The liblnk_data_block_read function in liblnk_data_block.c in liblnk through 2018-04-19 allows remote attackers to cause an information disclosure (heap-based buffer over-read) via a crafted lnk file. NOTE: the vendor has disputed this as described in libyal/liblnk issue 33 on GitHub
References
Link | Resource |
---|---|
http://seclists.org/fulldisclosure/2018/Jun/33 | Mailing List Third Party Advisory |
http://seclists.org/fulldisclosure/2018/Jun/33 | Mailing List Third Party Advisory |
Configurations
History
21 Nov 2024, 03:44
Type | Values Removed | Values Added |
---|---|---|
References | () http://seclists.org/fulldisclosure/2018/Jun/33 - Mailing List, Third Party Advisory |
07 Nov 2023, 02:52
Type | Values Removed | Values Added |
---|---|---|
Summary | The liblnk_data_block_read function in liblnk_data_block.c in liblnk through 2018-04-19 allows remote attackers to cause an information disclosure (heap-based buffer over-read) via a crafted lnk file. NOTE: the vendor has disputed this as described in libyal/liblnk issue 33 on GitHub |
Information
Published : 2018-06-19 21:29
Updated : 2024-11-21 03:44
NVD link : CVE-2018-12098
Mitre link : CVE-2018-12098
CVE.ORG link : CVE-2018-12098
JSON object : View
Products Affected
liblnk_project
- liblnk