Libmspack
CVEs (10)
| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2017-6419 | Hig | 0.51 | 7.8 | 0.02 | Aug 7, 2017 | mspack/lzxd.c in libmspack 0.5alpha, as used in ClamAV 0.99.2, allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted CHM file. | |
| CVE-2017-11423 | Med | 0.36 | 5.5 | 0.03 | Jul 18, 2017 | The cabd_read_string function in mspack/cabd.c in libmspack 0.5alpha, as used in ClamAV 0.99.2 and other products, allows remote attackers to cause a denial of service (stack-based buffer over-read and application crash) via a crafted CAB file. | |
| CVE-2015-4472 | 0.00 | — | 0.00 | Jun 11, 2015 | Off-by-one error in the READ_ENCINT macro in chmd.c in libmspack before 0.5 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted CHM file. | ||
| CVE-2015-4471 | 0.00 | — | 0.01 | Jun 11, 2015 | Off-by-one error in the lzxd_decompress function in lzxd.c in libmspack before 0.5 allows remote attackers to cause a denial of service (buffer under-read and application crash) via a crafted CAB archive. | ||
| CVE-2015-4470 | 0.00 | — | 0.00 | Jun 11, 2015 | Off-by-one error in the inflate function in mszipd.c in libmspack before 0.5 allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted CAB archive. | ||
| CVE-2015-4469 | 0.00 | — | 0.00 | Jun 11, 2015 | The chmd_read_headers function in chmd.c in libmspack before 0.5 does not validate name lengths, which allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted CHM file. | ||
| CVE-2015-4468 | 0.00 | — | 0.00 | Jun 11, 2015 | Multiple integer overflows in the search_chunk function in chmd.c in libmspack before 0.5 allow remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted CHM file. | ||
| CVE-2015-4467 | 0.00 | — | 0.00 | Jun 11, 2015 | The chmd_init_decomp function in chmd.c in libmspack before 0.5 does not properly validate the reset interval, which allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted CHM file. | ||
| CVE-2014-9732 | 0.00 | — | 0.00 | Jun 11, 2015 | The cabd_extract function in cabd.c in libmspack before 0.5 does not properly maintain decompression callbacks in certain cases where an invalid file follows a valid file, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted CAB archive. | ||
| CVE-2014-9556 | 0.00 | — | 0.01 | Feb 3, 2015 | Integer overflow in the qtmd_decompress function in libmspack 0.4 allows remote attackers to cause a denial of service (hang) via a crafted CAB file, which triggers an infinite loop. |
- risk 0.51cvss 7.8epss 0.02
mspack/lzxd.c in libmspack 0.5alpha, as used in ClamAV 0.99.2, allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted CHM file.
- risk 0.36cvss 5.5epss 0.03
The cabd_read_string function in mspack/cabd.c in libmspack 0.5alpha, as used in ClamAV 0.99.2 and other products, allows remote attackers to cause a denial of service (stack-based buffer over-read and application crash) via a crafted CAB file.
- CVE-2015-4472Jun 11, 2015risk 0.00cvss —epss 0.00
Off-by-one error in the READ_ENCINT macro in chmd.c in libmspack before 0.5 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted CHM file.
- CVE-2015-4471Jun 11, 2015risk 0.00cvss —epss 0.01
Off-by-one error in the lzxd_decompress function in lzxd.c in libmspack before 0.5 allows remote attackers to cause a denial of service (buffer under-read and application crash) via a crafted CAB archive.
- CVE-2015-4470Jun 11, 2015risk 0.00cvss —epss 0.00
Off-by-one error in the inflate function in mszipd.c in libmspack before 0.5 allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted CAB archive.
- CVE-2015-4469Jun 11, 2015risk 0.00cvss —epss 0.00
The chmd_read_headers function in chmd.c in libmspack before 0.5 does not validate name lengths, which allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted CHM file.
- CVE-2015-4468Jun 11, 2015risk 0.00cvss —epss 0.00
Multiple integer overflows in the search_chunk function in chmd.c in libmspack before 0.5 allow remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted CHM file.
- CVE-2015-4467Jun 11, 2015risk 0.00cvss —epss 0.00
The chmd_init_decomp function in chmd.c in libmspack before 0.5 does not properly validate the reset interval, which allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted CHM file.
- CVE-2014-9732Jun 11, 2015risk 0.00cvss —epss 0.00
The cabd_extract function in cabd.c in libmspack before 0.5 does not properly maintain decompression callbacks in certain cases where an invalid file follows a valid file, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted CAB archive.
- CVE-2014-9556Feb 3, 2015risk 0.00cvss —epss 0.01
Integer overflow in the qtmd_decompress function in libmspack 0.4 allows remote attackers to cause a denial of service (hang) via a crafted CAB file, which triggers an infinite loop.