CVE-2018-14043

Name of the Vulnerable Software and Affected Versions mstdlib version 1.2.0

Description The issue is related to incorrect file access control in mstdlib, specifically when the function attempts to delete an existing file without public read/write access during a copy operation. This is tied to the files fs/m fs.c and fs/m fs path.c. An attacker could potentially create such a file and gain access to the data.

Recommendations For version 1.2.0, consider restricting access to the M fs perms can access function until a patch is available, or apply configuration changes to limit file access control issues. At the moment, there is no information about a newer version that contains a fix for this vulnerability.