Vulnerabilities affecting this package (0)
| Vulnerability |
Summary |
Fixed by |
|
This package is not known to be affected by vulnerabilities.
|
Vulnerabilities fixed by this package (6)
| Vulnerability |
Summary |
Aliases |
|
VCID-35vw-agja-w7du
|
Integer overflow in the qtmd_decompress function in libmspack 0.4 allows remote attackers to cause a denial of service (hang) via a crafted CAB file, which triggers an infinite loop.
|
CVE-2014-9556
|
|
VCID-gc7q-6qf2-73dw
|
Multiple vulnerabilities have been found in cabextract and
libmspack, the worst of which could result in a Denial of Service.
|
CVE-2018-18584
|
|
VCID-gjcf-7y4r-uke7
|
Directory traversal vulnerability in cabextract before 1.1 allows remote attackers to overwrite arbitrary files via a cabinet file containing .. (dot dot) sequences in a filename.
|
CVE-2004-0916
|
|
VCID-kqtz-dk8x-83c3
|
Multiple vulnerabilities have been found in cabextract, allowing
remote attackers to execute arbitrary code or cause a Denial of Service
condition.
|
CVE-2010-2801
|
|
VCID-wmcy-fbqv-jyad
|
cabextract before 1.6 does not properly check for leading slashes when extracting files, which allows remote attackers to conduct absolute directory traversal attacks via a malformed UTF-8 character that is changed to a UTF-8 encoded slash.
|
CVE-2015-2060
|
|
VCID-y8y2-py26-x7fn
|
Multiple vulnerabilities have been found in cabextract, allowing
remote attackers to execute arbitrary code or cause a Denial of Service
condition.
|
CVE-2010-2800
|