An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. There is an off-by-one error in the CHM PMGI/PMGL chunk number validity checks, which could lead to denial of service (uninitialized data dereference and application crash).
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-193,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 14.04 |
| canonical | ubuntu_linux | 16.04 |
| canonical | ubuntu_linux | 12.04 |
| redhat | enterprise_linux_desktop | 7.0 |
| cabextract | libmspack | 0.3 |
| cabextract | libmspack | 0.5 |
| redhat | enterprise_linux_server | 7.0 |
| debian | debian_linux | 9.0 |
| cabextract_project | cabextract | * |
| canonical | ubuntu_linux | 18.04 |
| debian | debian_linux | 8.0 |
| cabextract | libmspack | 0.6 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | ansible_tower | 3.3 |
| cabextract | libmspack | 0.0.20060920 |
| cabextract | libmspack | 0.4 |
An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. It does not reject blank CHM filenames.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 14.04 |
| canonical | ubuntu_linux | 16.04 |
| canonical | ubuntu_linux | 12.04 |
| redhat | enterprise_linux_desktop | 7.0 |
| cabextract | libmspack | 0.3 |
| cabextract | libmspack | 0.5 |
| redhat | enterprise_linux_server | 7.0 |
| debian | debian_linux | 9.0 |
| cabextract_project | cabextract | * |
| canonical | ubuntu_linux | 18.04 |
| debian | debian_linux | 8.0 |
| cabextract | libmspack | 0.6 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | ansible_tower | 3.3 |
| cabextract | libmspack | 0.0.20060920 |
| cabextract | libmspack | 0.4 |
An issue was discovered in kwajd_read_headers in mspack/kwajd.c in libmspack before 0.7alpha. Bad KWAJ file header extensions could cause a one or two byte overwrite.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 14.04 |
| canonical | ubuntu_linux | 16.04 |
| canonical | ubuntu_linux | 12.04 |
| redhat | enterprise_linux_desktop | 7.0 |
| cabextract | libmspack | 0.3 |
| cabextract | libmspack | 0.5 |
| redhat | enterprise_linux_server | 7.0 |
| debian | debian_linux | 9.0 |
| cabextract_project | cabextract | * |
| canonical | ubuntu_linux | 18.04 |
| debian | debian_linux | 8.0 |
| cabextract | libmspack | 0.6 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | ansible_tower | 3.3 |
| cabextract | libmspack | 0.0.20060920 |
| cabextract | libmspack | 0.4 |
An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. There is an off-by-one error in the TOLOWER() macro for CHM decompression.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-193,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 14.04 |
| canonical | ubuntu_linux | 16.04 |
| canonical | ubuntu_linux | 12.04 |
| redhat | enterprise_linux_desktop | 7.0 |
| cabextract | libmspack | 0.3 |
| cabextract | libmspack | 0.5 |
| redhat | enterprise_linux_server | 7.0 |
| debian | debian_linux | 9.0 |
| cabextract_project | cabextract | * |
| canonical | ubuntu_linux | 18.04 |
| debian | debian_linux | 8.0 |
| cabextract | libmspack | 0.6 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | ansible_tower | 3.3 |
| cabextract | libmspack | 0.0.20060920 |
| cabextract | libmspack | 0.4 |