JVNDB-2015-000066

BGA32.DLL is a compression/decompression library for gza and bza-format files. BGA32.DLL contains multiple vulnerabilities (including a buffer overflow) because it utilizes vulnerable zlib and bzip2 libraries. QBga32.DLL, which is a wrapper of BGA32.DLL, is also affected. KONDOU, Kazuhiro reported this vulnerability to IPA. JPCERT/CC coordinated with the developers under Information Security Early Warning Partnership.