1. CVE-Search
  2. CVE-2005-3318
ID CVE-2005-3318
Summary Buffer overflow in the _chm_decompress_block function in CHM lib (chmlib) before 0.37, as used in products such as KchmViewer, allows attackers to execute arbitrary code, a different vulnerability than CVE-2005-2930.
References
Vulnerable Configurations
  • cpe:2.3:a:jed_wing:chm_lib:0.1:*:*:*:*:*:*:*
    cpe:2.3:a:jed_wing:chm_lib:0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:jed_wing:chm_lib:0.2:*:*:*:*:*:*:*
    cpe:2.3:a:jed_wing:chm_lib:0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:jed_wing:chm_lib:0.3:*:*:*:*:*:*:*
    cpe:2.3:a:jed_wing:chm_lib:0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:jed_wing:chm_lib:0.31:*:*:*:*:*:*:*
    cpe:2.3:a:jed_wing:chm_lib:0.31:*:*:*:*:*:*:*
  • cpe:2.3:a:jed_wing:chm_lib:0.32:*:*:*:*:*:*:*
    cpe:2.3:a:jed_wing:chm_lib:0.32:*:*:*:*:*:*:*
  • cpe:2.3:a:jed_wing:chm_lib:0.33:*:*:*:*:*:*:*
    cpe:2.3:a:jed_wing:chm_lib:0.33:*:*:*:*:*:*:*
  • cpe:2.3:a:jed_wing:chm_lib:0.35:*:*:*:*:*:*:*
    cpe:2.3:a:jed_wing:chm_lib:0.35:*:*:*:*:*:*:*
  • cpe:2.3:a:jed_wing:chm_lib:0.36:*:*:*:*:*:*:*
    cpe:2.3:a:jed_wing:chm_lib:0.36:*:*:*:*:*:*:*
CVSS
Base: 5.1 (as of 19-07-2017 - 01:29)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK HIGH NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:H/Au:N/C:P/I:P/A:P
refmap via4
bid 15211
confirm http://morte.jedrea.com/~jedwin/projects/chmlib/
fulldisc 20051026 chmlib exploitable buffer overflow
gentoo GLSA-200511-23
misc http://www.sven-tantau.de/public_files/chmlib/chmlib_20051126.txt
osvdb 20335
secunia
  • 17325
  • 17480
  • 17775
  • 17776
suse SUSE-SR:2005:025
vupen ADV-2005-2207
xf chmlib-chmdecompressblock-bo(22885)
Last major update 19-07-2017 - 01:29
Published 27-10-2005 - 10:02
Last modified 19-07-2017 - 01:29
Back to Top