Libmspack.cabd_sys_read_block.Off.By.One.Buffer.Overflow
Description
This indicates an attack attempt to exploit a Buffer Overflow vulnerability in Libmspack Project libmspack library.
The vulnerability is a result of an improper handling of block alignment when processing CAB files, leading to an off by one byte error. It may allow a remote attacker to execute arbitrary code within the context of the application.
Affected Products
Libmspack Project libmspack prior to 0.8 alpha
Products using the vulnerable library, including:
Libmspack Project cabextract prior to 1.8
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply patch available from the vendor:
https://github.com/kyz/libmspack/commit/40ef1b4093d77ad3a5cfcee1f5cb6108b3a3bcc2
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |