Linux Distros Unpatched Vulnerability : CVE-2015-4467

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The chmdinitdecomp function in chmd.c in libmspack before 0.5 does not properly validate the reset interval, which allows remote attackers to cause a denial of...

SUSE CVE-2015-4469

The chmdreadheaders function in chmd.c in libmspack before 0.5 does not validate name lengths, which allows remote attackers to cause a denial of service buffer over-read and application crash via a crafted CHM file...

Microsoft Compiled HTML Help / Uncompiled .chm File XML External Entity Vulnerability

Microsoft Compiled HTML Help is Microsoft's proprietary online help formatting tool, consisting of a set of HTML pages, an index, and other navigation tools. An XML external entity injection vulnerability exists in the Microsoft Compiled HTML Help Uncompiled.chm file, which arises when the progra...

DEBIAN-CVE-2019-1010305

libmspack 0.9.1alpha is affected by: Buffer Overflow. The impact is: Information Disclosure. The component is: function chmdreadheaders in libmspackfile libmspack/mspack/chmd.c. The attack vector is: the victim must open a specially crafted chm file. The fixed version is: after commit...

ALPINE-CVE-2019-1010305

libmspack 0.9.1alpha is affected by: Buffer Overflow. The impact is: Information Disclosure. The component is: function chmdreadheaders in libmspackfile libmspack/mspack/chmd.c. The attack vector is: the victim must open a specially crafted chm file. The fixed version is: after commit...

ALPINE-CVE-2017-6419

mspack/lzxd.c in libmspack 0.5alpha, as used in ClamAV 0.99.2, allows remote attackers to cause a denial of service heap-based buffer overflow and application crash or possibly have unspecified other impact via a crafted CHM file...

PT-2017-17056

Name of the Vulnerable Software and Affected Versions libmspack version 0.5alpha ClamAV version 0.99.2 Description The issue allows remote attackers to cause a denial of service, resulting in a heap-based buffer overflow and application crash, or possibly have other unspecified impacts. This is...

PT-2015-6598

Name of the Vulnerable Software and Affected Versions libmspack versions prior to 0.5 Description The issue concerns the chmd init decomp function in chmd.c, which does not properly validate the reset interval. This allows remote attackers to cause a denial of service, resulting in a divide-by-ze...

DEBIAN-CVE-2006-5295

Unspecified vulnerability in ClamAV before 0.88.5 allows remote attackers to cause a denial of service scanning service crash via a crafted Compressed HTML Help CHM file that causes ClamAV to "read an invalid memory location."...