Low: Red Hat Security Advisory: libmspack security update

An update for libmspack is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

gcab, libgcab1 security update

CentOS Errata and Security Advisory CESA-2018:0350 An update for gcab is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

RHEL 7 : gcab (RHSA-2018:0350)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:0350 advisory. The gcab package contains a utility for managing the Cabinet archives. It can list, extract, and create Microsoft cabinet .cab files. Security Fixes:...

Debian DSA-4095-1 : gcab - security update

It was discovered that gcab, a Microsoft Cabinet file manipulation tool, is prone to a stack-based buffer overflow vulnerability when extracting .cab files. An attacker can take advantage of this flaw to cause a denial-of-service or, potentially the execution of arbitrary code with the privileges...

cabextract: Multiple vulnerabilities

Background cabextract is free software for extracting Microsoft cabinet files. Description Multiple vulnerabilities have been discovered in cabextract. Please review the CVE identifiers referenced below for details. Impact A remote attacker could entice a user to open a specially-crafted archive ...

Oracle Outside In Technology File Processing Arbitrary Code Execution Vulnerability

Oracle Outside In Technology components used by the Oracle Fusion Middleware applications contain a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code on the targeted system. The vulnerability exists due to incorrect processing of Lotus 1-2-3 spreadsheet...

CA Multiple Products AV Engine CAB Header Parsing Stack Overflow (CVE-2007-2864)

CA provides an anti-virus engine that is shared among multiple applications and products. The anti-virus engine is capable of scanning files stored in numerous archive format. One of these archive format is the Microsoft Cabinet CAB file format. A stack-based buffer overflow vulnerability has bee...

DSA-2087-1 cabextract - arbitrary code execution

Bulletin has no description...

Design/Logic Flaw

The InstallProduct routine in the Verisign VUpdater.Install aka i-Nav ActiveX control does not verify Microsoft Cabinet .CAB files, which allows remote attackers to run an arbitrary executable file...

CVE-2006-2273

The InstallProduct routine in the Verisign VUpdater.Install aka i-Nav ActiveX control does not verify Microsoft Cabinet .CAB files, which allows remote attackers to run an arbitrary executable file...