CVE-2018-18586 — Path Traversal in Libmspack

CWE-22 — Path Traversal7 documents7 sources

Severity

5.3MEDIUMNVD

EPSS

0.5%

top 32.30%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Libmspack Project Libmspack Kyzer Libmspack

Timeline

PublishedOct 23

Latest updateMay 14

Description

chmextract.c in the chmextract sample program, as distributed with libmspack before 0.8alpha, does not protect against absolute/relative pathnames in CHM files, leading to Directory Traversal. NOTE: the vendor disputes that this is a libmspack vulnerability, because chmextract.c was only intended as a source-code example, not a supported application

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:NExploitability: 3.9 | Impact: 1.4

Affected Packages2 packages

▶Debianlibmspack_project/libmspack< 0.8-1+3

▶NVDkyzer/libmspack5 versions+4

🔴Vulnerability Details

GHSA

GHSA-jcvf-2rhc-m6h8: ** DISPUTED ** chmextract↗2022-05-14

▶

OSV

CVE-2018-18586: chmextract↗2018-10-23

▶

CVEList

CVE-2018-18586: chmextract↗2018-10-23

▶

📋Vendor Advisories

Red Hat

libmspack: Directory traversal in chmextract.c↗2018-10-17

▶

Debian

CVE-2018-18586: libmspack - chmextract.c in the chmextract sample program, as distributed with libmspack bef...↗2018

▶

💬Community

Bugzilla

CVE-2018-18586 libmspack: Directory traversal in chmextract.c↗2018-10-30

▶