1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
|
Candidate: CVE-2014-9556
PublicDate: 2015-02-03
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9556
Description:
Integer overflow in the qtmd_decompress function in libmspack 0.4 allows
remote attackers to cause a denial of service (hang) via a crafted CAB
file, which triggers an infinite loop.
Ubuntu-Description:
Notes:
Bugs:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=772891
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773041
Priority: medium
Discovered-by:
Assigned-to:
Patches_cabextract:
upstream_cabextract: released (1.4-5)
lucid_cabextract: ignored (reached end-of-life)
precise_cabextract: ignored (reached end-of-life)
precise/esm_cabextract: DNE (precise was needed)
trusty_cabextract: needed
utopic_cabextract: ignored (reached end-of-life)
vivid_cabextract: ignored (reached end-of-life)
vivid/stable-phone-overlay_cabextract: DNE
vivid/ubuntu-core_cabextract: DNE
wily_cabextract: ignored (reached end-of-life)
xenial_cabextract: needed
yakkety_cabextract: ignored (reached end-of-life)
zesty_cabextract: needed
devel_cabextract: needed
Patches_libmspack:
upstream_libmspack: released (0.4-2)
lucid_libmspack: DNE
precise_libmspack: DNE
precise/esm_libmspack: DNE
trusty_libmspack: needed
utopic_libmspack: ignored (reached end-of-life)
vivid_libmspack: not-affected (0.4-3)
vivid/stable-phone-overlay_libmspack: DNE
vivid/ubuntu-core_libmspack: DNE
wily_libmspack: not-affected (0.4-3)
xenial_libmspack: not-affected (0.4-3)
yakkety_libmspack: not-affected (0.4-3)
zesty_libmspack: not-affected (0.4-3)
devel_libmspack: not-affected (0.4-3)
|