CVE-2018-18584 - In mspack/cab.h in libmspack before 0.8alpha and cabextract before 1.8, the CAB block input buffer i

CVE-2018-18584

Summary

In mspack/cab.h in libmspack before 0.8alpha and cabextract before 1.8, the CAB block input buffer is one byte too small for the maximal Quantum block, leading to an out-of-bounds write.

References

Vulnerable Configurations

cpe:2.3:a:libmspack_project:libmspack:0.5:alpha:*:*:*:*:*:*
cpe:2.3:a:libmspack_project:libmspack:0.5:alpha:*:*:*:*:*:*
cpe:2.3:a:cabextract_project:cabextract:0.1:*:*:*:*:*:*:*
cpe:2.3:a:cabextract_project:cabextract:0.1:*:*:*:*:*:*:*
cpe:2.3:a:cabextract_project:cabextract:0.2:*:*:*:*:*:*:*
cpe:2.3:a:cabextract_project:cabextract:0.2:*:*:*:*:*:*:*
cpe:2.3:a:cabextract_project:cabextract:0.3:*:*:*:*:*:*:*
cpe:2.3:a:cabextract_project:cabextract:0.3:*:*:*:*:*:*:*
cpe:2.3:a:cabextract_project:cabextract:0.4:*:*:*:*:*:*:*
cpe:2.3:a:cabextract_project:cabextract:0.4:*:*:*:*:*:*:*
cpe:2.3:a:cabextract_project:cabextract:0.5:*:*:*:*:*:*:*
cpe:2.3:a:cabextract_project:cabextract:0.5:*:*:*:*:*:*:*
cpe:2.3:a:cabextract_project:cabextract:0.6:*:*:*:*:*:*:*
cpe:2.3:a:cabextract_project:cabextract:0.6:*:*:*:*:*:*:*
cpe:2.3:a:cabextract_project:cabextract:1.0:*:*:*:*:*:*:*
cpe:2.3:a:cabextract_project:cabextract:1.0:*:*:*:*:*:*:*
cpe:2.3:a:cabextract_project:cabextract:1.1:*:*:*:*:*:*:*
cpe:2.3:a:cabextract_project:cabextract:1.1:*:*:*:*:*:*:*
cpe:2.3:a:cabextract_project:cabextract:1.2:*:*:*:*:*:*:*
cpe:2.3:a:cabextract_project:cabextract:1.2:*:*:*:*:*:*:*
cpe:2.3:a:cabextract_project:cabextract:1.3:*:*:*:*:*:*:*
cpe:2.3:a:cabextract_project:cabextract:1.3:*:*:*:*:*:*:*
cpe:2.3:a:cabextract_project:cabextract:1.4:*:*:*:*:*:*:*
cpe:2.3:a:cabextract_project:cabextract:1.4:*:*:*:*:*:*:*
cpe:2.3:a:cabextract_project:cabextract:1.5:*:*:*:*:*:*:*
cpe:2.3:a:cabextract_project:cabextract:1.5:*:*:*:*:*:*:*
cpe:2.3:a:cabextract_project:cabextract:1.6:*:*:*:*:*:*:*
cpe:2.3:a:cabextract_project:cabextract:1.6:*:*:*:*:*:*:*
cpe:2.3:a:cabextract_project:cabextract:1.7:*:*:*:*:*:*:*
cpe:2.3:a:cabextract_project:cabextract:1.7:*:*:*:*:*:*:*
cpe:2.3:a:libmspack_project:libmspack:0.4:alpha:*:*:*:*:*:*
cpe:2.3:a:libmspack_project:libmspack:0.4:alpha:*:*:*:*:*:*
cpe:2.3:a:libmspack_project:libmspack:0.3:alpha:*:*:*:*:*:*
cpe:2.3:a:libmspack_project:libmspack:0.3:alpha:*:*:*:*:*:*
cpe:2.3:a:libmspack_project:libmspack:0.6:alpha:*:*:*:*:*:*
cpe:2.3:a:libmspack_project:libmspack:0.6:alpha:*:*:*:*:*:*
cpe:2.3:a:libmspack_project:libmspack:0.7:alpha:*:*:*:*:*:*
cpe:2.3:a:libmspack_project:libmspack:0.7:alpha:*:*:*:*:*:*
cpe:2.3:a:libmspack_project:libmspack:0.7.1:alpha:*:*:*:*:*:*
cpe:2.3:a:libmspack_project:libmspack:0.7.1:alpha:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:ltss:*:*:*
cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:ltss:*:*:*
cpe:2.3:o:suse:linux_enterprise_server:12:sp2:*:*:ltss:*:*:*
cpe:2.3:o:suse:linux_enterprise_server:12:sp2:*:*:ltss:*:*:*
cpe:2.3:o:suse:linux_enterprise_server:12:sp1:*:*:ltss:*:*:*
cpe:2.3:o:suse:linux_enterprise_server:12:sp1:*:*:ltss:*:*:*
cpe:2.3:o:suse:linux_enterprise_server:12:ga:*:*:ltss:*:*:*
cpe:2.3:o:suse:linux_enterprise_server:12:ga:*:*:ltss:*:*:*
cpe:2.3:a:starwindsoftware:starwind_virtual_san:-:*:*:*:*:vsphere:*:*
cpe:2.3:a:starwindsoftware:starwind_virtual_san:-:*:*:*:*:vsphere:*:*

CVSS

Base:	4.3 (as of 25-10-2022 - 16:49)
Impact:
Exploitability:

CWE

CWE-787

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
NONE	NONE	PARTIAL

cvss-vector via4

AV:N/AC:M/Au:N/C:N/I:N/A:P

redhat via4

advisories

rhsa

id	RHSA-2019:2049

rpms

libmspack-0:0.5-0.7.alpha.el7
libmspack-debuginfo-0:0.5-0.7.alpha.el7
libmspack-devel-0:0.5-0.7.alpha.el7

refmap via4

gentoo	GLSA-201903-20
misc	https://bugs.debian.org/911640 https://github.com/kyz/libmspack/commit/40ef1b4093d77ad3a5cfcee1f5cb6108b3a3bcc2 https://www.cabextract.org.uk/#changes https://www.openwall.com/lists/oss-security/2018/10/22/1
mlist	[debian-lts-announce] 20181026 [SECURITY] [DLA 1555-1] libmspack security update
ubuntu	USN-3814-1 USN-3814-2 USN-3814-3

Last major update

25-10-2022 - 16:49

Published

23-10-2018 - 02:29

Last modified

25-10-2022 - 16:49