exploitDog

GHSA-65q3-5qv3-95wr

Опубликовано: 13 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 8.6

Описание

An exploitable heap corruption vulnerability exists in the Txo functionality of Antenna House DMC HTMLFilter as used by MarkLogic 8.0-6. A specially crafted xls file can cause a heap corruption resulting in arbitrary code execution. An attacker can send/provide malicious XLS file to trigger this vulnerability.

An exploitable heap corruption vulnerability exists in the Txo functionality of Antenna House DMC HTMLFilter as used by MarkLogic 8.0-6. A specially crafted xls file can cause a heap corruption resulting in arbitrary code execution. An attacker can send/provide malicious XLS file to trigger this vulnerability.

Ссылки

EPSS

Процентиль: 65%

0.00492

Низкий

8.6 High

CVSS3

CVE ID

Дефекты

CWE-119

Связанные уязвимости

CVE-2017-2795

CVSS3: 8.3

nvd

больше 7 лет назад

An exploitable heap corruption vulnerability exists in the Txo functionality of Antenna House DMC HTMLFilter as used by MarkLogic 8.0-6. A specially crafted xls file can cause a heap corruption resulting in arbitrary code execution. An attacker can send/provide malicious XLS file to trigger this vulnerability.

EPSS

Процентиль: 65%

0.00492

Низкий

8.6 High

CVSS3

CVE ID

Дефекты

CWE-119