Vulnerabilities > CVE-2018-11438 - Out-of-bounds Write vulnerability in Libmobi Project Libmobi 0.3

047910
CVSS 8.8 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
network
low complexity
libmobi-project
CWE-787
NVD
Published: 2018-05-30
Updated: 2024-11-21

Summary

The mobi_decompress_lz77 function in compression.c in Libmobi 0.3 allows remote attackers to cause remote code execution (heap-based buffer overflow) via a crafted mobi file.

Vulnerable Configurations

Part Description Count
Application
Libmobi_Project
1

Common Weakness Enumeration (CWE)

References