rpm package
opensuse/httrack&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/httrack&distro=openSUSE%20Tumbleweed
Vulnerabilities (4)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2014-0160 | Hig | 7.5 | KEV | < 3.48.22-1.3 | 3.48.22-1.3 | Apr 7, 2014 | The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by re |
| CVE-2010-5252 | — | < 3.48.22-1.3 | 3.48.22-1.3 | Sep 7, 2012 | Untrusted search path vulnerability in HTTrack 3.43-9 allows local users to gain privileges via a Trojan horse httrack-plugin.dll file in the current working directory, as demonstrated by a directory that contains a .whtt file. NOTE: some of these details are obtained from third | ||
| CVE-2005-2096 | — | < 3.48.22-1.3 | 3.48.22-1.3 | Jul 6, 2005 | zlib 1.2 and later versions allows remote attackers to cause a denial of service (crash) via a crafted compressed stream with an incomplete code description of a length greater than 1, which leads to a buffer overflow, as demonstrated using a crafted PNG file. | ||
| CVE-2004-0797 | — | < 3.48.22-1.3 | 3.48.22-1.3 | Oct 20, 2004 | The error handling in the (1) inflate and (2) inflateBack functions in ZLib compression library 1.2.x allows local users to cause a denial of service (application crash). |
- affected < 3.48.22-1.3fixed 3.48.22-1.3
The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by re
- CVE-2010-5252Sep 7, 2012affected < 3.48.22-1.3fixed 3.48.22-1.3
Untrusted search path vulnerability in HTTrack 3.43-9 allows local users to gain privileges via a Trojan horse httrack-plugin.dll file in the current working directory, as demonstrated by a directory that contains a .whtt file. NOTE: some of these details are obtained from third
- CVE-2005-2096Jul 6, 2005affected < 3.48.22-1.3fixed 3.48.22-1.3
zlib 1.2 and later versions allows remote attackers to cause a denial of service (crash) via a crafted compressed stream with an incomplete code description of a length greater than 1, which leads to a buffer overflow, as demonstrated using a crafted PNG file.
- CVE-2004-0797Oct 20, 2004affected < 3.48.22-1.3fixed 3.48.22-1.3
The error handling in the (1) inflate and (2) inflateBack functions in ZLib compression library 1.2.x allows local users to cause a denial of service (application crash).