CVE-2018-17043

Опубликовано: 14 сент. 2018

Источник: nvd

CVSS3: 7.8

CVSS2: 6.8

EPSS Низкий

Описание

An issue has been found in doc2txt through 2014-03-19. It is a heap-based buffer overflow in the function Storage::init in Storage.cpp, called from parse_doc in parse_doc.cpp.

Ссылки

https://github.com/grandnew/software-vulnerabilities/tree/master/doc2txt#heap-buffer-overflow-in-function-storageinit
Exploit
Third Party Advisory
https://github.com/tsfn/doc2txt/issues/1
Exploit
Third Party Advisory
https://github.com/grandnew/software-vulnerabilities/tree/master/doc2txt#heap-buffer-overflow-in-function-storageinit
Exploit
Third Party Advisory
https://github.com/tsfn/doc2txt/issues/1
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:doc2txt_project:doc2txt:*:*:*:*:*:*:*:*

Версия до 2014-03-19 (включая)

EPSS

Процентиль: 44%

0.00213

Низкий

7.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-787

Связанные уязвимости

GHSA-c6w7-8r2g-xvc5