 encoded slash...
Huawei EulerOS: Security Advisory for less (EulerOS-SA-2020-1770)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2014-9488
CVE-2014-9488 affects the is_utf8_well_formed() function in GNU less up to version 475, enabling an out-of-bounds read via malformed UTF-8 data. Connected advisories report this as a fixed issue in various distributions (e.g., SUSE/SUSE-SU-2020:2687-1; Mageia MGASA-2015-0139; openSUSE updates; Eu...