Project

General

Profile

Bug #9667

cabextract: Buffer overflow (CVE-2018-18584)

Added by Alicha CH 6 months ago. Updated 6 months ago.

Status:
Closed
Priority:
Normal
Category:
Security
Target version:
-
Start date:
11/21/2018
Due date:
% Done:

100%

Estimated time:
(Total: 0.00 h)
Affected versions:
Security IDs:
CVE-2018-18584

Description

cabextract before 1.8, the CAB block input buffer is one byte too small for the maximal Quantum block,
leading to an out-of-bounds write.

Fixed In Version:

cabextract 1.8

References:

https://www.cabextract.org.uk
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18584
https://www.openwall.com/lists/oss-security/2018/10/22/1


Subtasks

Bug #9668: [3.9] cabextract: Buffer overflow (CVE-2018-18584)ClosedLeonardo Arena

Bug #9669: [3.8] cabextract: Buffer overflow (CVE-2018-18584)ClosedLeonardo Arena

Bug #9670: [3.7] cabextract: Buffer overflow (CVE-2018-18584)ClosedLeonardo Arena

Bug #9671: [3.6] cabextract: Buffer overflow (CVE-2018-18584)ClosedLeonardo Arena

History

#1 Updated by Alicha CH 6 months ago

  • Subject changed from cabextract: Buffer overflow (CVE-2018-18584 to cabextract: Buffer overflow (CVE-2018-18584)

#2 Updated by Alicha CH 6 months ago

  • Project changed from Alpine Security to Alpine Linux
  • Category set to Security
  • Status changed from New to Closed

Also available in: Atom PDF