CVE-2015-4469

Published: Jun 11, 2015

Modified: Aug 6, 2024

PUBLISHED

Description

The chmd_read_headers function in chmd.c in libmspack before 0.5 does not validate name lengths, which allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted CHM file.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

[oss-security] 20150203 Possible CVE Requests: libmspack: several issues

mailing-list

x_refsource_MLIST

http://anonscm.debian.org/cgit/collab-maint/libmspack.git/diff/debian/patches/fix-name-field-boundaries.patch?id=a25bb144795e526748b57884daf365732c7e2295

x_refsource_CONFIRM

https://bugs.debian.org/774726

x_refsource_CONFIRM

72486

vdb-entry

x_refsource_BID

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2015-4469

Description

Affected Products

References