CVE-2015-4469

2015-06-11T00:00:00
ID UB:CVE-2015-4469
Type ubuntucve
Reporter ubuntu.com
Modified 2015-06-11T00:00:00

Description

The chmd_read_headers function in chmd.c in libmspack before 0.5 does not validate name lengths, which allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted CHM file.

Bugs

  • <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=774726>