CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6 matches found

Veracode•added 2019/08/08 12:7 a.m.•27 views

Improper NULL Byte Parsing

libmspack parses NULL bytes in an insecure manner. The chmdreadheaders function in mspack/chmd.c accepts filenames that has \0 as its first or second character. This could allow attackers to bypass input validations or authorization controls...

4.3CVSS4.7AI score0.01307EPSS

Exploits1References15Affected Software1

OSV•added 2018/10/23 2:29 a.m.•30 views

CVE-2018-18585

chmdreadheaders in mspack/chmd.c in libmspack before 0.8alpha accepts a filename that has '\0' as its first or second character such as the "/\0" name...

4.3CVSS3.1AI score

Exploits0References10

NVD•added 2018/10/23 2:29 a.m.•13 views

CVE-2018-18585

chmdreadheaders in mspack/chmd.c in libmspack before 0.8alpha accepts a filename that has '\0' as its first or second character such as the "/\0" name...

4.3CVSS5.2AI score0.01307EPSS

Exploits1References10

Debian CVE•added 2018/10/23 12:0 a.m.•27 views

CVE-2018-18585

chmdreadheaders in mspack/chmd.c in libmspack before 0.8alpha accepts a filename that has '\0' as its first or second character such as the "/\0" name...

4.3CVSS6.3AI score0.01307EPSS

Exploits1

AlpineLinux•added 2018/10/23 12:0 a.m.•25 views

CVE-2018-18585

chmdreadheaders in mspack/chmd.c in libmspack before 0.8alpha accepts a filename that has '\0' as its first or second character such as the "/\0" name...

4.3CVSS5.7AI score0.01307EPSS

Exploits1