Integer signedness error in the Quantum decompressor in cabextract prior to 1.3, when archive test mode is used, allows user-assisted remote malicious users to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Quantum archive in a .cab file, related to the libmspack library.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
cabextract project cabextract 1.1 |
||
cabextract project cabextract 1.0 |
||
cabextract project cabextract 0.6 |
||
cabextract project cabextract 0.5 |
||
cabextract project cabextract |
||
cabextract project cabextract 0.2 |
||
cabextract project cabextract 0.1 |
||
cabextract project cabextract 0.4 |
||
cabextract project cabextract 0.3 |