Mobipocket Reader is prone to an overflow condition. The program fails to properly sanitize user-supplied input resulting in a stack-based buffer overflow. With a specially crafted CHM file, a context-dependent attacker can potentially cause a denial of service or execute arbitrary code.
Local / Remote,
Loss of Integrity
OSVDB is not aware of a solution for this vulnerability.