Showing 1 - 3 of 3

CVE-2017-11423

Status Candidate

Overview

The cabd_read_string function in mspack/cabd.c in libmspack 0.5alpha, as used in ClamAV 0.99.2 and other products, allows remote attackers to cause a denial of service (stack-based buffer over-read and application crash) via a crafted CAB file.

Related Files

Gentoo Linux Security Advisory 201804-16: Posted Apr 23, 2018; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory 201804-16 - Multiple vulnerabilities have been found in ClamAV, the worst of which may allow remote attackers to execute arbitrary code. Versions less than 0.99.4 are affected.; tags | advisory, remote, arbitrary, vulnerability; systems | linux, gentoo; advisories | CVE-2012-6706, CVE-2017-11423, CVE-2017-6418, CVE-2017-6419, CVE-2017-6420, CVE-2018-0202, CVE-2018-1000085; SHA-256 | 226978b0f937cb909624ee469a0860710a9405d8025f924fe1f98de9f9477c57; Download | Favorite | View

Debian Security Advisory 3946-1: Posted Aug 18, 2017; Authored by Debian | Site debian.org; Debian Linux Security Advisory 3946-1 - It was discovered that libsmpack, a library used to handle Microsoft compression formats, did not properly validate its input. A remote attacker could craft malicious CAB or CHM files and use this flaw to cause a denial of service via application crash, or potentially execute arbitrary code.; tags | advisory, remote, denial of service, arbitrary; systems | linux, debian; advisories | CVE-2017-11423, CVE-2017-6419; SHA-256 | f47f97c1d334842dbab2f91a059aa75ba333f05e615f47600a55aeb3d96c72b0; Download | Favorite | View

Ubuntu Security Notice USN-3394-1: Posted Aug 17, 2017; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 3394-1 - It was discovered that libmspack incorrectly handled certain malformed CHM files. A remote attacker could use this issue to cause libmspack to crash, resulting in a denial of service, or possibly execute arbitrary code. It was discovered that libmspack incorrectly handled certain malformed CAB files. A remote attacker could use this issue to cause libmspack to crash, resulting in a denial of service. Various other issues were also addressed.; tags | advisory, remote, denial of service, arbitrary; systems | linux, ubuntu; advisories | CVE-2017-11423, CVE-2017-6419; SHA-256 | a0b46445e4ab459c8be9a3fd485694f68d4bf328d55a6fb5e5126ac7307c6fb0; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 247 files
Ubuntu 90 files
indoushka 54 files
Jasper Nota 25 files
Willem Westerhof 19 files
Debian 13 files
Gentoo 11 files
Jim Blankendaal 11 files
Apple 9 files
Martijn Baalman 9 files

File Archives

Systems

AIX (429)
Apple (2,099)
BSD (377)
CentOS (58)
Cisco (1,927)
Debian (7,087)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,534)
HPUX (880)
iOS (378)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (50,608)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,440)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,726)
UNIX (9,433)
UnixWare (187)
Windows (6,668)
Other

CVE-2017-11423

Overview

Related Files

File Archive:

August 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems