Vulnerabilities > Cabextract Project

DATE CVE VULNERABILITY TITLE RISK
2018-10-23 CVE-2018-18584 Out-of-bounds Write vulnerability in multiple products
In mspack/cab.h in libmspack before 0.8alpha and cabextract before 1.8, the CAB block input buffer is one byte too small for the maximal Quantum block, leading to an out-of-bounds write.
6.5
2018-07-28 CVE-2018-14682 Off-by-one Error vulnerability in multiple products
An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha.
6.8
2018-07-28 CVE-2018-14681 Out-of-bounds Write vulnerability in multiple products
An issue was discovered in kwajd_read_headers in mspack/kwajd.c in libmspack before 0.7alpha.
6.8
2018-07-28 CVE-2018-14680 Improper Input Validation vulnerability in multiple products
An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha.
4.3
2018-07-28 CVE-2018-14679 Off-by-one Error vulnerability in multiple products
An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha.
4.3
2010-08-09 CVE-2010-2801 Numeric Errors vulnerability in Cabextract Project Cabextract
Integer signedness error in the Quantum decompressor in cabextract before 1.3, when archive test mode is used, allows user-assisted remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Quantum archive in a .cab file, related to the libmspack library.
network
high complexity
cabextract-project CWE-189
5.1
2010-08-09 CVE-2010-2800 Resource Management Errors vulnerability in Cabextract Project Cabextract
The MS-ZIP decompressor in cabextract before 1.3 allows remote attackers to cause a denial of service (infinite loop) via a malformed MSZIP archive in a .cab file during a (1) test or (2) extract action, related to the libmspack library.
4.3
2005-01-27 CVE-2004-0916 Unspecified vulnerability in Cabextract Project Cabextract 0.2/0.6/1.0
Directory traversal vulnerability in cabextract before 1.1 allows remote attackers to overwrite arbitrary files via a cabinet file containing ..
network
low complexity
cabextract-project
5.0