CVE-2018-18585

Published: Oct 23, 2018

Modified: Aug 5, 2024

PUBLISHED

Description

chmd_read_headers in mspack/chmd.c in libmspack before 0.8alpha accepts a filename that has '\0' as its first or second character (such as the "/\0" name).

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

USN-3814-3

vendor-advisory

USN-3814-1

vendor-advisory

USN-3814-2

vendor-advisory

https://github.com/kyz/libmspack/commit/8759da8db6ec9e866cb8eb143313f397f925bb4f

https://www.openwall.com/lists/oss-security/2018/10/22/1

[debian-lts-announce] 20181026 [SECURITY] [DLA 1555-1] libmspack security update

mailing-list

https://bugs.debian.org/911637

GLSA-201903-20

vendor-advisory

RHSA-2019:2049

vendor-advisory

https://www.starwindsoftware.com/security/sw-20181213-0002/

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2018-18585

Description

Affected Products

References