Cabextract Cabextract

Do you want an email whenever new security vulnerabilities are reported in any Cabextract product?

Products by Cabextract Sorted by Most Security Vulnerabilities since 2018

Cabextract4 vulnerabilities

Cabextract Libmspack4 vulnerabilities

By the Year

In 2022 there have been 0 vulnerabilities in Cabextract . Cabextract did not have any published security vulnerabilities last year.

Year Vulnerabilities Average Score
2022 0 0.00
2021 0 0.00
2020 0 0.00
2019 0 0.00
2018 4 7.65

It may take a day or so for new Cabextract vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Cabextract Security Vulnerabilities

An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha

CVE-2018-14679 6.5 - Medium - July 28, 2018

An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. There is an off-by-one error in the CHM PMGI/PMGL chunk number validity checks, which could lead to denial of service (uninitialized data dereference and application crash).

off-by-five

An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha

CVE-2018-14680 6.5 - Medium - July 28, 2018

An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. It does not reject blank CHM filenames.

Improper Input Validation

An issue was discovered in kwajd_read_headers in mspack/kwajd.c in libmspack before 0.7alpha

CVE-2018-14681 8.8 - High - July 28, 2018

An issue was discovered in kwajd_read_headers in mspack/kwajd.c in libmspack before 0.7alpha. Bad KWAJ file header extensions could cause a one or two byte overwrite.

Memory Corruption

An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha

CVE-2018-14682 8.8 - High - July 28, 2018

An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. There is an off-by-one error in the TOLOWER() macro for CHM decompression.

off-by-five

Built by Foundeo Inc., with data from the National Vulnerability Database (NVD), Icons by Icons8. Privacy Policy. Use of this site is governed by the Legal Terms
Disclaimer
CONTENT ON THIS WEBSITE IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. Always check with your vendor for the most up to date, and accurate information.