MidnightBSD

Advisories for kyzer

CVE-2018-18585 MEDIUM

chmd_read_headers in mspack/chmd.c in libmspack before 0.8alpha accepts a filename that has '\0' as its first or second character (such as the "/\0" name).

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L 2.8 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-476,

Products Affected

Vendor Product Version
suse linux_enterprise_server 12
redhat enterprise_linux_workstation 7.0
suse linux_enterprise_server 11
canonical ubuntu_linux 18.10
kyzer libmspack 0.4
debian debian_linux 8.0
kyzer libmspack 0.6
kyzer libmspack 0.7
canonical ubuntu_linux 18.04
kyzer libmspack 0.3
canonical ubuntu_linux 16.04
redhat enterprise_linux_desktop 7.0
starwindsoftware starwind_virtual_san -
canonical ubuntu_linux 12.04
canonical ubuntu_linux 14.04
redhat enterprise_linux_server 7.0
kyzer libmspack 0.5
CVE-2018-18586 MEDIUM

chmextract.c in the chmextract sample program, as distributed with libmspack before 0.8alpha, does not protect against absolute/relative pathnames in CHM files, leading to Directory Traversal. NOTE: the vendor disputes that this is a libmspack vulnerability, because chmextract.c was only intended as a source-code example, not a supported application

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-22,

Products Affected

Vendor Product Version
kyzer libmspack 0.4
kyzer libmspack 0.6
kyzer libmspack 0.7
kyzer libmspack 0.3
kyzer libmspack 0.5
CVE-2019-1010305 MEDIUM

libmspack 0.9.1alpha is affected by: Buffer Overflow. The impact is: Information Disclosure. The component is: function chmd_read_headers() in libmspack(file libmspack/mspack/chmd.c). The attack vector is: the victim must open a specially crafted chm file. The fixed version is: after commit 2f084136cfe0d05e5bf5703f3e83c6d955234b4d.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N 1.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
canonical ubuntu_linux 12.04
fedoraproject fedora 29
canonical ubuntu_linux 14.04
debian debian_linux 9.0
fedoraproject fedora 30
debian debian_linux 8.0
canonical ubuntu_linux 18.04
kyzer libmspack 0.9.1
canonical ubuntu_linux 16.04