Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2018-18586

Опубликовано: 23 окт. 2018
Источник: ubuntu
Приоритет: negligible
EPSS Низкий
CVSS2: 5
CVSS3: 5.3

Описание

chmextract.c in the chmextract sample program, as distributed with libmspack before 0.8alpha, does not protect against absolute/relative pathnames in CHM files, leading to Directory Traversal. NOTE: the vendor disputes that this is a libmspack vulnerability, because chmextract.c was only intended as a source-code example, not a supported application

РелизСтатусПримечание
bionic

not-affected

uses system libmspack
cosmic

not-affected

uses system libmspack
devel

not-affected

uses system libmspack
esm-infra-legacy/trusty

not-affected

code not compiled
esm-infra/bionic

not-affected

uses system libmspack
esm-infra/xenial

not-affected

uses system libmspack
precise/esm

not-affected

code not compiled
trusty

not-affected

code not compiled
trusty/esm

not-affected

code not compiled
upstream

needs-triage

Показывать по

РелизСтатусПримечание
bionic

not-affected

code not compiled
cosmic

not-affected

code not compiled
devel

not-affected

code not compiled
esm-infra-legacy/trusty

not-affected

code not compiled
esm-infra/bionic

not-affected

code not compiled
esm-infra/xenial

not-affected

code not compiled
precise/esm

DNE

trusty

not-affected

code not compiled
trusty/esm

not-affected

code not compiled
upstream

needs-triage

Показывать по

Ссылки на источники

EPSS

Процентиль: 66%
0.00515
Низкий

5 Medium

CVSS2

5.3 Medium

CVSS3

Связанные уязвимости

redhat логотип

CVE-2018-18586

CVSS3: 5.3
redhat
больше 7 лет назад

chmextract.c in the chmextract sample program, as distributed with libmspack before 0.8alpha, does not protect against absolute/relative pathnames in CHM files, leading to Directory Traversal. NOTE: the vendor disputes that this is a libmspack vulnerability, because chmextract.c was only intended as a source-code example, not a supported application

nvd логотип

CVE-2018-18586

CVSS3: 5.3
nvd
больше 7 лет назад

chmextract.c in the chmextract sample program, as distributed with libmspack before 0.8alpha, does not protect against absolute/relative pathnames in CHM files, leading to Directory Traversal. NOTE: the vendor disputes that this is a libmspack vulnerability, because chmextract.c was only intended as a source-code example, not a supported application

debian логотип

CVE-2018-18586

CVSS3: 5.3
debian
больше 7 лет назад

chmextract.c in the chmextract sample program, as distributed with lib ...

suse-cvrf логотип

openSUSE-SU-2022:0069-2

suse-cvrf
почти 4 года назад

Security update for libmspack

suse-cvrf логотип

openSUSE-SU-2022:0069-1

suse-cvrf
около 4 лет назад

Security update for libmspack

EPSS

Процентиль: 66%
0.00515
Низкий

5 Medium

CVSS2

5.3 Medium

CVSS3