Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2018-18585

Опубликовано: 23 окт. 2018
Источник: debian

Описание

chmd_read_headers in mspack/chmd.c in libmspack before 0.8alpha accepts a filename that has '\0' as its first or second character (such as the "/\0" name).

Пакеты

ПакетСтатусВерсия исправленияРелизТип
libmspackfixed0.8-1package
libmspackfixed0.5-1+deb9u3stretchpackage

Примечания

  • https://github.com/kyz/libmspack/commit/8759da8db6ec9e866cb8eb143313f397f925bb4f

  • https://www.openwall.com/lists/oss-security/2018/10/22/1

Связанные уязвимости

ubuntu логотип

CVE-2018-18585

CVSS3: 4.3
ubuntu
больше 7 лет назад

chmd_read_headers in mspack/chmd.c in libmspack before 0.8alpha accepts a filename that has '\0' as its first or second character (such as the "/\0" name).

redhat логотип

CVE-2018-18585

CVSS3: 3.3
redhat
больше 7 лет назад

chmd_read_headers in mspack/chmd.c in libmspack before 0.8alpha accepts a filename that has '\0' as its first or second character (such as the "/\0" name).

nvd логотип

CVE-2018-18585

CVSS3: 4.3
nvd
больше 7 лет назад

chmd_read_headers in mspack/chmd.c in libmspack before 0.8alpha accepts a filename that has '\0' as its first or second character (such as the "/\0" name).

github логотип

GHSA-wfp6-c53g-9x25

CVSS3: 4.3
github
больше 3 лет назад

chmd_read_headers in mspack/chmd.c in libmspack before 0.8alpha accepts a filename that has '\0' as its first or second character (such as the "/\0" name).

suse-cvrf логотип

SUSE-SU-2019:13992-1

suse-cvrf
почти 7 лет назад

Security update for libmspack