Search for packages
| purl | pkg:deb/debian/cabextract@1.1-1 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-35vw-agja-w7du
Aliases: CVE-2014-9556 |
Integer overflow in the qtmd_decompress function in libmspack 0.4 allows remote attackers to cause a denial of service (hang) via a crafted CAB file, which triggers an infinite loop. |
Affected by 1 other vulnerability. |
|
VCID-gc7q-6qf2-73dw
Aliases: CVE-2018-18584 |
Multiple vulnerabilities have been found in cabextract and libmspack, the worst of which could result in a Denial of Service. |
Affected by 1 other vulnerability. |
|
VCID-kqtz-dk8x-83c3
Aliases: CVE-2010-2801 |
Multiple vulnerabilities have been found in cabextract, allowing remote attackers to execute arbitrary code or cause a Denial of Service condition. |
Affected by 3 other vulnerabilities. |
|
VCID-wmcy-fbqv-jyad
Aliases: CVE-2015-2060 |
cabextract before 1.6 does not properly check for leading slashes when extracting files, which allows remote attackers to conduct absolute directory traversal attacks via a malformed UTF-8 character that is changed to a UTF-8 encoded slash. |
Affected by 0 other vulnerabilities. |
|
VCID-y8y2-py26-x7fn
Aliases: CVE-2010-2800 |
Multiple vulnerabilities have been found in cabextract, allowing remote attackers to execute arbitrary code or cause a Denial of Service condition. |
Affected by 3 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-gjcf-7y4r-uke7 | Directory traversal vulnerability in cabextract before 1.1 allows remote attackers to overwrite arbitrary files via a cabinet file containing .. (dot dot) sequences in a filename. |
CVE-2004-0916
|