CVE-2015-2060
https://notcve.org/view.php?id=CVE-2015-2060
cabextract before 1.6 does not properly check for leading slashes when extracting files, which allows remote attackers to conduct absolute directory traversal attacks via a malformed UTF-8 character that is changed to a UTF-8 encoded slash. cabextract versiones anteriores a 1.6, no comprueba apropiadamente las barras diagonales cuando se extraen archivos, lo que permite a atacantes remotos realizar ataques de salto de directorio absolutos por medio de un carácter UTF-8 malformado que es cambiado a una barra diagonal codificada UTF-8. • http://lists.fedoraproject.org/pipermail/package-announce/2015-March/151145.html http://lists.fedoraproject.org/pipermail/package-announce/2015-March/151147.html http://www.cabextract.org.uk http://www.mandriva.com/security/advisories?name=MDVSA-2015:064 http://www.openwall.com/lists/oss-security/2015/02/18/3 http://www.openwall.com/lists/oss-security/2015/02/23/16 http://www.openwall.com/lists/oss-security/2015/02/23/24 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVE-2010-2800
https://notcve.org/view.php?id=CVE-2010-2800
The MS-ZIP decompressor in cabextract before 1.3 allows remote attackers to cause a denial of service (infinite loop) via a malformed MSZIP archive in a .cab file during a (1) test or (2) extract action, related to the libmspack library. El de-compresor MS-ZIP en cabextract anteriores a v1.3 permite a atacantes remotos provocar una denegación de servicio (bucle infinito) a través de un fichero MSZIP manipulado en un fichero .cab durante un (1) test o (2) acción extract, relacionado con la librería libmspack. • http://bugs.gentoo.org/show_bug.cgi?id=329891 http://libmspack.svn.sourceforge.net/viewvc/libmspack?view=revision&revision=90 http://libmspack.svn.sourceforge.net/viewvc/libmspack?view=revision&revision=95 http://marc.info/?l=oss-security&m=128076168623266&w=2 http://marc.info/? • CWE-399: Resource Management Errors •
CVE-2010-2801
https://notcve.org/view.php?id=CVE-2010-2801
Integer signedness error in the Quantum decompressor in cabextract before 1.3, when archive test mode is used, allows user-assisted remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Quantum archive in a .cab file, related to the libmspack library. Error de presencia de signo en el decompresor Quantum en cabextract anteriores a v1.3, cuando está activado el modo test, permite a atacantes remotos asistidos por usuarios, provocar una denegación de servicio (caída de la aplicación) o posiblemente ejecución de código de su elección a través de un fichero Quatum modificado en un fichero .cab, relativo a la biblioteca libmspack. • http://bugs.gentoo.org/show_bug.cgi?id=329891 http://libmspack.svn.sourceforge.net/viewvc/libmspack/libmspack/trunk/mspack/qtmd.c?r1=114&r2=113 http://libmspack.svn.sourceforge.net/viewvc/libmspack?view=revision&revision=118 http://marc.info/?l=oss-security&m=128076168623266&w=2 http://marc.info/? • CWE-189: Numeric Errors •
CVE-2004-0916
https://notcve.org/view.php?id=CVE-2004-0916
Directory traversal vulnerability in cabextract before 1.1 allows remote attackers to overwrite arbitrary files via a cabinet file containing .. (dot dot) sequences in a filename. • http://secunia.com/advisories/12882 http://www.debian.org/security/2004/dsa-574 http://www.kyz.uklinux.net/cabextract.php#changes http://www.securityfocus.com/bid/11460 https://exchange.xforce.ibmcloud.com/vulnerabilities/17766 •