Lucene search
HistoryJun 11, 2015 - 2:59 p.m.
CVE-2015-4467
security
cve-2015-4467
chmd_init_decomp
libmspack
denial of service
nvd
vulnerability
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
6.5 Medium
AI Score
Confidence
High
0.007 Low
EPSS
Percentile
80.0%
The chmd_init_decomp function in chmd.c in libmspack before 0.5 does not properly validate the reset interval, which allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted CHM file.
Affected configurations
Node
libmspack_projectlibmspackRange≤0.4-3
| CPE | Name | Operator | Version |
|---|---|---|---|
| libmspack_project:libmspack | libmspack project libmspack | le | 0.4-3 |
Related
cvelist
cvelist
CVE-2015-4467
2015-06-11 14:00:00
nvd
nvd
CVE-2015-4467
2015-06-11 14:59:01
debiancve
debiancve
CVE-2015-4467
2015-06-11 14:59:01
ubuntucve
ubuntucve
CVE-2015-4467
2015-06-11 00:00:00
prion
prion
Design/Logic Flaw
2015-06-11 14:59:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2015:2215-1)
2021-06-09 00:00:00
SUSE: Security Advisory (SUSE-SU-2016:0011-1)
2021-04-19 00:00:00
nessus
nessus
SUSE SLED11 / SLES11 Security Update : libmspack (SUSE-SU-2015:2215-1)
2015-12-09 00:00:00
SUSE SLED12 / SLES12 Security Update : libmspack (SUSE-SU-2016:0011-1)
2016-01-12 00:00:00
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
6.5 Medium
AI Score
Confidence
High
0.007 Low
EPSS
Percentile
80.0%
Related for CVE-2015-4467