Max CVSS 5.0 Min CVSS 4.3 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2018-18584 4.3
In mspack/cab.h in libmspack before 0.8alpha and cabextract before 1.8, the CAB block input buffer is one byte too small for the maximal Quantum block, leading to an out-of-bounds write.
12-05-2021 - 20:52 23-10-2018 - 02:29
CVE-2018-18585 4.3
chmd_read_headers in mspack/chmd.c in libmspack before 0.8alpha accepts a filename that has '\0' as its first or second character (such as the "/\0" name).
06-08-2019 - 17:15 23-10-2018 - 02:29
CVE-2018-18586 5.0
** DISPUTED ** chmextract.c in the chmextract sample program, as distributed with libmspack before 0.8alpha, does not protect against absolute/relative pathnames in CHM files, leading to Directory Traversal. NOTE: the vendor disputes that this is a l
03-04-2019 - 12:32 23-10-2018 - 02:29
Back to Top Mark selected
Back to Top