CVE-2018-10858

Summary

A heap-buffer overflow was found in the way samba clients processed extra long filename in a directory listing. A malicious samba server could use this flaw to cause arbitrary code execution on a samba client. Samba versions before 4.6.16, 4.7.9 and 4.8.4 are vulnerable.

Affected Software

VendorProductVersion RangeStatus
The Samba Teamsamba4.6.16affected
The Samba Teamsamba4.7.9affected
The Samba Teamsamba4.8.4affected

Weaknesses

  • CWE-20: CWE-20

ADP Enrichment

CVE Program Container

Additional References

References