Lucene search
K

62 matches found

Prion
Prion
added 2018/06/19 9:29 p.m.13 views

Heap overflow

DISPUTED The liblnkdatablockread function in liblnkdatablock.c in liblnk through 2018-04-19 allows remote attackers to cause an information disclosure heap-based buffer over-read via a crafted lnk file. NOTE: the vendor has disputed this as described in libyal/liblnk issue 33 on GitHub...

1.9CVSS5.4AI score0.00596EPSS
Exploits0References1Affected Software1
UbuntuCve
UbuntuCve
added 2018/06/19 9:29 p.m.25 views

CVE-2018-12098

The liblnkdatablockread function in liblnkdatablock.c in liblnk through 2018-04-19 allows remote attackers to cause an information disclosure heap-based buffer over-read via a crafted lnk file. NOTE: the vendor has disputed this as described in libyal/liblnk issue 33 on GitHub...

5.5CVSS6.3AI score0.00596EPSS
Exploits0References2
OSV
OSV
added 2018/06/19 9:29 p.m.8 views

CVE-2018-12098

The liblnkdatablockread function in liblnkdatablock.c in liblnk through 2018-04-19 allows remote attackers to cause an information disclosure heap-based buffer over-read via a crafted lnk file. NOTE: the vendor has disputed this as described in libyal/liblnk issue 33 on GitHub...

5.5CVSS5.5AI score
Exploits0References1
OSV
OSV
added 2018/06/19 9:29 p.m.6 views

CVE-2018-12097

The liblnklocationinformationreaddata function in liblnklocationinformation.c in liblnk through 2018-04-19 allows remote attackers to cause an information disclosure heap-based buffer over-read via a crafted lnk file. NOTE: the vendor has disputed this as described in libyal/liblnk issue 33 on...

5.5CVSS5.5AI score
Exploits0References1
OSV
OSV
added 2018/06/19 9:29 p.m.8 views

CVE-2018-12096

The liblnkdatastringgetutf8stringsize function in liblnkdatastring.c in liblnk through 2018-04-19 allows remote attackers to cause an information disclosure heap-based buffer over-read via a crafted lnk file. NOTE: the vendor has disputed this as described in libyal/liblnk issue 33 on GitHub...

5.5CVSS5.4AI score
Exploits0References1
OSV
OSV
added 2018/06/19 9:29 p.m.3 views

UBUNTU-CVE-2018-12097

The liblnklocationinformationreaddata function in liblnklocationinformation.c in liblnk through 2018-04-19 allows remote attackers to cause an information disclosure heap-based buffer over-read via a crafted lnk file. NOTE: the vendor has disputed this as described in libyal/liblnk issue 33 on...

5.5CVSS6AI score0.00596EPSS
Exploits0References3
OSV
OSV
added 2018/06/19 9:29 p.m.4 views

DEBIAN-CVE-2018-12096

The liblnkdatastringgetutf8stringsize function in liblnkdatastring.c in liblnk through 2018-04-19 allows remote attackers to cause an information disclosure heap-based buffer over-read via a crafted lnk file. NOTE: the vendor has disputed this as described in libyal/liblnk issue 33 on GitHub...

5.5CVSS5.1AI score0.00596EPSS
Exploits0References1
OSV
OSV
added 2018/06/19 9:29 p.m.3 views

DEBIAN-CVE-2018-12097

The liblnklocationinformationreaddata function in liblnklocationinformation.c in liblnk through 2018-04-19 allows remote attackers to cause an information disclosure heap-based buffer over-read via a crafted lnk file. NOTE: the vendor has disputed this as described in libyal/liblnk issue 33 on...

5.5CVSS5.2AI score0.00596EPSS
Exploits0References1
OSV
OSV
added 2018/06/19 9:29 p.m.16 views

UBUNTU-CVE-2018-12096

The liblnkdatastringgetutf8stringsize function in liblnkdatastring.c in liblnk through 2018-04-19 allows remote attackers to cause an information disclosure heap-based buffer over-read via a crafted lnk file. NOTE: the vendor has disputed this as described in libyal/liblnk issue 33 on GitHub...

5.5CVSS6.2AI score0.00596EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2018/06/19 9:0 p.m.13 views

CVE-2018-12096

The liblnkdatastringgetutf8stringsize function in liblnkdatastring.c in liblnk through 2018-04-19 allows remote attackers to cause an information disclosure heap-based buffer over-read via a crafted lnk file. NOTE: the vendor has disputed this as described in libyal/liblnk issue 33 on GitHub...

