Kyzer Kyzer

  1. Vendors
  2. Kyzer
Do you want an email whenever new security vulnerabilities are reported in any Kyzer product?

Products by Kyzer Sorted by Most Security Vulnerabilities since 2018

Kyzer Libmspack3 vulnerabilities

Kyzer Cabextract1 vulnerability

Kyzer Limbspack1 vulnerability

By the Year

In 2024 there have been 0 vulnerabilities in Kyzer . Kyzer did not have any published security vulnerabilities last year.

Year Vulnerabilities Average Score
2024 0 0.00
2023 0 0.00
2022 0 0.00
2021 0 0.00
2020 0 0.00
2019 1 5.50
2018 3 5.37

It may take a day or so for new Kyzer vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Kyzer Security Vulnerabilities

libmspack 0.9.1alpha is affected by: Buffer Overflow

CVE-2019-1010305 5.5 - Medium - July 15, 2019

libmspack 0.9.1alpha is affected by: Buffer Overflow. The impact is: Information Disclosure. The component is: function chmd_read_headers() in libmspack(file libmspack/mspack/chmd.c). The attack vector is: the victim must open a specially crafted chm file. The fixed version is: after commit 2f084136cfe0d05e5bf5703f3e83c6d955234b4d.

Buffer Overflow

In mspack/cab.h in libmspack before 0.8alpha and cabextract before 1.8

CVE-2018-18584 6.5 - Medium - October 23, 2018

In mspack/cab.h in libmspack before 0.8alpha and cabextract before 1.8, the CAB block input buffer is one byte too small for the maximal Quantum block, leading to an out-of-bounds write.

Memory Corruption

chmd_read_headers in mspack/chmd.c in libmspack before 0.8alpha accepts a filename

CVE-2018-18585 4.3 - Medium - October 23, 2018

chmd_read_headers in mspack/chmd.c in libmspack before 0.8alpha accepts a filename that has '\0' as its first or second character (such as the "/\0" name).

NULL Pointer Dereference

chmextract.c in the chmextract sample program

CVE-2018-18586 5.3 - Medium - October 23, 2018

chmextract.c in the chmextract sample program, as distributed with libmspack before 0.8alpha, does not protect against absolute/relative pathnames in CHM files, leading to Directory Traversal. NOTE: the vendor disputes that this is a libmspack vulnerability, because chmextract.c was only intended as a source-code example, not a supported application

Directory traversal

Built by Foundeo Inc., with data from the National Vulnerability Database (NVD), Icons by Icons8. Privacy Policy. Use of this site is governed by the Legal Terms
Disclaimer
CONTENT ON THIS WEBSITE IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. Always check with your vendor for the most up to date, and accurate information.