Jump to:

CVE-2018-5345

Jump to:

CVE-2018-5345

Package gcab updated to version 1.0-alt1 for branch sisyphus in task 198448.

Published: 2018-01-12
Modified: 2024-11-21

CVE-2018-5345

A stack-based buffer overflow within GNOME gcab through 0.7.4 can be exploited by malicious attackers to cause a crash or, potentially, execute arbitrary code via a crafted .cab file.

Severity: HIGH (7.8) Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

References:

RHSA-2018:0350
RHSA-2018:0350
https://bugzilla.redhat.com/show_bug.cgi?id=1527296
https://bugzilla.redhat.com/show_bug.cgi?id=1527296
USN-3546-1
USN-3546-1
DSA-4095
DSA-4095

Version: 2.1.0

Package gcab update in sisyphus on 2018-01-23

ALT-PU-2018-1069-1

Closed vulnerabilities

CVE-2018-5345