Description
An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. There is an off-by-one error in the TOLOWER() macro for CHM decompression.
Scores
CVSS v3
8.8
EPSS
0.0443
EPSS Percentile
89.1%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Details
CWE
CWE-193
Status
published
Products (16)
cabextract/libmspack
0.0.20060920 alpha
cabextract/libmspack
0.3 alpha
cabextract/libmspack
0.4 alpha
cabextract/libmspack
0.5 alpha
cabextract/libmspack
0.6 alpha
cabextract_project/cabextract
< 1.5
canonical/ubuntu_linux
12.04
canonical/ubuntu_linux
14.04
canonical/ubuntu_linux
16.04
canonical/ubuntu_linux
18.04
... and 6 more
Published
Jul 28, 2018
Tracked Since
Feb 18, 2026