Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2017-6419
Description:mspack/lzxd.c in libmspack 0.5alpha, as used in ClamAV 0.99.2, allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted CHM file.
Test IDs: 1.3.6.1.4.1.25623.1.0.703946   1.3.6.1.4.1.25623.1.0.873451   1.3.6.1.4.1.25623.1.0.843291   1.3.6.1.4.1.25623.1.0.873490   1.3.6.1.4.1.25623.1.0.851691   1.3.6.1.4.1.25623.1.0.891279   1.3.6.1.4.1.25623.1.1.2.2019.2609   1.3.6.1.4.1.25623.1.1.2.2019.2534   1.3.6.1.4.1.25623.1.1.2.2019.2454   1.3.6.1.4.1.25623.1.1.4.2018.0254.1  
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2017-6419
Debian Security Information: DSA-3946 (Google Search)
http://www.debian.org/security/2017/dsa-3946
https://security.gentoo.org/glsa/201804-16
https://bugzilla.clamav.net/show_bug.cgi?id=11701
https://github.com/varsleak/varsleak-vul/blob/master/clamav-vul/heap-overflow/clamav_chm_crash.md
https://github.com/vrtadmin/clamav-devel/commit/a83773682e856ad6529ba6db8d1792e6d515d7f1
https://lists.debian.org/debian-lts-announce/2018/02/msg00014.html




© 1998-2024 E-Soft Inc. All rights reserved.