CVE-2018-11434

Name of the Vulnerable Software and Affected Versions Libmobi version 0.3

Description The issue allows remote attackers to cause information disclosure through a heap-based buffer over-read via a crafted mobi file. This is due to a problem in the buffer fill64 function in compression.c.

Recommendations For Libmobi version 0.3, consider updating to a newer version that addresses this issue, as the current version allows for information disclosure through crafted mobi files. At the moment, there is no information about a newer version that contains a fix for this vulnerability.