First published: Thu Jun 11 2015(Updated: )
The chmd_read_headers function in chmd.c in libmspack before 0.5 does not validate name lengths, which allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted CHM file.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Libmspack Project Libmspack | <=0.4-3 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.