Exploit the possiblities
Showing 1 - 4 of 4 RSS Feed

CVE-2017-6419

Status Candidate

Overview

mspack/lzxd.c in libmspack 0.5alpha, as used in ClamAV 0.99.2, allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted CHM file.

Related Files

Debian Security Advisory 3946-1
Posted Aug 18, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3946-1 - It was discovered that libsmpack, a library used to handle Microsoft compression formats, did not properly validate its input. A remote attacker could craft malicious CAB or CHM files and use this flaw to cause a denial of service via application crash, or potentially execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, debian
advisories | CVE-2017-11423, CVE-2017-6419
MD5 | 41203652aeeaba8153a6dec73c153cfa
Ubuntu Security Notice USN-3393-2
Posted Aug 18, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3393-2 - USN-3393-1 fixed several vulnerabilities in ClamAV. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that ClamAV incorrectly handled parsing certain e- mail messages. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, vulnerability
systems | linux, ubuntu
advisories | CVE-2017-6418, CVE-2017-6419, CVE-2017-6420
MD5 | 3c6110b7ada194e5b8f653a22bc2baec
Ubuntu Security Notice USN-3394-1
Posted Aug 17, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3394-1 - It was discovered that libmspack incorrectly handled certain malformed CHM files. A remote attacker could use this issue to cause libmspack to crash, resulting in a denial of service, or possibly execute arbitrary code. It was discovered that libmspack incorrectly handled certain malformed CAB files. A remote attacker could use this issue to cause libmspack to crash, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2017-11423, CVE-2017-6419
MD5 | 4f87d43d2be9a216285585808f4b1c2e
Ubuntu Security Notice USN-3393-1
Posted Aug 17, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3393-1 - It was discovered that ClamAV incorrectly handled parsing certain e-mail messages. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service. It was discovered that ClamAV incorrectly handled certain malformed CHM files. A remote attacker could use this issue to cause ClamAV to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 LTS. In the default installation, attackers would be isolated by the ClamAV AppArmor profile. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2017-6418, CVE-2017-6419, CVE-2017-6420
MD5 | 838ab7426ef1a766d55b7c8f9669078f
Page 1 of 1
Back1Next

File Archive:

December 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    15 Files
  • 2
    Dec 2nd
    2 Files
  • 3
    Dec 3rd
    1 Files
  • 4
    Dec 4th
    15 Files
  • 5
    Dec 5th
    15 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    17 Files
  • 8
    Dec 8th
    15 Files
  • 9
    Dec 9th
    13 Files
  • 10
    Dec 10th
    4 Files
  • 11
    Dec 11th
    41 Files
  • 12
    Dec 12th
    44 Files
  • 13
    Dec 13th
    25 Files
  • 14
    Dec 14th
    15 Files
  • 15
    Dec 15th
    28 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close