CVE-2018-11738
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
An issue was discovered in libtskfs.a in The Sleuth Kit (TSK) from release 4.0.2 through to 4.6.1. An out-of-bounds read of a memory region was found in the function ntfs_make_data_run in tsk/fs/ntfs.c which could be leveraged by an attacker to disclose information or manipulated to read from unmapped memory causing a denial of service attack.
Se ha descubierto un problema en libtskfs.a en The Sleuth Kit (TSK), desde la versión 4.0.2 hasta la 4.6.1. Se ha encontrado una lectura fuera de límites de una región de memoria en la función ntfs_make_data_run en tsk/fs/ntfs.c que podría ser aprovechada por un atacante para revelar información o manipulada para ser leída desde la memoria no mapeada, lo que provocaría una denegación de servicio (DoS).
CVSS Scores
SSVC
- Decision:-
Timeline
- 2018-06-05 CVE Reserved
- 2018-06-05 CVE Published
- 2024-09-16 CVE Updated
- 2024-09-16 First Exploit
- 2024-09-17 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-125: Out-of-bounds Read
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|---|---|
| https://github.com/sleuthkit/sleuthkit/issues/1265 | 2024-09-16 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Sleuthkit Search vendor "Sleuthkit" | The Sleuth Kit Search vendor "Sleuthkit" for product "The Sleuth Kit" | >= 4.0.2 <= 4.6.1 Search vendor "Sleuthkit" for product "The Sleuth Kit" and version " >= 4.0.2 <= 4.6.1" | - |
Affected
| ||||||