CVEInsight.

Free vulnerability intelligence for developers, security teams, and researchers. Data sourced from public databases for informational purposes only.

Explore

Legal

CVE data sourced from NVD / NIST & public disclosures.

cabextract

libmspack

4 known vulnerabilities · sorted by CVSS score

CVE-2018-14681

HIGH8.8

An issue was discovered in kwajd_read_headers in mspack/kwajd.c in libmspack before 0.7alpha. Bad KWAJ file header extensions could cause a one or two byte overwrite.

cabextract / libmspack+15

Network

Published Jul 28, 2018

CVE-2018-14682

HIGH8.8

An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. There is an off-by-one error in the TOLOWER() macro for CHM decompression.

cabextract / libmspack+15

Network

Published Jul 28, 2018

CVE-2018-14680

MEDIUM6.5

An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. It does not reject blank CHM filenames.

cabextract / libmspack+15

Network

Published Jul 28, 2018

CVE-2018-14679

MEDIUM6.5

An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. There is an off-by-one error in the CHM PMGI/PMGL chunk number validity checks, which could lead to denial of service (uninitialized data dereference and application crash).

cabextract / libmspack+16

Network

Published Jul 28, 2018