Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 111052

Summary: chmlib-0.35 buffer overflow vulnerability CAN-2005-2930
Product: Gentoo Security Reporter: Pavel Ruzicka <ruza>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED DUPLICATE    
Severity: normal    
Priority: High    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: http://www.idefense.com/application/poi/display?id=332&type=vulnerabilities&flashstatus=true
Whiteboard:
Package list:
Runtime testing required: ---
Attachments:
Description Flags
bug should be solved in chmlib 0.36 none

Description Pavel Ruzicka 2005-10-31 12:53:31 UTC 
The vulnerability exists due to an unchecked memory copy while processing a CHM
file. Exploitation could allow attackers to execute arbitrary code with the
privileges of the user processing the CHM file.
Comment 1 Pavel Ruzicka 2005-10-31 12:57:32 UTC 
Created attachment 71818 [details]
bug should be solved in chmlib 0.36
Comment 2 Carsten Lohrke (RETIRED) gentoo-dev 2005-10-31 13:04:10 UTC 

*** This bug has been marked as a duplicate of 110557 ***