VulnerableCode Package Details - pkg:deb/debian/libmspack@0.5-1?distro=trixie

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-6mc3-fgw8-5qby	Multiple vulnerabilities have been found in Adobe Flash Player, the worst of which allows remote attackers to execute arbitrary code.	CVE-2015-4472
VCID-76q9-uw9b-a7fa	The cabd_extract function in cabd.c in libmspack before 0.5 does not properly maintain decompression callbacks in certain cases where an invalid file follows a valid file, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted CAB archive.	CVE-2014-9732
VCID-aa1x-d19y-sqgg	Off-by-one error in the inflate function in mszipd.c in libmspack before 0.5 allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted CAB archive.	CVE-2015-4470
VCID-km35-kh9p-xffn	Off-by-one error in the lzxd_decompress function in lzxd.c in libmspack before 0.5 allows remote attackers to cause a denial of service (buffer under-read and application crash) via a crafted CAB archive.	CVE-2015-4471

Vulnerability

Summary

Aliases

VCID-6mc3-fgw8-5qby

Multiple vulnerabilities have been found in Adobe Flash Player, the worst of which allows remote attackers to execute arbitrary code.

CVE-2015-4472

VCID-76q9-uw9b-a7fa

The cabd_extract function in cabd.c in libmspack before 0.5 does not properly maintain decompression callbacks in certain cases where an invalid file follows a valid file, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted CAB archive.

CVE-2014-9732

VCID-aa1x-d19y-sqgg

Off-by-one error in the inflate function in mszipd.c in libmspack before 0.5 allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted CAB archive.

CVE-2015-4470

VCID-km35-kh9p-xffn

Off-by-one error in the lzxd_decompress function in lzxd.c in libmspack before 0.5 allows remote attackers to cause a denial of service (buffer under-read and application crash) via a crafted CAB archive.

CVE-2015-4471

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T11:32:49.820931+00:00	Debian Importer	Fixing	VCID-76q9-uw9b-a7fa	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T11:21:04.999293+00:00	Debian Importer	Fixing	VCID-6mc3-fgw8-5qby	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T11:20:19.610651+00:00	Debian Importer	Fixing	VCID-aa1x-d19y-sqgg	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T10:42:25.993895+00:00	Debian Importer	Fixing	VCID-km35-kh9p-xffn	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-13T07:52:15.923286+00:00	Debian Importer	Fixing	VCID-76q9-uw9b-a7fa	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T07:43:39.726277+00:00	Debian Importer	Fixing	VCID-6mc3-fgw8-5qby	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T07:43:02.583108+00:00	Debian Importer	Fixing	VCID-aa1x-d19y-sqgg	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T07:14:31.110655+00:00	Debian Importer	Fixing	VCID-km35-kh9p-xffn	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-03T07:29:05.497234+00:00	Debian Importer	Fixing	VCID-6mc3-fgw8-5qby	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:29:05.456474+00:00	Debian Importer	Fixing	VCID-km35-kh9p-xffn	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:29:05.415343+00:00	Debian Importer	Fixing	VCID-aa1x-d19y-sqgg	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:29:05.251107+00:00	Debian Importer	Fixing	VCID-76q9-uw9b-a7fa	https://security-tracker.debian.org/tracker/data/json	38.1.0