Vulnerability Description
Stack-based buffer overflow in the _chm_find_in_PMGL function in chm_lib.c for chmlib before 0.36, as used in products such as KchmViewer, allows user-assisted attackers to execute arbitrary code via a CHM file containing a long element, a different vulnerability than CVE-2005-3318.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Jed Wing | Chm Lib | 0.1 |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/17775PatchVendor Advisory
- http://securityreason.com/securityalert/125
- http://securitytracker.com/id?1015120PatchVendor Advisory
- http://www.idefense.com/application/poi/display?id=332&type=vulnerabilitiesPatchVendor Advisory
- http://www.securityfocus.com/bid/15234Patch
- http://www.vupen.com/english/advisories/2005/2249Vendor Advisory
- http://secunia.com/advisories/17775PatchVendor Advisory
- http://securityreason.com/securityalert/125
- http://securitytracker.com/id?1015120PatchVendor Advisory
- http://www.idefense.com/application/poi/display?id=332&type=vulnerabilitiesPatchVendor Advisory
- http://www.securityfocus.com/bid/15234Patch
- http://www.vupen.com/english/advisories/2005/2249Vendor Advisory
FAQ
What is CVE-2005-2930?
CVE-2005-2930 is a vulnerability with a CVSS score of 5.1 (MEDIUM). Stack-based buffer overflow in the _chm_find_in_PMGL function in chm_lib.c for chmlib before 0.36, as used in products such as KchmViewer, allows user-assisted attackers to execute arbitrary code via ...
How severe is CVE-2005-2930?
CVE-2005-2930 has been rated MEDIUM with a CVSS base score of 5.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2005-2930?
Check the references section above for vendor advisories and patch information. Affected products include: Jed Wing Chm Lib.