Lucene search
HistoryJun 11, 2015 - 2:59 p.m.
CVE-2015-4469
cve-2015-4469
chmd_read_headers
libmspack
denial of service
buffer over-read
application crash
nvd
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
6.5 Medium
AI Score
Confidence
Low
0.011 Low
EPSS
Percentile
84.3%
The chmd_read_headers function in chmd.c in libmspack before 0.5 does not validate name lengths, which allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted CHM file.
Affected configurations
Node
libmspack_projectlibmspackRange≤0.4-3
| CPE | Name | Operator | Version |
|---|---|---|---|
| libmspack_project:libmspack | libmspack project libmspack | le | 0.4-3 |
Related
nvd
nvd
CVE-2015-4469
2015-06-11 14:59:04
cvelist
cvelist
CVE-2015-4469
2015-06-11 14:00:00
ubuntucve
ubuntucve
CVE-2015-4469
2015-06-11 00:00:00
debiancve
debiancve
CVE-2015-4469
2015-06-11 14:59:04
prion
prion
Design/Logic Flaw
2015-06-11 14:59:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2015:2215-1)
2021-06-09 00:00:00
SUSE: Security Advisory (SUSE-SU-2016:0011-1)
2021-04-19 00:00:00
nessus
nessus
SUSE SLED11 / SLES11 Security Update : libmspack (SUSE-SU-2015:2215-1)
2015-12-09 00:00:00
SUSE SLED12 / SLES12 Security Update : libmspack (SUSE-SU-2016:0011-1)
2016-01-12 00:00:00
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
6.5 Medium
AI Score
Confidence
Low
0.011 Low
EPSS
Percentile
84.3%
Related for CVE-2015-4469