Unrated severityNVD Advisory· Published Jul 15, 2019· Updated Aug 5, 2024
CVE-2019-1010305
CVE-2019-1010305
Description
libmspack 0.9.1alpha is affected by: Buffer Overflow. The impact is: Information Disclosure. The component is: function chmd_read_headers() in libmspack(file libmspack/mspack/chmd.c). The attack vector is: the victim must open a specially crafted chm file. The fixed version is: after commit 2f084136cfe0d05e5bf5703f3e83c6d955234b4d.
Affected products
8- osv-coords7 versionspkg:rpm/almalinux/libmspackpkg:rpm/almalinux/libmspack-develpkg:rpm/opensuse/libmspack&distro=openSUSE%20Leap%2015.1pkg:rpm/suse/libmspack&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP1pkg:rpm/suse/libmspack&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/libmspack&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5pkg:rpm/suse/libmspack&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5
< 0.7-0.3.alpha.el8.4+ 6 more
- (no CPE)range: < 0.7-0.3.alpha.el8.4
- (no CPE)range: < 0.7-0.3.alpha.el8.4
- (no CPE)range: < 0.6-lp151.4.3.1
- (no CPE)range: < 0.6-3.8.19
- (no CPE)range: < 0.4-15.7.1
- (no CPE)range: < 0.4-15.7.1
- (no CPE)range: < 0.4-15.7.1
- libmspack/libmspackv5Range: 0.9.1alpha [fixed: after commit 2f084136cfe0d05e5bf5703f3e83c6d955234b4d]
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
8- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IXWNEY4CJBLPRKV6LG7FQUPD6WVZYBTB/mitrevendor-advisoryx_refsource_FEDORA
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S2QJTUAGP22YY7453MHGTFN4YQE5HJBR/mitrevendor-advisoryx_refsource_FEDORA
- usn.ubuntu.com/4066-1/mitrevendor-advisoryx_refsource_UBUNTU
- usn.ubuntu.com/4066-2/mitrevendor-advisoryx_refsource_UBUNTU
- github.com/kyz/libmspack/commit/2f084136cfe0d05e5bf5703f3e83c6d955234b4dmitrex_refsource_MISC
- github.com/kyz/libmspack/issues/27mitrex_refsource_MISC
- lists.debian.org/debian-lts-announce/2019/08/msg00028.htmlmitremailing-listx_refsource_MLIST
- lists.debian.org/debian-lts-announce/2021/10/msg00033.htmlmitremailing-listx_refsource_MLIST
News mentions
0No linked articles in our index yet.