CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2018-11434

The buffer_fill64 function in compression.c in Libmobi 0.3 allows remote attackers to cause information disclosure (heap-based buffer over-read) via a crafted mobi file.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 54.9%

CVSS Severity

CVSS v3 Score 6.5

CVSS v2 Score 4.3

References

http://seclists.org/fulldisclosure/2018/May/48
http://seclists.org/fulldisclosure/2018/May/48

Products affected by CVE-2018-11434

Libmobi Project » Libmobi » Version: 0.3

cpe:2.3:a:libmobi_project:libmobi:0.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-11434

Products

Pricing

Contact Us