CVE-2018-18586

Name
CVE-2018-18586
Description
chmextract.c in the chmextract sample program, as distributed with libmspack before 0.8alpha, does not protect against absolute/relative pathnames in CHM files, leading to Directory Traversal. NOTE: the vendor disputes that this is a libmspack vulnerability, because chmextract.c was only intended as a source-code example, not a supported application
NVD Severity
unknown
Other trackers
CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia
Mailing lists
oss-security, full-disclosure, bugtraq
Exploits
Exploit DB, Metasploit
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
Mailing List https://www.openwall.com/lists/oss-security/2018/10/22/1
Exploit https://github.com/kyz/libmspack/commit/7cadd489698be117c47efcadd742651594429e6d
Mailing List https://bugs.debian.org/911639
Third Party Advisory https://security.gentoo.org/glsa/201903-20

Match rules

CPE URI Source package Min version Max version
cpe:2.3:a:kyzer:libmspack:0.3:alpha:*:*:*:*:*:* libmspack == None == 0.3
cpe:2.3:a:kyzer:libmspack:0.7:alpha:*:*:*:*:*:* libmspack == None == 0.7
cpe:2.3:a:kyzer:libmspack:0.6:alpha:*:*:*:*:*:* libmspack == None == 0.6
cpe:2.3:a:kyzer:libmspack:0.5:alpha:*:*:*:*:*:* libmspack == None == 0.5
cpe:2.3:a:kyzer:libmspack:0.4:alpha:*:*:*:*:*:* libmspack == None == 0.4

Vulnerable and fixed packages

Source package Branch Version Maintainer Status