CVE-2018-11740
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
An issue was discovered in libtskbase.a in The Sleuth Kit (TSK) from release 4.0.2 through to 4.6.1. An out-of-bounds read of a memory region was found in the function tsk_UTF16toUTF8 in tsk/base/tsk_unicode.c which could be leveraged by an attacker to disclose information or manipulated to read from unmapped memory causing a denial of service attack.
Se ha descubierto un problema en libtskbase.a en The Sleuth Kit (TSK), desde la versión 4.0.2 hasta la 4.6.1. Se ha encontrado una lectura fuera de límites de una región de memoria en la función tsk_UTF16toUTF8 en tsk/base/tsk_unicode.c que podría ser aprovechada por un atacante para revelar información o manipulada para ser leída desde la memoria no mapeada, lo que provocaría una denegación de servicio (DoS).
CVSS Scores
SSVC
- Decision:-
Timeline
- 2018-06-05 CVE Reserved
- 2018-06-05 CVE Published
- 2024-09-17 CVE Updated
- 2024-09-17 EPSS Updated
- 2024-09-17 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-125: Out-of-bounds Read
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|---|---|
| https://github.com/sleuthkit/sleuthkit/issues/1264 | 2024-09-17 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Sleuthkit Search vendor "Sleuthkit" | The Sleuth Kit Search vendor "Sleuthkit" for product "The Sleuth Kit" | >= 4.0.2 <= 4.6.1 Search vendor "Sleuthkit" for product "The Sleuth Kit" and version " >= 4.0.2 <= 4.6.1" | - |
Affected
| ||||||