AVG-603 log
| Package | libmspack |
| Status | Fixed |
| Severity | Critical |
| Type | multiple issues |
| Affected | 0.5alpha-1 |
| Fixed | 1:0.6alpha-1 |
| Current | 1:1.11-1 [extra] |
| Ticket | None |
| Created | Wed Jan 31 10:33:50 2018 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2017-11423 | Medium | Yes | Denial of service | The cabd_read_string function in mspack/cabd.c in libmspack 0.5alpha, as used in ClamAV before 0.99.4 and other products, allows remote attackers to cause... |
| CVE-2017-6419 | Critical | Yes | Arbitrary code execution | mspack/lzxd.c in libmspack 0.5alpha, as used in ClamAV before 0.99.4, allows remote attackers to cause a denial of service (heap-based buffer overflow and... |
| Date | Advisory | Package | Type |
|---|---|---|---|
| 20 Feb 2018 | ASA-201802-9 | libmspack | multiple issues |