What is CVE-2014-9732?

CVE-2014-9732 is a vulnerability in Libmspack_project Libmspack. Published 2015-06-11.

Is CVE-2014-9732 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Libmspack_project Libmspack

CVE-2014-9732

The cabd_extract function in cabd.c in libmspack before 0.5 does not properly maintain decompression callbacks in certain cases where an invalid file follows a valid file, which allows remote attackers to cause a denial of service (NULL po…

EPSS: 0.072 (93.5th percentile) — read the EPSS interpretation.

Affected products

Libmspack_project Libmspack
N/a — versions n/a

Public proof-of-concept exploits

mrash/afl-cve

References

cve@mitre.org (mailing-list, x_refsource_MLIST)
cve@mitre.org (x_refsource_CONFIRM, Exploit)
cve@mitre.org (vdb-entry, x_refsource_BID)

Frequently asked questions

What is CVE-2014-9732?: CVE-2014-9732 is a vulnerability in Libmspack_project Libmspack. Published 2015-06-11.
Is CVE-2014-9732 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.