CVE-2018-3933

Опубликовано: 11 июл. 2018

Источник: nvd

CVSS3: 8.8

CVSS3: 7.8

CVSS2: 6.8

EPSS Низкий

Описание

An exploitable out-of-bounds write exists in the Microsoft Word document conversion functionality of the Antenna House Office Server Document Converter version V6.1 Pro MR2 for Linux64 (6,1,2018,0312). A crafted Microsoft Word (DOC) document can lead to an out-of-bounds write, resulting in remote code execution. This vulnerability occurs in the vbputanld method.

Ссылки

https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0600
Exploit
Technical Description
Third Party Advisory
https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0600
Exploit
Technical Description
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:a:antennahouse:office_server_document_converter:6.1:mr2:*:*:pro:*:*:*

cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*

EPSS

Процентиль: 73%

0.00773

Низкий

8.8 High

CVSS3

7.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-787

Связанные уязвимости

GHSA-w29r-974p-f67j

CVSS3: 7.8

github

больше 3 лет назад

EPSS

Процентиль: 73%

0.00773

Низкий

8.8 High

CVSS3

7.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-787