Off-by-one error in the inflate function in mszipd.c in libmspack before 0.5 allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted CAB archive.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Libmspack | Libmspack_project | * | 0.4-3 (including) |
Cabextract | Ubuntu | trusty | * |
Cabextract | Ubuntu | trusty/esm | * |
Cabextract | Ubuntu | upstream | * |
Libmspack | Ubuntu | trusty | * |
Libmspack | Ubuntu | trusty/esm | * |
Libmspack | Ubuntu | upstream | * |
Libmspack | Ubuntu | utopic | * |