FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-11-27 12:04:33 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
cc7548ef-06e1-11e5-8fda-002590263bf5libmspack -- frame_end overflow which could cause infinite loop

There is a denial of service vulnerability in libmspack. The libmspack code is built into cabextract, so it is also vulnerable.

MITRE reports:

Integer overflow in the qtmd_decompress function in libmspack 0.4 allows remote attackers to cause a denial of service (hang) via a crafted CAB file, which triggers an infinite loop.


Discovery 2014-12-11
Entry 2015-05-31
libmspack
< 0.5

cabextract
< 1.5

CVE-2014-9556
https://bugs.debian.org/773041
http://www.openwall.com/lists/oss-security/2015/01/07/2