An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. It does not reject blank CHM filenames.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
History
21 Nov 2024, 03:49
Type | Values Removed | Values Added |
---|---|---|
References | () http://www.openwall.com/lists/oss-security/2018/07/26/1 - Mailing List, Third Party Advisory | |
References | () http://www.securitytracker.com/id/1041410 - Third Party Advisory, VDB Entry | |
References | () https://access.redhat.com/errata/RHSA-2018:3327 - Third Party Advisory | |
References | () https://access.redhat.com/errata/RHSA-2018:3505 - Third Party Advisory | |
References | () https://bugs.debian.org/904801 - Issue Tracking, Mailing List, Patch, Third Party Advisory | |
References | () https://github.com/kyz/libmspack/commit/72e70a921f0f07fee748aec2274b30784e1d312a - Patch, Third Party Advisory | |
References | () https://lists.debian.org/debian-lts-announce/2018/08/msg00007.html - Mailing List, Third Party Advisory | |
References | () https://security.gentoo.org/glsa/201903-20 - Third Party Advisory | |
References | () https://usn.ubuntu.com/3728-1/ - Third Party Advisory | |
References | () https://usn.ubuntu.com/3728-2/ - Third Party Advisory | |
References | () https://usn.ubuntu.com/3728-3/ - Third Party Advisory | |
References | () https://usn.ubuntu.com/3789-2/ - Third Party Advisory | |
References | () https://www.debian.org/security/2018/dsa-4260 - Third Party Advisory |
Information
Published : 2018-07-28 23:29
Updated : 2024-11-21 03:49
NVD link : CVE-2018-14680
Mitre link : CVE-2018-14680
CVE.ORG link : CVE-2018-14680
JSON object : View
Products Affected
cabextract_project
- cabextract
debian
- debian_linux
cabextract
- libmspack
canonical
- ubuntu_linux
redhat
- enterprise_linux_workstation
- enterprise_linux_desktop
- ansible_tower
- enterprise_linux_server
CWE
CWE-20
Improper Input Validation