Описание
In Antenna House Office Server Document Converter version V6.1 Pro MR2 for Linux64 (6,1,2018,0312), a crafted Microsoft Word (DOC) document can lead to an out-of-bounds write, resulting in remote code execution. This vulnerability occurs in the vbgetfp method.
Ссылки
- Issue TrackingThird Party Advisory
- Issue TrackingThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:a:antennahouse:office_server_document_converter:6.1:mr2:*:*:pro:*:*:*
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
EPSS
Процентиль: 78%
0.01123
Низкий
8.8 High
CVSS3
7.8 High
CVSS3
6.8 Medium
CVSS2
Дефекты
CWE-787
Связанные уязвимости
CVSS3: 7.8
github
больше 3 лет назад
In Antenna House Office Server Document Converter version V6.1 Pro MR2 for Linux64 (6,1,2018,0312), a crafted Microsoft Word (DOC) document can lead to an out-of-bounds write, resulting in remote code execution. This vulnerability occurs in the `vbgetfp` method.
EPSS
Процентиль: 78%
0.01123
Низкий
8.8 High
CVSS3
7.8 High
CVSS3
6.8 Medium
CVSS2
Дефекты
CWE-787