CVE-2005-2930

Published Oct 28, 2005

Last updated a day ago

CVSS info 5.1

Overview

Description: Stack-based buffer overflow in the _chm_find_in_PMGL function in chm_lib.c for chmlib before 0.36, as used in products such as KchmViewer, allows user-assisted attackers to execute arbitrary code via a CHM file containing a long element, a different vulnerability than CVE-2005-3318.
Source: cve@mitre.org
NVD status: Deferred

Risk scores

CVSS 2.0

Type: Primary
Base score: 5.1
Impact score: 6.4
Exploitability score: 4.9
Vector string: AV:N/AC:H/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: CWE-119

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:jed_wing:chm_lib:0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "303317F5-D6EB-4589-8787-11B04B1DDBDF"
          },
          {
            "criteria": "cpe:2.3:a:jed_wing:chm_lib:0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0E9D4A53-DC65-4A30-82BA-E65C92029C67"
          },
          {
            "criteria": "cpe:2.3:a:jed_wing:chm_lib:0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8C62A7D6-CB34-4E77-B6B3-7687527102B0"
          },
          {
            "criteria": "cpe:2.3:a:jed_wing:chm_lib:0.31:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "73F0E0CA-52CD-4B4C-9719-8E73B1A97BBC"
          },
          {
            "criteria": "cpe:2.3:a:jed_wing:chm_lib:0.32:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "65A9D566-02D8-4DBE-9007-4A275DF283F8"
          },
          {
            "criteria": "cpe:2.3:a:jed_wing:chm_lib:0.33:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A459D41D-BC74-4436-9ED2-401BDC174C9E"
          },
          {
            "criteria": "cpe:2.3:a:jed_wing:chm_lib:0.35:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "57AA0405-EC8B-41A4-977D-32C221EE43AA"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References