6.7AI score0.00596EPSS
Exploits0References1
Cvelist
Cvelist
added 2018/06/19 9:0 p.m.17 views

CVE-2018-12098

The liblnkdatablockread function in liblnkdatablock.c in liblnk through 2018-04-19 allows remote attackers to cause an information disclosure heap-based buffer over-read via a crafted lnk file. NOTE: the vendor has disputed this as described in libyal/liblnk issue 33 on GitHub...

5.4AI score0.00596EPSS
Exploits0References1
Cvelist
Cvelist
added 2018/06/19 9:0 p.m.22 views

CVE-2018-12096

The liblnkdatastringgetutf8stringsize function in liblnkdatastring.c in liblnk through 2018-04-19 allows remote attackers to cause an information disclosure heap-based buffer over-read via a crafted lnk file. NOTE: the vendor has disputed this as described in libyal/liblnk issue 33 on GitHub...

5.4AI score0.00596EPSS
Exploits0References1
CVE
CVE
added 2018/06/19 9:0 p.m.51 views

CVE-2018-12098

The vulnerability CVE-2018-12098 affects liblnk up to 2018-04-19, caused by the liblnk_data_block_read() function in liblnk_data_block.c, leading to a heap-based buffer over-read via a crafted .lnk file. Exploitation details are not fully disclosed in the provided documents; vendor dispute is not...

5.5CVSS5.4AI score0.00596EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2018/06/19 9:0 p.m.48 views

CVE-2018-12097

The CVE affects the liblnk library: the function liblnk_location_information_read_data in liblnk_location_information.c (liblnk up to 2018-04-19) allows an attacker to cause information disclosure via a crafted .lnk file. The vulnerability is a heap-based buffer over-read. Vendors dispute the cla...

5.5CVSS5.4AI score0.00596EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2018/06/19 9:0 p.m.46 views

CVE-2018-12096

The vulnerability CVE-2018-12096 affects liblnk (liblnk_data_string.c: liblnk_data_string_get_utf8_string_size) where a crafted .lnk file may cause heap-based buffer over-read leading to information disclosure. The vendor disputes this issue (libyal/liblnlk issue 33 on GitHub). The connected reco...

5.5CVSS5.4AI score0.00596EPSS
Exploits0References1Affected Software1
Debian CVE
Debian CVE
added 2018/06/19 9:0 p.m.17 views

CVE-2018-12098

The liblnkdatablockread function in liblnkdatablock.c in liblnk through 2018-04-19 allows remote attackers to cause an information disclosure heap-based buffer over-read via a crafted lnk file. NOTE: the vendor has disputed this as described in libyal/liblnk issue 33 on GitHub...

5.5CVSS5.4AI score0.00596EPSS
Exploits0
Debian CVE
Debian CVE
added 2018/06/19 9:0 p.m.12 views

CVE-2018-12096

The liblnkdatastringgetutf8stringsize function in liblnkdatastring.c in liblnk through 2018-04-19 allows remote attackers to cause an information disclosure heap-based buffer over-read via a crafted lnk file. NOTE: the vendor has disputed this as described in libyal/liblnk issue 33 on GitHub...

5.5CVSS5.4AI score0.00596EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2018/06/19 12:0 a.m.4 views

PT-2018-11011 · Libyal · Liblnk

Name of the Vulnerable Software and Affected Versions: liblnk versions through 2018-04-19 Description: The issue allows remote attackers to cause an information disclosure via a crafted lnk file. This is due to a heap-based buffer over-read in the liblnk data block read function in liblnk data...

5.5CVSS5.7AI score0.00596EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2018/06/19 12:0 a.m.7 views

PT-2018-11009 · Libyal · Liblnk

Name of the Vulnerable Software and Affected Versions: liblnk versions through 2018-04-19 Description: The issue is related to the liblnk data string get utf8 string size function in liblnk data string.c, which allows remote attackers to cause an information disclosure via a crafted lnk file. Thi...

5.5CVSS5.7AI score0.00596EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2018/06/19 12:0 a.m.5 views

PT-2018-11010 · Libyal · Liblnk

Name of the Vulnerable Software and Affected Versions: liblnk versions through 2018-04-19 Description: The issue allows remote attackers to cause an information disclosure via a crafted lnk file. This is due to a heap-based buffer over-read in the liblnk location information read data function in...

5.5CVSS5.6AI score0.00596EPSS
Exploits0References8
Rows per page
Query Builder