Libmspack
CVE-2017-6419
HIGH
Severity by source
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionCVE.org
mspack/lzxd.c in libmspack 0.5alpha, as used in ClamAV 0.99.2, allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted CHM file.
AnalysisAI
mspack/lzxd.c in libmspack 0.5alpha, as used in ClamAV 0.99.2, allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.
Technical ContextAI
This vulnerability is classified as Buffer Overflow (CWE-119), which allows attackers to corrupt memory to execute arbitrary code or crash the application. mspack/lzxd.c in libmspack 0.5alpha, as used in ClamAV 0.99.2, allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted CHM file. Affected products include: Libmspack Project Libmspack.
RemediationAI
A vendor patch is available. Apply the latest security update as soon as possible. Use memory-safe languages or bounds-checking. Enable ASLR, DEP/NX, stack canaries. Use safe string functions.
Off-by-one error in the READ_ENCINT macro in chmd.c in libmspack before 0.5 allows remote attackers to cause a denial of
libmspack 0.9.1alpha is affected by: Buffer Overflow. Rated medium severity (CVSS 5.5), this vulnerability is no authent
chmextract.c in the chmextract sample program, as distributed with libmspack before 0.8alpha, does not protect against a
Integer overflow in the qtmd_decompress function in libmspack 0.4 allows remote attackers to cause a denial of service (
An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. Rated high severity (CVSS 8.8), this vulnerabilit
An issue was discovered in kwajd_read_headers in mspack/kwajd.c in libmspack before 0.7alpha. Rated high severity (CVSS
Off-by-one error in the lzxd_decompress function in lzxd.c in libmspack before 0.5 allows remote attackers to cause a de
Off-by-one error in the inflate function in mszipd.c in libmspack before 0.5 allows remote attackers to cause a denial o
The cabd_extract function in cabd.c in libmspack before 0.5 does not properly maintain decompression callbacks in certai
The chmd_read_headers function in chmd.c in libmspack before 0.5 does not validate name lengths, which allows remote att
Multiple integer overflows in the search_chunk function in chmd.c in libmspack before 0.5 allow remote attackers to caus
The chmd_init_decomp function in chmd.c in libmspack before 0.5 does not properly validate the reset interval, which all
Same weakness CWE-119 – Buffer Overflow
View allSame technique Buffer Overflow
View allShare
External POC / Exploit Code
Leaving vuln.today