Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description A library for Microsoft compression formats
Version 1:1.11-1 [extra]


Group Affected Fixed Severity Status Ticket
AVG-603 0.5alpha-1 1:0.6alpha-1 Critical Fixed
Issue Group Severity Remote Type Description
CVE-2017-11423 AVG-603 Medium Yes Denial of service
The cabd_read_string function in mspack/cabd.c in libmspack 0.5alpha, as used in ClamAV before 0.99.4  and other products, allows remote attackers to cause...
CVE-2017-6419 AVG-603 Critical Yes Arbitrary code execution
mspack/lzxd.c in libmspack 0.5alpha, as used in ClamAV before 0.99.4, allows remote attackers to cause a denial of service (heap-based buffer overflow and...


Date Advisory Group Severity Type
20 Feb 2018 ASA-201802-9 AVG-603 Critical multiple issues