8 matches found
Heap overflow
The mobidecompresslz77 function in compression.c in Libmobi 0.3 allows remote attackers to cause remote code execution heap-based buffer overflow via a crafted mobi file...
CVE-2018-11438
The mobidecompresslz77 function in compression.c in Libmobi 0.3 allows remote attackers to cause remote code execution heap-based buffer overflow via a crafted mobi file...
CVE-2018-11434
The bufferfill64 function in compression.c in Libmobi 0.3 allows remote attackers to cause information disclosure heap-based buffer over-read via a crafted mobi file...
Heap overflow
The bufferfill64 function in compression.c in Libmobi 0.3 allows remote attackers to cause information disclosure heap-based buffer over-read via a crafted mobi file...
CVE-2018-11438
CVE-2018-11438 affects Libmobi 0.3. The vulnerability resides in mobi_decompress_lz77 (compression.c) and allows remote code execution via a crafted MOBI file, caused by a heap-based buffer overflow. Confirmed affected component is Libmobi 0.3; the issue is exploitable over the network through cr...
CVE-2018-11438
The mobidecompresslz77 function in compression.c in Libmobi 0.3 allows remote attackers to cause remote code execution heap-based buffer overflow via a crafted mobi file...
CVE-2018-11434
The bufferfill64 function in compression.c in Libmobi 0.3 allows remote attackers to cause information disclosure heap-based buffer over-read via a crafted mobi file...
CVE-2018-11435
The mobidecompresshuffmaninternal function in compression.c in Libmobi 0.3 allows remote attackers to cause information disclosure read access violation via a crafted mobi file...