Out-of-Bounds Write Vulnerability in mspack/cab.h

Out-of-Bounds Write Vulnerability in mspack/cab.h

CVE-2018-18584 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

In mspack/cab.h in libmspack before 0.8alpha and cabextract before 1.8, the CAB block input buffer is one byte too small for the maximal Quantum block, leading to an out-of-bounds write.

Learn more about our Cis Benchmark Audit For Ibm I.