Vulnerability Database

289,697

Total vulnerabilities in the database

CVE-2018-18398

Xfce Thunar 1.6.15, when Xfce 4.12 is used, mishandles the IBus-Unikey input method for file searches within File Manager, leading to an out-of-bounds read and SEGV. This could potentially be exploited by an arbitrary local user who creates files in /tmp before the victim uses this input method.

  • Published: Oct 20, 2018
  • Updated: Apr 13, 2023
  • CVE: CVE-2018-18398
  • Severity: Low
  • Exploit:

CVSS v3:

  • Severity: Low
  • Score: 4.7
  • AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

CVSS v2:

  • Severity: Low
  • Score: 1.9
  • AV:L/AC:M/Au:N/C:N/I:N/A:P

CWEs:

Software From Fixed in
xfce / thunar - 1.6.15
xfce / xfce - 4.12