Off-by-one Error in CHM PMGI/PMGL Chunk Number Validity Checks Leading to Denial of Service

Off-by-one Error in CHM PMGI/PMGL Chunk Number Validity Checks Leading to Denial of Service

CVE-2018-14679 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:N/A:P

An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. There is an off-by-one error in the CHM PMGI/PMGL chunk number validity checks, which could lead to denial of service (uninitialized data dereference and application crash).

Learn more about our Cis Benchmark Audit For Ibm I.