CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-18585

chmd_read_headers in mspack/chmd.c in libmspack before 0.8alpha accepts a filename that has '\0' as its first or second character (such as the "/\0" name).

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 59.1%

CVSS Severity

CVSS v3 Score 4.3

CVSS v2 Score 4.3

References

Products affected by CVE-2018-18585

Kyzer » Libmspack » Version: 0.3

cpe:2.3:a:kyzer:libmspack:0.3
Kyzer » Libmspack » Version: 0.4

cpe:2.3:a:kyzer:libmspack:0.4
Kyzer » Libmspack » Version: 0.5

cpe:2.3:a:kyzer:libmspack:0.5
Kyzer » Libmspack » Version: 0.6

cpe:2.3:a:kyzer:libmspack:0.6
Kyzer » Libmspack » Version: 0.7

cpe:2.3:a:kyzer:libmspack:0.7
Starwindsoftware » Starwind Virtual San » Version: N/A

cpe:2.3:a:starwindsoftware:starwind_virtual_san:-
Canonical » Ubuntu Linux » Version: 12.04

cpe:2.3:o:canonical:ubuntu_linux:12.04
Canonical » Ubuntu Linux » Version: 14.04

cpe:2.3:o:canonical:ubuntu_linux:14.04
Canonical » Ubuntu Linux » Version: 16.04

cpe:2.3:o:canonical:ubuntu_linux:16.04
Canonical » Ubuntu Linux » Version: 18.04

cpe:2.3:o:canonical:ubuntu_linux:18.04
Canonical » Ubuntu Linux » Version: 18.10

cpe:2.3:o:canonical:ubuntu_linux:18.10
Debian » Debian Linux » Version: 8.0

cpe:2.3:o:debian:debian_linux:8.0
Redhat » Enterprise Linux Desktop » Version: 7.0

cpe:2.3:o:redhat:enterprise_linux_desktop:7.0
Redhat » Enterprise Linux Server » Version: 7.0

cpe:2.3:o:redhat:enterprise_linux_server:7.0
Redhat » Enterprise Linux Workstation » Version: 7.0

cpe:2.3:o:redhat:enterprise_linux_workstation:7.0
Suse » Linux Enterprise Server » Version: 11

cpe:2.3:o:suse:linux_enterprise_server:11
Suse » Linux Enterprise Server » Version: 12

cpe:2.3:o:suse:linux_enterprise_server:12

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-18585

Products

Pricing

Contact Us