Max CVSS 6.8 Min CVSS 4.3 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2018-18584 4.3
In mspack/cab.h in libmspack before 0.8alpha and cabextract before 1.8, the CAB block input buffer is one byte too small for the maximal Quantum block, leading to an out-of-bounds write.
12-05-2021 - 20:52 23-10-2018 - 02:29
CVE-2018-14682 6.8
An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. There is an off-by-one error in the TOLOWER() macro for CHM decompression.
26-04-2021 - 11:45 28-07-2018 - 23:29
CVE-2018-14681 6.8
An issue was discovered in kwajd_read_headers in mspack/kwajd.c in libmspack before 0.7alpha. Bad KWAJ file header extensions could cause a one or two byte overwrite.
26-04-2021 - 11:45 28-07-2018 - 23:29
CVE-2018-14680 4.3
An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. It does not reject blank CHM filenames.
26-04-2021 - 11:45 28-07-2018 - 23:29
CVE-2018-14679 4.3
An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. There is an off-by-one error in the CHM PMGI/PMGL chunk number validity checks, which could lead to denial of service (uninitialized data dereference and application crash).
26-04-2021 - 11:45 28-07-2018 - 23:29
CVE-2018-18585 4.3
chmd_read_headers in mspack/chmd.c in libmspack before 0.8alpha accepts a filename that has '\0' as its first or second character (such as the "/\0" name).
06-08-2019 - 17:15 23-10-2018 - 02:29
CVE-2018-18586 5.0
** DISPUTED ** chmextract.c in the chmextract sample program, as distributed with libmspack before 0.8alpha, does not protect against absolute/relative pathnames in CHM files, leading to Directory Traversal. NOTE: the vendor disputes that this is a l
03-04-2019 - 12:32 23-10-2018 - 02:29
Back to Top Mark selected
Back to Top