Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-2930

Overview

Vulnerability Score 5.1 5.1
CVE Id CVE-2005-2930
Last Modified 02 Aug 2011 12:00:00
Published 28 Oct 2005 05:02:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2005-2930

Summary

Stack-based buffer overflow in the _chm_find_in_PMGL function in chm_lib.c for chmlib before 0.36, as used in products such as KchmViewer, allows user-assisted attackers to execute arbitrary code via a CHM file containing a long element, a different vulnerability than CVE-2005-3318.

Vulnerable Systems

Application

  • Jed Wing Chm Lib 0.1

  • Jed Wing Chm Lib 0.2

  • Jed Wing Chm Lib 0.3

  • Jed Wing Chm Lib 0.31

  • Jed Wing Chm Lib 0.32

  • Jed Wing Chm Lib 0.33

  • Jed Wing Chm Lib 0.35


References

BID - 15234

IDEFENSE - 20051028 Multiple Vendor chmlib CHM File Handling Buffer Overflow Vulnerability

SECTRACK - 1015120

SECUNIA - 17775

VUPEN - ADV-2005-2249

SREASON - 125


Last Updated: 27 May 2016 10:40:40