Test Kennung:	1.3.6.1.4.1.25623.1.0.703946
Kategorie:	Debian Local Security Checks
Titel:	Debian Security Advisory DSA 3946-1 (libmspack - security update)
Zusammenfassung:	It was discovered that libsmpack, a library used to handle Microsoft;compression formats, did not properly validate its input. A remote;attacker could craft malicious CAB or CHM files and use this flaw to;cause a denial of service via application crash, or potentially;execute arbitrary code.
Beschreibung:	Summary: It was discovered that libsmpack, a library used to handle Microsoft compression formats, did not properly validate its input. A remote attacker could craft malicious CAB or CHM files and use this flaw to cause a denial of service via application crash, or potentially execute arbitrary code. Affected Software/OS: libmspack on Debian Linux Solution: For the oldstable distribution (jessie), these problems have been fixed in version 0.5-1+deb8u1. For the stable distribution (stretch), these problems have been fixed in version 0.5-1+deb9u1. We recommend that you upgrade your libmspack packages. CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2017-6419 Debian Security Information: DSA-3946 (Google Search) http://www.debian.org/security/2017/dsa-3946 https://security.gentoo.org/glsa/201804-16 https://bugzilla.clamav.net/show_bug.cgi?id=11701 https://github.com/varsleak/varsleak-vul/blob/master/clamav-vul/heap-overflow/clamav_chm_crash.md https://github.com/vrtadmin/clamav-devel/commit/a83773682e856ad6529ba6db8d1792e6d515d7f1 https://lists.debian.org/debian-lts-announce/2018/02/msg00014.html
Copyright	Copyright (C) 2017 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.