FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

libmspack -- frame_end overflow which could cause infinite loop

Affected packages
libmspack < 0.5
cabextract < 1.5

Details

VuXML ID cc7548ef-06e1-11e5-8fda-002590263bf5
Discovery 2014-12-11
Entry 2015-05-31

There is a denial of service vulnerability in libmspack. The libmspack code is built into cabextract, so it is also vulnerable.

MITRE reports:

Integer overflow in the qtmd_decompress function in libmspack 0.4 allows remote attackers to cause a denial of service (hang) via a crafted CAB file, which triggers an infinite loop.

References

CVE Name CVE-2014-9556
Message http://www.openwall.com/lists/oss-security/2015/01/07/2
URL https://bugs.debian.org/773041