CVE-2018-18584
published 2018-10-23CVE-2018-18584: In mspack/cab.h in libmspack before 0.8alpha and cabextract before 1.8, the CAB block input buffer is one byte too small for the maximal Quantum block, leading…
medium6.5CVSS 3.1
AVNACLPRNUIRSUCNINAH
In mspack/cab.h in libmspack before 0.8alpha and cabextract before 1.8, the CAB block input buffer is one byte too small for the maximal Quantum block, leading to an out-of-bounds write.
Affected
29 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cabextract_project | cabextract | < 1.8 | 1.8 |
| cabextract_project | cabextract | >= 0 < 1.4-5 | 1.4-5 |
| cabextract_project | cabextract | >= 0 < 1.4-5 | 1.4-5 |
| cabextract_project | cabextract | >= 0 < 1.4-5 | 1.4-5 |
| cabextract_project | cabextract | >= 0 < 1.4-5 | 1.4-5 |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| clamav | clamav | >= 0 < 0.100.2+dfsg-1ubuntu0.14.04.2 | 0.100.2+dfsg-1ubuntu0.14.04.2 |
| debian | cabextract | < cabextract 1.4-5 (bookworm) | cabextract 1.4-5 (bookworm) |
| debian | debian_linux | — | — |
| debian | libmspack | < cabextract 1.4-5 (bookworm) | cabextract 1.4-5 (bookworm) |
| libmspack_project | libmspack | — | — |
| libmspack_project | libmspack | — | — |
| libmspack_project | libmspack | — | — |
| libmspack_project | libmspack | — | — |
| libmspack_project | libmspack | — | — |
| libmspack_project | libmspack | — | — |
| libmspack_project | libmspack | >= 0 < 0.8-1 | 0.8-1 |
| libmspack_project | libmspack | >= 0 < 0.8-1 | 0.8-1 |
| libmspack_project | libmspack | >= 0 < 0.8-1 | 0.8-1 |
| libmspack_project | libmspack | >= 0 < 0.8-1 | 0.8-1 |
| libmspack_project | libmspack | >= 0 < 0.5-1ubuntu0.16.04.3 | 0.5-1ubuntu0.16.04.3 |
CVSS provenance
nvdv3.16.5MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
osv6.5MEDIUM