Vulnerability Details CVE-2015-4470
Off-by-one error in the inflate function in mszipd.c in libmspack before 0.5 allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted CAB archive.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 61.2%
CVSS Severity
CVSS v2 Score 4.3
References
Products affected by CVE-2015-4470
-
cpe:2.3:a:libmspack_project:libmspack:0.3
-
cpe:2.3:a:libmspack_project:libmspack:0.4
-
cpe:2.3:a:libmspack_project:libmspack:0.4-3