4 matches found
CVE-2005-2659
CVE-2005-2659 is a buffer overflow in the LZX decompression path of CHM Lib (chmlib) 0.35, used by KchmViewer. Root cause: overflow in LZX decompression. The impact and attack vectors are described as unknown in initial sources; later advisories (Debian DSA-886-1 and related OpenVAS entries) refe...
CVE-2005-3318
CVE-2005-3318 is a buffer overflow in CHMLIB’s _chm_decompress_block() used by chmlib (e.g., in KchmViewer). The vulnerability allows an attacker to execute arbitrary code by processing specially crafted CHM ITSS/CHM content. The issue is associated with CHMLIB versions before 0.37, and multiple ...
CVE-2005-2930
Summary: CVE-2005-2930 is a stack-based buffer overflow in chmlib’s _chm_find_in_PMGL, affecting chmlib and apps like KchmViewer. Exploitation could allow arbitrary code execution via crafted CHM files. The vulnerability is documented alongside CVE-2005-2659 and CVE-2005-3318 by Debian and Gentoo...
CVE-2006-3178
CVE-2006-3178 affects CHM Lib (chmlib) prior to version 0.38. A directory traversal vulnerability in the extract_chmLib example/program allows an attacker to overwrite arbitrary files by including files with a “..” in a CHM archive filename. Public references describe Debian (DSA-1144-1) updates ...