CVE Vulnerabilities

CVE-2018-14679

Off-by-one Error

Published: Jul 28, 2018 | Modified: Apr 26, 2021
CVSS 3.x
6.5
MEDIUM
Source:
NVD
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVSS 2.x
4.3 MEDIUM
AV:N/AC:M/Au:N/C:N/I:N/A:P
RedHat/V2
RedHat/V3
4 LOW
CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Ubuntu
MEDIUM

An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. There is an off-by-one error in the CHM PMGI/PMGL chunk number validity checks, which could lead to denial of service (uninitialized data dereference and application crash).

Weakness

A product calculates or uses an incorrect maximum or minimum value that is 1 more, or 1 less, than the correct value.

Affected Software

Name Vendor Start Version End Version
Libmspack Cabextract 0.0.20060920-alpha (including) 0.0.20060920-alpha (including)
Libmspack Cabextract 0.3-alpha (including) 0.3-alpha (including)
Libmspack Cabextract 0.4-alpha (including) 0.4-alpha (including)
Libmspack Cabextract 0.5-alpha (including) 0.5-alpha (including)
Libmspack Cabextract 0.6-alpha (including) 0.6-alpha (including)
Cabextract Cabextract_project * 1.5 (including)
Red Hat Enterprise Linux 7 RedHat libmspack-0:0.5-0.6.alpha.el7 *
Clamav Ubuntu trusty *
Libmspack Ubuntu bionic *
Libmspack Ubuntu esm-infra-legacy/trusty *
Libmspack Ubuntu trusty *
Libmspack Ubuntu trusty/esm *
Libmspack Ubuntu upstream *
Libmspack Ubuntu xenial *

Potential Mitigations

References