CVE-2018-11737
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
An issue was discovered in libtskfs.a in The Sleuth Kit (TSK) from release 4.0.2 through to 4.6.1. An out-of-bounds read of a memory region was found in the function ntfs_fix_idxrec in tsk/fs/ntfs_dent.cpp which could be leveraged by an attacker to disclose information or manipulated to read from unmapped memory causing a denial of service.
Se ha descubierto un problema en libtskfs.a en The Sleuth Kit (TSK), desde la versión 4.0.2 hasta la 4.6.1. Se ha encontrado una lectura fuera de límites de una región de memoria en la función ntfs_fix_idxrec en tsk/fs/ntfs_dent.cpp que podría ser aprovechada por un atacante para revelar información o manipulada para ser leída desde la memoria no mapeada, lo que provocaría una denegación de servicio (DoS).
CVSS Scores
SSVC
- Decision:-
Timeline
- 2018-06-05 CVE Reserved
- 2018-06-05 CVE Published
- 2024-09-17 CVE Updated
- 2024-09-17 EPSS Updated
- 2024-09-17 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-125: Out-of-bounds Read
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|---|---|
| https://github.com/sleuthkit/sleuthkit/issues/1266 | 2024-09-17 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Sleuthkit Search vendor "Sleuthkit" | The Sleuth Kit Search vendor "Sleuthkit" for product "The Sleuth Kit" | >= 4.0.2 <= 4.6.1 Search vendor "Sleuthkit" for product "The Sleuth Kit" and version " >= 4.0.2 <= 4.6.1" | - |
Affected
| ||||||