Vulnerability Details CVE-2018-18586
chmextract.c in the chmextract sample program, as distributed with libmspack before 0.8alpha, does not protect against absolute/relative pathnames in CHM files, leading to Directory Traversal. NOTE: the vendor disputes that this is a libmspack vulnerability, because chmextract.c was only intended as a source-code example, not a supported application
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 60.6%
CVSS Severity
CVSS v3 Score 5.3
CVSS v2 Score 5.0
References
- https://bugs.debian.org/911639
- https://github.com/kyz/libmspack/commit/7cadd489698be117c47efcadd742651594429e6d
- https://security.gentoo.org/glsa/201903-20
- https://www.openwall.com/lists/oss-security/2018/10/22/1
- https://bugs.debian.org/911639
- https://github.com/kyz/libmspack/commit/7cadd489698be117c47efcadd742651594429e6d
- https://security.gentoo.org/glsa/201903-20
- https://www.openwall.com/lists/oss-security/2018/10/22/1
Products affected by CVE-2018-18586
-
cpe:2.3:a:kyzer:libmspack:0.3
-
cpe:2.3:a:kyzer:libmspack:0.4
-
cpe:2.3:a:kyzer:libmspack:0.5
-
cpe:2.3:a:kyzer:libmspack:0.6
-
cpe:2.3:a:kyzer:libmspack:0.7