Download
| Alert*
oval:org.secpod.oval:def:605216
libmspack0 is installed oval:org.secpod.oval:def:603062 libmspack0 is installed oval:org.secpod.oval:def:703771 libmspack: library for Microsoft compression formats Several security issues were fixed in libmspack. oval:org.secpod.oval:def:53117 It was discovered that libsmpack, a library used to handle Microsoft compression formats, did not properly validate its input. A remote attacker could craft malicious CAB or CHM files and use this flaw to cause a denial of service via application crash, or potentially execute arbitrary code. oval:org.secpod.oval:def:603057 It was discovered that libsmpack, a library used to handle Microsoft compression formats, did not properly validate its input. A remote attacker could craft malicious CAB or CHM files and use this flaw to cause a denial of service via application crash, or potentially execute arbitrary code. oval:org.secpod.oval:def:51878 libmspack: library for Microsoft compression formats Several security issues were fixed in libmspack. oval:org.secpod.oval:def:704247 libmspack: library for Microsoft compression formats Several security issues were fixed in libmspack. oval:org.secpod.oval:def:704383 libmspack: library for Microsoft compression formats Several security issues were fixed in libmspack. oval:org.secpod.oval:def:51163 libmspack: library for Microsoft compression formats Several security issues were fixed in libmspack. oval:org.secpod.oval:def:53384 Several vulnerabilities were discovered in libsmpack, a library used to handle Microsoft compression formats. A remote attacker could craft malicious CAB, CHM or KWAJ files and use these flaws to cause a denial of service via application crash, or potentially execute arbitrary code. oval:org.secpod.oval:def:51100 libmspack: library for Microsoft compression formats Several security issues were fixed in libmspack. oval:org.secpod.oval:def:603473 Several vulnerabilities were discovered in libsmpack, a library used to handle Microsoft compression formats. A remote attacker could craft malicious CAB, CHM or KWAJ files and use these flaws to cause a denial of service via application crash, or potentially execute arbitrary code. oval:org.secpod.oval:def:705079 libmspack: library for Microsoft compression formats libmspack could be made to expose sensitive information if it received a specially crafted CHM file. oval:org.secpod.oval:def:2005259 libmspack 0.9.1alpha is affected by: Buffer Overflow. The impact is: Information Disclosure. The component is: function chmd_read_headers in libmspack. The attack vector is: the victim must open a specially crafted chm file. The fixed version is: after commit 2f084136cfe0d05e5bf5703f3e83c6d955234b4d ... oval:org.secpod.oval:def:2000148 ** DISPUTED ** chmextract.c in the chmextract sample program, as distributed with libmspack before 0.8alpha, does not protect against absolute/relative pathnames in CHM files, leading to Directory Traversal. NOTE: the vendor disputes that this is a libmspack vulnerability, because chmextract.c was o ... |