111052 – chmlib-0.35 buffer overflow vulnerability CAN-2005-2930

Bug 111052 - chmlib-0.35 buffer overflow vulnerability CAN-2005-2930

Summary: chmlib-0.35 buffer overflow vulnerability CAN-2005-2930

Status:	RESOLVED DUPLICATE of bug 110557

Alias:	None

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	High normal (vote)
Assignee:	Gentoo Security

URL:	http://www.idefense.com/application/p...
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2005-10-31 12:53 UTC by Pavel Ruzicka
Modified:	2005-10-31 13:04 UTC (History)
CC List:	0 users

See Also:
Package list:
Runtime testing required:	---

Attachments
bug should be solved in chmlib 0.36 (chmlib-0.36.ebuild,1.73 KB, text/plain) 2005-10-31 12:57 UTC, Pavel Ruzicka	no flags	Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Pavel Ruzicka 2005-10-31 12:53:31 UTC

The vulnerability exists due to an unchecked memory copy while processing a CHM
file. Exploitation could allow attackers to execute arbitrary code with the
privileges of the user processing the CHM file.

Comment 1 Pavel Ruzicka 2005-10-31 12:57:32 UTC

Created attachment 71818 [details]
bug should be solved in chmlib 0.36

Comment 2 Carsten Lohrke (RETIRED) gentoo-dev

2005-10-31 13:04:10 UTC


*** This bug has been marked as a duplicate of 110557 ***