oss-sec mailing list archives

Possible CVE Requests: libmspack: several issues

From: Salvatore Bonaccorso <carnil () debian org>
Date: Tue, 3 Feb 2015 16:52:05 +0100

Hi

Several issues with the libmspack library were reported recently in
the Debian bugtracker by Jakub Wilk. An (older) copy of libmspack is
also embedded in ClamAV (not verified if this version is also affected
by these issues).

The reported bugs are the following:

null pointer dereference on a crafted CAB:
 - https://bugs.debian.org/774665

CHM decompression: division by zero
 - https://bugs.debian.org/774725

CHM decompression: pointer arithmetic overflow
 - https://bugs.debian.org/774726

off-by-one buffer over-read in mspack/mszipd.c
 - https://bugs.debian.org/775498

off-by-one buffer under-read in mspack/lzxd.c
 - https://bugs.debian.org/775499

CHM decompression: another pointer arithmetic overflow
 - https://bugs.debian.org/775687

Could CVEs be assigned for these issues?

Regards,
Salvatore

Current thread:

Possible CVE Requests: libmspack: several issues Salvatore Bonaccorso (Feb 03)
- Re: Possible CVE Requests: libmspack: several issues Hanno Böck (Feb 03)
- Re: Possible CVE Requests: libmspack: several issues Moritz Mühlenhoff (Feb 22)
  - Re: Possible CVE Requests: libmspack: several issues Salvatore Bonaccorso (Mar 03)