CVE-2018-14681

Public on 2018-07-28

Modified on 2019-01-25

Description

An issue was discovered in kwajd_read_headers in mspack/kwajd.c in libmspack before 0.7alpha. Bad KWAJ file header extensions could cause a one or two byte overwrite.

Severity

Low

See what this means

CVSS v3 Base Score

4.4

See breakdown

Affected Packages

Platform	Package	Release Date	Advisory	Status
Amazon Linux 1	clamav	2019-01-09	ALAS-2019-1146	Fixed
Amazon Linux 2 - Core	libmspack	2019-01-23	ALAS2-2019-1152	Fixed

CVSS Scores

	Score Type	Score	Vector
Amazon Linux	CVSSv3	4.4	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L

References

FAQs regarding Amazon Linux ALAS/CVE Severity Red Hat: CVE-2018-14681 Mitre: CVE-2018-14681