Libmspack

libmspack

Vendor: Cabextract • 4 CVEs

CVEs (4)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2018-14682 5Cabextract Cabextract ProjectCanonical+2 more 8Ansible Tower CabextractDebian Linux+5 more Nov 21, 2024 Jul 28, 2018 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. There is an off-by-one error in the TOLOWER() macro for CHM decompression.
CVE-2018-14681 5Cabextract Cabextract ProjectCanonical+2 more 8Ansible Tower CabextractDebian Linux+5 more Nov 21, 2024 Jul 28, 2018 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 An issue was discovered in kwajd_read_headers in mspack/kwajd.c in libmspack before 0.7alpha. Bad KWAJ file header extensions could cause a one or two byte overwrite.
CVE-2018-14680 5Cabextract Cabextract ProjectCanonical+2 more 8Ansible Tower CabextractDebian Linux+5 more Nov 21, 2024 Jul 28, 2018 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. It does not reject blank CHM filenames.
CVE-2018-14679 5Cabextract Cabextract ProjectCanonical+2 more 8Ansible Tower CabextractDebian Linux+5 more Nov 21, 2024 Jul 28, 2018 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. There is an off-by-one error in the CHM PMGI/PMGL chunk number validity checks, which could lead to denial of service (uninitialized data dereference...Show more An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. There is an off-by-one error in the CHM PMGI/PMGL chunk number validity checks, which could lead to denial of service (uninitialized data dereference and application crash).Show less