Lucene search
K

46 matches found

Prion
Prion
added 2018/07/28 11:29 p.m.26 views

Design/Logic Flaw

An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. There is an off-by-one error in the CHM PMGI/PMGL chunk number validity checks, which could lead to denial of service uninitialized data dereference and application crash...

4.3CVSS6.9AI score0.03312EPSS
Exploits0References13Affected Software8
OSV
OSV
added 2018/07/28 11:29 p.m.0 views

DEBIAN-CVE-2018-14679

An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. There is an off-by-one error in the CHM PMGI/PMGL chunk number validity checks, which could lead to denial of service uninitialized data dereference and application crash...

6.5CVSS6.6AI score0.03312EPSS
Exploits0References1
OSV
OSV
added 2018/07/28 11:29 p.m.26 views

CVE-2018-14682

An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. There is an off-by-one error in the TOLOWER macro for CHM decompression...

8.8CVSS8.7AI score
Exploits0References13
OSV
OSV
added 2018/07/28 11:29 p.m.29 views

CVE-2018-14679

An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. There is an off-by-one error in the CHM PMGI/PMGL chunk number validity checks, which could lead to denial of service uninitialized data dereference and application crash...

6.5CVSS8.4AI score
Exploits0References13
CVE
CVE
added 2018/07/28 11:0 p.m.193 views

CVE-2018-14680

CVE-2018-14680 affects libmspack (mspack/chmd.c) prior to 0.7alpha. The vulnerability arises because CHM decompression does not reject blank CHM filenames, enabling an input that could lead to a partial impact on availability (per CVSS metrics). The issue is documented as an off-by-one/invalid-da...

6.5CVSS7.3AI score0.03753EPSS
Exploits0References13Affected Software2
CVE
CVE
added 2018/07/28 11:0 p.m.272 views

CVE-2018-14679

CVE-2018-14679 affects libmspack (mspack/chmd.c) with an off-by-one error in CHM PMGI/PMGL chunk number validation, reported to cause a denial of service through an uninitialized data dereference and crash when using versions before 0.7alpha. Connected advisories (ALAS-2019-1152, RH/CentOS errata...

6.5CVSS7.1AI score0.03312EPSS
Exploits0References13Affected Software2
Cvelist
Cvelist
added 2018/07/28 11:0 p.m.24 views

CVE-2018-14680

An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. It does not reject blank CHM filenames...

7.5AI score0.03753EPSS
Exploits0References13
Cvelist
Cvelist
added 2018/07/28 11:0 p.m.25 views

CVE-2018-14679

An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. There is an off-by-one error in the CHM PMGI/PMGL chunk number validity checks, which could lead to denial of service uninitialized data dereference and application crash...

7.2AI score0.03312EPSS
Exploits0References13
AlpineLinux
AlpineLinux
added 2018/07/28 11:0 p.m.35 views

CVE-2018-14681

An issue was discovered in kwajdreadheaders in mspack/kwajd.c in libmspack before 0.7alpha. Bad KWAJ file header extensions could cause a one or two byte overwrite...

8.8CVSS7.7AI score0.03806EPSS
Exploits0
CVE
CVE
added 2018/07/28 11:0 p.m.249 views

CVE-2018-14682

CVE-2018-14682 affects libmspack (CHM decompression) with an off-by-one error in the TOLOWER() macro in mspack/chmd.c (pre-0.7alpha). Related advisories note additional CHM/CHM-related issues (14679, 14680) and KWAD header issues (14681). Affected: libmspack; potential impact described in advisor...

8.8CVSS7.4AI score0.03806EPSS
Exploits0References13Affected Software2
AlpineLinux
AlpineLinux
added 2018/07/28 11:0 p.m.44 views

CVE-2018-14682

An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. There is an off-by-one error in the TOLOWER macro for CHM decompression...

8.8CVSS7.8AI score0.03806EPSS
Exploits0
Debian CVE
Debian CVE
added 2018/07/28 11:0 p.m.22 views

CVE-2018-14681

An issue was discovered in kwajdreadheaders in mspack/kwajd.c in libmspack before 0.7alpha. Bad KWAJ file header extensions could cause a one or two byte overwrite...

8.8CVSS7.1AI score0.03806EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2018/07/28 12:0 a.m.24 views

CVE-2018-14681

An issue was discovered in kwajdreadheaders in mspack/kwajd.c in libmspack before 0.7alpha. Bad KWAJ file header extensions could cause a one or two byte overwrite...

8.8CVSS6.8AI score0.03806EPSS
Exploits0References7
UbuntuCve
UbuntuCve
added 2018/07/28 12:0 a.m.28 views

CVE-2018-14682

An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. There is an off-by-one error in the TOLOWER macro for CHM decompression...

8.8CVSS6.8AI score0.03806EPSS
Exploits0References7
OSV
OSV
added 2018/07/28 12:0 a.m.3 views

UBUNTU-CVE-2018-14680

An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. It does not reject blank CHM filenames...

6.5CVSS6.7AI score0.03753EPSS
Exploits0References8
OSV
OSV
added 2018/07/28 12:0 a.m.3 views

UBUNTU-CVE-2018-14681

An issue was discovered in kwajdreadheaders in mspack/kwajd.c in libmspack before 0.7alpha. Bad KWAJ file header extensions could cause a one or two byte overwrite...

8.8CVSS6.7AI score0.03806EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2018/03/27 12:0 a.m.36 views

SUSE SLED12 / SLES12 Security Update : clamav (SUSE-SU-2018:0809-1)

This update for clamav fixes the following issues: Security issues fixed : - CVE-2012-6706: VMSFDELTA filter inside the unrar implementation allows an arbitrary memory write bsc1045315. - CVE-2017-6419: A heap-based buffer overflow that can lead to a denial of service in libmspack via a crafted C...

10CVSS7.3AI score0.10027EPSS
Exploits4References16
RedhatCVE
RedhatCVE
added 2017/08/22 12:49 p.m.23 views

CVE-2017-6419

mspack/lzxd.c in libmspack 0.5alpha, as used in ClamAV 0.99.2, allows remote attackers to cause a denial of service heap-based buffer overflow and application crash or possibly have unspecified other impact via a crafted CHM file...

7.8CVSS6.4AI score0.01976EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2017/08/07 3:0 a.m.34 views

CVE-2017-6419

mspack/lzxd.c in libmspack 0.5alpha, as used in ClamAV 0.99.2, allows remote attackers to cause a denial of service heap-based buffer overflow and application crash or possibly have unspecified other impact via a crafted CHM file...

7.8CVSS8.5AI score0.01976EPSS
Exploits0
NVD
NVD
added 2017/07/18 8:29 p.m.21 views

CVE-2017-11423

The cabdreadstring function in mspack/cabd.c in libmspack 0.5alpha, as used in ClamAV 0.99.2 and other products, allows remote attackers to cause a denial of service stack-based buffer over-read and application crash via a crafted CAB file...

5.5CVSS5.1AI score0.02067EPSS
Exploits0References5
Rows per page
Query Builder