2 matches found
CVE-2018-12098
The liblnkdatablockread function in liblnkdatablock.c in liblnk through 2018-04-19 allows remote attackers to cause an information disclosure heap-based buffer over-read via a crafted lnk file. NOTE: the vendor has disputed this as described in libyal/liblnk issue 33 on GitHub...
CVE-2018-12098
The vulnerability CVE-2018-12098 affects liblnk up to 2018-04-19, caused by the liblnk_data_block_read() function in liblnk_data_block.c, leading to a heap-based buffer over-read via a crafted .lnk file. Exploitation details are not fully disclosed in the provided documents; vendor dispute is not...