chmlib library memory corruption
Published:		28.01.2007
Source:		BUGTRAQ
SecurityVulns ID:		7118
Type:		library
Level:		6/10
Description:		Value from file is used directly in alloca() function call.

Affected:		CHMLIB : CHMlib 0.38
		XCHM : xchm 1.10
CVE:		CVE-2007-0619 (chmlib before 0.39 allows user-assisted remote attackers to execute arbitrary code via a crafted page block length in a CHM file, which triggers memory corruption.)

Original document

IDEFENSE, iDefense Security Advisory 01.26.07: Multiple Vendor libchm Page Block Length Memory Corruption Vulnerability (28.01.2007)

Discuss:

Read or add your comments to this news (0 comments)