Lucene search

Cabextract Security Vulnerabilities

cve

CVE-2018-14679

An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. There is an off-by-one error in the CHM PMGI/PMGL chunk number validity checks, which could lead to denial of service (uninitialized data dereference and application crash).

6.5CVSS

7.1AI Score

0.009EPSS

2018-07-28 11:29 PM

206

cve

CVE-2018-14680

An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. It does not reject blank CHM filenames.

6.5CVSS

7.3AI Score

0.006EPSS

2018-07-28 11:29 PM

140

cve

CVE-2018-14681

An issue was discovered in kwajd_read_headers in mspack/kwajd.c in libmspack before 0.7alpha. Bad KWAJ file header extensions could cause a one or two byte overwrite.

8.8CVSS

7.3AI Score

0.005EPSS

2018-07-28 11:29 PM

207

cve

CVE-2018-14682

An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. There is an off-by-one error in the TOLOWER() macro for CHM decompression.

8.8CVSS

7.4AI Score

0.006EPSS

2018-07-28 11:29 PM

201