7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.114 Low
EPSS
Percentile
95.2%
BGA32.DLL is a compression/decompression library for gza and bza-format files. BGA32.DLL contains multiple vulnerabilities (including a buffer overflow) because it utilizes vulnerable zlib and bzip2 libraries.
QBga32.DLL, which is a wrapper of BGA32.DLL, is also affected.
Decompressing a specially crafted file may result in denial-of-service (DoS) or arbitrary code execution.
Use the latest version of QBga32.DLL
These vulnerabilities have been addressed in QBga32.DLL version 0.05.
Do not use BGA32.DLL
BGA32.DLL is no longer being developed or maintained. It is recommended to stop using BGA32.DLL.