Lucene search
Ubuntu.comUB:CVE-2014-9732HistoryJun 11, 2015 - 12:00 a.m.
CVE-2014-9732
2015-06-1100:00:00
ubuntu.com
ubuntu.com
8
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
0.025 Low
EPSS
Percentile
90.2%
The cabd_extract function in cabd.c in libmspack before 0.5 does not
properly maintain decompression callbacks in certain cases where an invalid
file follows a valid file, which allows remote attackers to cause a denial
of service (NULL pointer dereference and application crash) via a crafted
CAB archive.
Bugs
Related
cvelist
cvelist
CVE-2014-9732
2015-06-11 14:00:00
prion
prion
Null pointer dereference
2015-06-11 14:59:00
cve
cve
CVE-2014-9732
2015-06-11 14:59:00
debiancve
debiancve
CVE-2014-9732
2015-06-11 14:59:00
nvd
nvd
CVE-2014-9732
2015-06-11 14:59:00
nessus
nessus
SUSE SLED11 Security Update : cabextract (SUSE-SU-2015:2131-1)
2015-12-01 00:00:00
SUSE SLED11 / SLES11 Security Update : libmspack (SUSE-SU-2015:2215-1)
2015-12-09 00:00:00
SUSE SLED12 / SLES12 Security Update : libmspack (SUSE-SU-2016:0011-1)
2016-01-12 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2015:2215-1)
2021-06-09 00:00:00
SUSE: Security Advisory (SUSE-SU-2016:0011-1)
2021-04-19 00:00:00
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
0.025 Low
EPSS
Percentile
90.2%
Related for UB:CVE-2014-9732