{"id":"UBUNTU-CVE-2018-1000101","details":"Mingw-w64 version 5.0.3 and earlier, 5.0.4, 6.0.0 and 7.0.0 contains an Improper Null Termination (CWE-170) vulnerability in mingw-w64-crt (libc)-\u003e(v)snprintf that can result in The bug may be used to corrupt subsequent string functions. This attack appear to be exploitable via Depending on the usage, worst case: network.","modified":"2026-05-20T16:06:08.447600885Z","published":"2018-03-06T17:29:00Z","upstream":["CVE-2018-1000101"],"references":[{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2018-1000101"},{"type":"REPORT","url":"https://sourceforge.net/p/mingw-w64/bugs/709/"},{"type":"REPORT","url":"https://www.cve.org/CVERecord?id=CVE-2018-1000101"}],"affected":[{"package":{"name":"mingw-w64","ecosystem":"Ubuntu:14.04:LTS","purl":"pkg:deb/ubuntu/mingw-w64?arch=source&distro=trusty"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["3.0~svn5915-1","3.0.0-3","3.1.0-1"],"ecosystem_specific":{"binaries":[{"binary_version":"3.1.0-1","binary_name":"mingw-w64"},{"binary_name":"mingw-w64-common","binary_version":"3.1.0-1"},{"binary_version":"3.1.0-1","binary_name":"mingw-w64-tools"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2018/UBUNTU-CVE-2018-1000101.json"}},{"package":{"name":"mingw-w64","ecosystem":"Ubuntu:16.04:LTS","purl":"pkg:deb/ubuntu/mingw-w64?arch=source&distro=xenial"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["4.0.2-4","4.0.4-1","4.0.4-2"],"ecosystem_specific":{"binaries":[{"binary_version":"4.0.4-2","binary_name":"mingw-w64"},{"binary_name":"mingw-w64-common","binary_version":"4.0.4-2"},{"binary_name":"mingw-w64-tools","binary_version":"4.0.4-2"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2018/UBUNTU-CVE-2018-1000101.json"}},{"package":{"name":"mingw-w64","ecosystem":"Ubuntu:18.04:LTS","purl":"pkg:deb/ubuntu/mingw-w64?arch=source&distro=bionic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["5.0.2-2","5.0.3-1"],"ecosystem_specific":{"binaries":[{"binary_name":"mingw-w64","binary_version":"5.0.3-1"},{"binary_name":"mingw-w64-common","binary_version":"5.0.3-1"},{"binary_name":"mingw-w64-tools","binary_version":"5.0.3-1"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2018/UBUNTU-CVE-2018-1000101.json"}},{"package":{"name":"mingw-w64","ecosystem":"Ubuntu:20.04:LTS","purl":"pkg:deb/ubuntu/mingw-w64?arch=source&distro=focal"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["6.0.0-3","6.0.0-4","7.0.0-2"],"ecosystem_specific":{"binaries":[{"binary_version":"7.0.0-2","binary_name":"mingw-w64"},{"binary_name":"mingw-w64-common","binary_version":"7.0.0-2"},{"binary_version":"7.0.0-2","binary_name":"mingw-w64-tools"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2018/UBUNTU-CVE-2018-1000101.json"}},{"package":{"name":"mingw-w64","ecosystem":"Ubuntu:22.04:LTS","purl":"pkg:deb/ubuntu/mingw-w64?arch=source&distro=jammy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["8.0.0-1"],"ecosystem_specific":{"binaries":[{"binary_version":"8.0.0-1","binary_name":"mingw-w64"},{"binary_version":"8.0.0-1","binary_name":"mingw-w64-common"},{"binary_version":"8.0.0-1","binary_name":"mingw-w64-tools"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2018/UBUNTU-CVE-2018-1000101.json"}},{"package":{"name":"mingw-w64","ecosystem":"Ubuntu:24.04:LTS","purl":"pkg:deb/ubuntu/mingw-w64?arch=source&distro=noble"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["11.0.1-2","11.0.1-3","11.0.1-3build1"],"ecosystem_specific":{"binaries":[{"binary_name":"mingw-w64","binary_version":"11.0.1-3build1"},{"binary_version":"11.0.1-3build1","binary_name":"mingw-w64-common"},{"binary_version":"11.0.1-3build1","binary_name":"mingw-w64-tools"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2018/UBUNTU-CVE-2018-1000101.json"}},{"package":{"name":"mingw-w64","ecosystem":"Ubuntu:25.10","purl":"pkg:deb/ubuntu/mingw-w64?arch=source&distro=questing"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["12.0.0-3"],"ecosystem_specific":{"binaries":[{"binary_name":"mingw-w64","binary_version":"12.0.0-3"},{"binary_version":"12.0.0-3","binary_name":"mingw-w64-common"},{"binary_version":"12.0.0-3","binary_name":"mingw-w64-tools"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2018/UBUNTU-CVE-2018-1000101.json"}},{"package":{"name":"mingw-w64","ecosystem":"Ubuntu:26.04:LTS","purl":"pkg:deb/ubuntu/mingw-w64?arch=source&distro=resolute"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["12.0.0-3","13.0.0-1+bootstrap2","13.0.0-2ubuntu1"],"ecosystem_specific":{"binaries":[{"binary_version":"13.0.0-2ubuntu1","binary_name":"mingw-w64"},{"binary_version":"13.0.0-2ubuntu1","binary_name":"mingw-w64-common"},{"binary_version":"13.0.0-2ubuntu1","binary_name":"mingw-w64-tools"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2018/UBUNTU-CVE-2018-1000101.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"medium"}]}