libmspack: Multiple vulnerabilities (CVE-2017-6419, CVE-2017-11423)
CVE-2017-6419: heap-based buffer overflow in mspack/lzxd.c
mspack/lzxd.c in libmspack 0.5alpha, as used in ClamAV 0.99.2,
allows
remote attackers to cause a denial of service (heap-based buffer
overflow and application crash) or possibly have unspecified other
impact via a crafted CHM file.
References:
https://nvd.nist.gov/vuln/detail/CVE-2017-6419
Patch:
https://github.com/kyz/libmspack/commit/6139a0b9e93fcb7fcf423e56aa825bc869e02229
CVE-2017-11423: Stack-based buffer over-read in cabd_read_string function
The cabd_read_string function in mspack/cabd.c in libmspack
0.5alpha,
as used in ClamAV 0.99.2 and other products, allows remote attackers
to
cause a denial of service (stack-based buffer over-read and
application
crash) via a crafted CAB file.
References:
https://nvd.nist.gov/vuln/detail/CVE-2017-11423
Patch:
https://github.com/kyz/libmspack/commit/17038206fcc384dcee6dd9e3a75f08fd3ddc6a38
(from redmine: issue id 7755, created on 2017-08-25, closed on 2017-08-28)
- Relations:
- child #7756 (closed)
- child #7757 (closed)
- child #7758 (closed)
- child #7759 (closed)
- child #7760 (closed)