Buffer Overflow in Bitdefender Engines Affects User Experience
CVE-2018-18059

5.3MEDIUM

Key Information:

Vendor: Bitdefender
Status: Scan Engines
Vendor: CVE Published:; 24 May 2019

🔔 Create Bitdefender Vulnerability Alert

What is CVE-2018-18059?

A vulnerability exists in the rar.xmd parser of Bitdefender Engines prior to version 7.76675 due to insufficient validation of user-supplied data. This oversight can lead to a read past the end of an allocated buffer. Although user interaction is required to exploit this vulnerability—such as visiting a compromised website or opening a malicious file—it poses risks that could potentially result in a denial-of-service condition when combined with other vulnerabilities.

References

https://www.bitdefender.com/

x_refsource_MISC

https://www.bitdefender.com/support/security-advisories/b...

x_refsource_MISC

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 24, 2019
Vulnerability Reserved
Oct 8, 2018