libmspack
| Link | package | bugs open | bugs closed | Wiki | GitHub | web search |
| Description | A library for Microsoft compression formats |
| Version | 1:1.11-1 [extra] |
Resolved
| Group | Affected | Fixed | Severity | Status | Ticket |
|---|---|---|---|---|---|
| AVG-603 | 0.5alpha-1 | 1:0.6alpha-1 | Critical | Fixed |
| Issue | Group | Severity | Remote | Type | Description |
|---|---|---|---|---|---|
| CVE-2017-11423 | AVG-603 | Medium | Yes | Denial of service | The cabd_read_string function in mspack/cabd.c in libmspack 0.5alpha, as used in ClamAV before 0.99.4 and other products, allows remote attackers to cause... |
| CVE-2017-6419 | AVG-603 | Critical | Yes | Arbitrary code execution | mspack/lzxd.c in libmspack 0.5alpha, as used in ClamAV before 0.99.4, allows remote attackers to cause a denial of service (heap-based buffer overflow and... |
Advisories
| Date | Advisory | Group | Severity | Type |
|---|---|---|---|---|
| 20 Feb 2018 | ASA-201802-9 | AVG-603 | Critical | multiple issues |