Liblouis vulnerabilities

2018-06-0600:00:00

ubuntu.com

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

9.2

Confidence

High

EPSS

0.004

Percentile

73.5%

JSON

Releases

Ubuntu 18.04 ESM
Ubuntu 17.10
Ubuntu 16.04 ESM
Ubuntu 14.04 ESM

Packages

liblouis - Braille translation library - utilities

Details

Henri Salo discovered that Liblouis incorrectly handled certain files.
An attacker could possibly use this to execute arbitrary code.
(CVE-2018-11683, CVE-2018-11684, CVE-2018-11685)

OSVersionArchitecturePackageVersionFilename
Ubuntu18.04noarchliblouis-bin< 3.5.0-1ubuntu0.2UNKNOWN
Ubuntu18.04noarchliblouis-bin-dbgsym< 3.5.0-1ubuntu0.2UNKNOWN
Ubuntu18.04noarchliblouis-data< 3.5.0-1ubuntu0.2UNKNOWN
Ubuntu18.04noarchliblouis-dev< 3.5.0-1ubuntu0.2UNKNOWN
Ubuntu18.04noarchliblouis14< 3.5.0-1ubuntu0.2UNKNOWN
Ubuntu18.04noarchliblouis14-dbgsym< 3.5.0-1ubuntu0.2UNKNOWN
Ubuntu18.04noarchpython-louis< 3.5.0-1ubuntu0.2UNKNOWN
Ubuntu18.04noarchpython3-louis< 3.5.0-1ubuntu0.2UNKNOWN
Ubuntu17.10noarchliblouis-bin< 3.0.0-3ubuntu1.2UNKNOWN
Ubuntu17.10noarchliblouis-bin-dbgsym< 3.0.0-3ubuntu1.2UNKNOWN

OS	Version	Architecture	Package	Version	Filename
Ubuntu	18.04	noarch	liblouis-bin	< 3.5.0-1ubuntu0.2	UNKNOWN
Ubuntu	18.04	noarch	liblouis-bin-dbgsym	< 3.5.0-1ubuntu0.2	UNKNOWN
Ubuntu	18.04	noarch	liblouis-data	< 3.5.0-1ubuntu0.2	UNKNOWN
Ubuntu	18.04	noarch	liblouis-dev	< 3.5.0-1ubuntu0.2	UNKNOWN
Ubuntu	18.04	noarch	liblouis14	< 3.5.0-1ubuntu0.2	UNKNOWN
Ubuntu	18.04	noarch	liblouis14-dbgsym	< 3.5.0-1ubuntu0.2	UNKNOWN
Ubuntu	18.04	noarch	python-louis	< 3.5.0-1ubuntu0.2	UNKNOWN
Ubuntu	18.04	noarch	python3-louis	< 3.5.0-1ubuntu0.2	UNKNOWN
Ubuntu	17.10	noarch	liblouis-bin	< 3.0.0-3ubuntu1.2	UNKNOWN
Ubuntu	17.10	noarch	liblouis-bin-dbgsym	< 3.0.0-3ubuntu1.2	UNKNOWN