Gentoo FoundationGLSA-200702-12CHMlib: User-assisted remote execution of arbitrary code
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.062 Low
EPSS
Percentile
93.6%
Background
CHMlib is a library for the MS CHM (Compressed HTML) file format plus extracting and HTTP server utils.
Description
When certain CHM files that contain tables and objects stored in pages are parsed by CHMlib, an unsanitized value is passed to the alloca() function resulting in a shift of the stack pointer to arbitrary memory locations.
Impact
An attacker could entice a user to open a specially crafted CHM file, resulting in the execution of arbitrary code with the permissions of the user viewing the file.
Workaround
There is no known workaround at this time.
Resolution
All CHMlib users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-libs/chmlib-0.39"
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Gentoo | any | all | dev-libs/chmlib | < 0.39 | UNKNOWN |
Related
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.062 Low
EPSS
Percentile
93.6%