Vulnerabilities > Cabextract

DATE CVE VULNERABILITY TITLE RISK
2019-11-29 CVE-2015-2060 Path Traversal vulnerability in Cabextract
cabextract before 1.6 does not properly check for leading slashes when extracting files, which allows remote attackers to conduct absolute directory traversal attacks via a malformed UTF-8 character that is changed to a UTF-8 encoded slash.
network
low complexity
cabextract linux CWE-22
5.0
2018-07-28 CVE-2018-14682 Off-by-one Error vulnerability in multiple products
An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha.
6.8
2018-07-28 CVE-2018-14681 Out-of-bounds Write vulnerability in multiple products
An issue was discovered in kwajd_read_headers in mspack/kwajd.c in libmspack before 0.7alpha.
6.8
2018-07-28 CVE-2018-14680 Improper Input Validation vulnerability in multiple products
An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha.
4.3
2018-07-28 CVE-2018-14679 Off-by-one Error vulnerability in multiple products
An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha.
4.3