Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5
CVSSv2

CVE-2015-4646

Published: 13/04/2017 Updated: 24/10/2019
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9
VMScore: 445
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Subscribe to Squashfs

Vulnerability Summary

(1) unsquash-1.c, (2) unsquash-2.c, (3) unsquash-3.c, and (4) unsquash-4.c in Squashfs and sasquatch allow remote malicious users to cause a denial of service (application crash) via a crafted input.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

squashfs project squashfs

Vendor Advisories

Debian CVElist Bug Report Logs: squashfs-tools: CVE-2015-4645
Debian Bug report logs - #793467 squashfs-tools: CVE-2015-4645 Package: src:squashfs-tools; Maintainer for src:squashfs-tools is Laszlo Boszormenyi (GCS) <gcs@debianorg>; Reported by: Romeo Papa <romeopapa@caramailcom> Date: Fri, 24 Jul 2015 10:12:02 UTC Severity: normal Tags: security, upstream Found in version s ...
Debian CVElist Bug Report Logs: squashfs-tools: CVE-2015-4646
Debian Bug report logs - #793468 squashfs-tools: CVE-2015-4646 Package: src:squashfs-tools; Maintainer for src:squashfs-tools is Laszlo Boszormenyi (GCS) <gcs@debianorg>; Reported by: Romeo Papa <romeopapa@caramailcom> Date: Fri, 24 Jul 2015 10:15:01 UTC Severity: normal Tags: patch, security, upstream Found in ve ...
Amazon Linux 2: ALAS2-2023-2152
Integer overflow in the read_fragment_table_4 function in unsquash-4c in Squashfs and sasquatch allows remote attackers to cause a denial of service (application crash) via a crafted input, which triggers a stack-based buffer overflow (CVE-2015-4645) (1) unsquash-1c, (2) unsquash-2c, (3) unsquash-3c, and (4) unsquash-4c in Squashfs and sasqua ...
Red Hat: CVE-2015-4646
(1) unsquash-1c, (2) unsquash-2c, (3) unsquash-3c, and (4) unsquash-4c in Squashfs and sasquatch allow remote attackers to cause a denial of service (application crash) via a crafted input ...

References

CWE-20http://www.securityfocus.com/bid/75272http://seclists.org/oss-sec/2015/q2/756https://security.gentoo.org/glsa/201701-73https://github.com/plougher/squashfs-tools/commit/f95864afe8833fe3ad782d714b41378e860977b1https://nvd.nist.govhttps://bugs.debian.org/cgi-bin/bugreport.cgi?bug=793467https://alas.aws.amazon.com/AL2/ALAS-2023-2152.html
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48654CVE-2024-2757authentication bypassCVE-2024-3194CVE-2024-33640CVE-2024-21111dosinsecure direct object referenceCVE-2024-21345
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook