CVE-2018-16982

Open Chinese Convert (OpenCC) 1.0.5 allows attackers to cause a denial of service (segmentation fault) because BinaryDict::NewFromFile in BinaryDict.cpp may have out-of-bounds keyOffset and valueOffset values via a crafted .ocd file.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.5 MEDIUM
LOCAL
LOW
NONE
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 53%
Affected Products (NVD)
VendorProductVersion
byvoidopen_chinese_convert
1.0.5
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
opencc
bionic
needed
cosmic
ignored
disco
ignored
eoan
ignored
focal
needed
groovy
ignored
hirsute
ignored
impish
ignored
jammy
needed
kinetic
ignored
lunar
ignored
mantic
ignored
noble
needed
trusty
dne
xenial
needed
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
libopencc2
suse enterprise desktop 15 SP5
1.0.5-150000.5.3.1
fixed
suse enterprise sap 12 SP5
1.0.3-5.3.1
fixed
suse enterprise sap 15 SP5
1.0.5-150000.5.3.1
fixed
suse enterprise server 12 SP3
1.0.3-5.3.1
fixed
suse enterprise server 12 SP5
1.0.3-5.3.1
fixed
suse enterprise server 15 SP4
1.0.5-150000.5.3.1
fixed
suse enterprise server 15 SP5
1.0.5-150000.5.3.1
fixed
opencc
suse enterprise desktop 15 SP5
1.0.5-150000.5.3.1
fixed
suse enterprise sap 12 SP5
1.0.3-5.3.1
fixed
suse enterprise sap 15 SP5
1.0.5-150000.5.3.1
fixed
suse enterprise server 12 SP3
1.0.3-5.3.1
fixed
suse enterprise server 12 SP5
1.0.3-5.3.1
fixed
suse enterprise server 15 SP4
1.0.5-150000.5.3.1
fixed
suse enterprise server 15 SP5
1.0.5-150000.5.3.1
fixed
opencc-data
suse enterprise desktop 15 SP5
1.0.5-150000.5.3.1
fixed
suse enterprise sap 12 SP5
1.0.3-5.3.1
fixed
suse enterprise sap 15 SP5
1.0.5-150000.5.3.1
fixed
suse enterprise server 12 SP3
1.0.3-5.3.1
fixed
suse enterprise server 12 SP5
1.0.3-5.3.1
fixed
suse enterprise server 15 SP4
1.0.5-150000.5.3.1
fixed
suse enterprise server 15 SP5
1.0.5-150000.5.3.1
fixed
opencc-devel
suse enterprise desktop 15 SP5
1.0.5-150000.5.3.1
fixed
suse enterprise sap 15 SP5
1.0.5-150000.5.3.1
fixed
suse enterprise server 15 SP4
1.0.5-150000.5.3.1
fixed
suse enterprise server 15 SP5
1.0.5-150000.5.3.1
fixed
Common Weakness Enumeration
References
https://github.com/BYVoid/OpenCC/issues/303
https://github.com/BYVoid/OpenCC/issues/303