DSA-4095-1 gcab -- gcabID: oval:org.secpod.oval:def:603249 | Date: (C)2018-02-05 (M)2023-12-20 |
Class: PATCH | Family: unix |
It was discovered that gcab, a Microsoft Cabinet file manipulation tool, is prone to a stack-based buffer overflow vulnerability when extracting .cab files. An attacker can take advantage of this flaw to cause a denial-of-service or, potentially the execution of arbitrary code with the privileges of the user running gcab, if a specially crafted .cab file is processed.
Product: |
gir1.2-libgcab-1.0 |
libgcab-doc |
libgcab-dev |
libgcab-1.0-0 |
gcab |