Candidate: CVE-2018-11432
PublicDate: 2018-05-30 13:29:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11432
 https://seclists.org/fulldisclosure/2018/May/48
Description:
 The mobi_parse_mobiheader function in read.c in Libmobi 0.3 allows remote
 attackers to cause information disclosure (heap-based buffer over-read) via
 a crafted mobi file.
Ubuntu-Description:
Notes:
Mitigation:
Bugs:
Priority: untriaged
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N [6.5 MEDIUM]


Patches_libmobi:
upstream_libmobi: needs-triage
trusty_libmobi: ignored (out of standard support)
xenial_libmobi: ignored (out of standard support)
jammy_libmobi: needs-triage
devel_libmobi: needs-triage