Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
libmspack vulnerabilities and exploits
(subscribe to this query)
5.3
CVSSv3
CVE-2018-18586
chmextract.c in the chmextract sample program, as distributed with libmspack prior to 0.8alpha, does not protect against absolute/relative pathnames in CHM files, leading to Directory Traversal. NOTE: the vendor disputes that this is a libmspack vulnerability, because chmextract....
Kyzer Libmspack 0.7
Kyzer Libmspack 0.6
Kyzer Libmspack 0.5
Kyzer Libmspack 0.4
Kyzer Libmspack 0.3
NA
CVE-2014-9732
The cabd_extract function in cabd.c in libmspack prior to 0.5 does not properly maintain decompression callbacks in certain cases where an invalid file follows a valid file, which allows remote malicious users to cause a denial of service (NULL pointer dereference and application...
Libmspack Project Libmspack
NA
CVE-2015-4468
Multiple integer overflows in the search_chunk function in chmd.c in libmspack prior to 0.5 allow remote malicious users to cause a denial of service (buffer over-read and application crash) via a crafted CHM file.
Libmspack Project Libmspack
NA
CVE-2015-4469
The chmd_read_headers function in chmd.c in libmspack prior to 0.5 does not validate name lengths, which allows remote malicious users to cause a denial of service (buffer over-read and application crash) via a crafted CHM file.
Libmspack Project Libmspack
NA
CVE-2015-4471
Off-by-one error in the lzxd_decompress function in lzxd.c in libmspack prior to 0.5 allows remote malicious users to cause a denial of service (buffer under-read and application crash) via a crafted CAB archive.
Libmspack Project Libmspack
NA
CVE-2015-4472
Off-by-one error in the READ_ENCINT macro in chmd.c in libmspack prior to 0.5 allows remote malicious users to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted CHM file.
Libmspack Project Libmspack
NA
CVE-2015-4467
The chmd_init_decomp function in chmd.c in libmspack prior to 0.5 does not properly validate the reset interval, which allows remote malicious users to cause a denial of service (divide-by-zero error and application crash) via a crafted CHM file.
Libmspack Project Libmspack
NA
CVE-2015-4470
Off-by-one error in the inflate function in mszipd.c in libmspack prior to 0.5 allows remote malicious users to cause a denial of service (buffer over-read and application crash) via a crafted CAB archive.
Libmspack Project Libmspack
6.5
CVSSv3
CVE-2018-18584
In mspack/cab.h in libmspack prior to 0.8alpha and cabextract prior to 1.8, the CAB block input buffer is one byte too small for the maximal Quantum block, leading to an out-of-bounds write.
Libmspack Project Libmspack 0.5
Cabextract Project Cabextract
Libmspack Project Libmspack 0.4
Libmspack Project Libmspack 0.3
Libmspack Project Libmspack 0.6
Libmspack Project Libmspack 0.7
Libmspack Project Libmspack 0.7.1
Debian Debian Linux 8.0
Redhat Enterprise Linux 7.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Suse Linux Enterprise Server 11
Suse Linux Enterprise Server 12
Starwindsoftware Starwind Virtual San -
NA
CVE-2014-9556
Integer overflow in the qtmd_decompress function in libmspack 0.4 allows remote malicious users to cause a denial of service (hang) via a crafted CAB file, which triggers an infinite loop.
Libmspack Project Libmspack 0.4
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
CVE-2006-4304
wireless
CVE-2023-23022
local file inclusion
CVE-2024-27058
CVE-2024-33820
open redirect
CVE-2024-27079
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »