Описание
Security update for cabextract
This security update fixes the following issues:
- Fix possible infinite loop caused DoS (bsc919283, CVE-2014-9556)
- Fix zero dereference (bsc#934524, CVE-2014-9732)
- Fix off by one (bsc#934527, CVE-2015-4470)
- Fix buffer under-read crash (bsc#934528, CVE-2015-4471)
Список пакетов
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Desktop 11 SP4
Ссылки
- Link for SUSE-SU-2015:2131-1
- E-Mail link for SUSE-SU-2015:2131-1
- SUSE Security Ratings
- SUSE Bug 934524
- SUSE Bug 934527
- SUSE Bug 934528
- SUSE CVE CVE-2014-9556 page
- SUSE CVE CVE-2014-9732 page
- SUSE CVE CVE-2015-4470 page
- SUSE CVE CVE-2015-4471 page
Описание
Integer overflow in the qtmd_decompress function in libmspack 0.4 allows remote attackers to cause a denial of service (hang) via a crafted CAB file, which triggers an infinite loop.
Затронутые продукты
Ссылки
- CVE-2014-9556
- SUSE Bug 912214
- SUSE Bug 919283
- SUSE Bug 934533
Описание
The cabd_extract function in cabd.c in libmspack before 0.5 does not properly maintain decompression callbacks in certain cases where an invalid file follows a valid file, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted CAB archive.
Затронутые продукты
Ссылки
- CVE-2014-9732
- SUSE Bug 934524
- SUSE Bug 934533
Описание
Off-by-one error in the inflate function in mszipd.c in libmspack before 0.5 allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted CAB archive.
Затронутые продукты
Ссылки
- CVE-2015-4470
- SUSE Bug 934527
- SUSE Bug 934533
Описание
Off-by-one error in the lzxd_decompress function in lzxd.c in libmspack before 0.5 allows remote attackers to cause a denial of service (buffer under-read and application crash) via a crafted CAB archive.
Затронутые продукты
Ссылки
- CVE-2015-4471
- SUSE Bug 934528
- SUSE Bug 934533