Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2019-5041

Опубликовано: 21 авг. 2019
Источник: nvd
CVSS3: 9.8
CVSS3: 8.8
CVSS2: 6.8
EPSS Низкий

Описание

An exploitable Stack Based Buffer Overflow vulnerability exists in the EnumMetaInfo function of Aspose Aspose.Words library, version 18.11.0.0. A specially crafted doc file can cause a stack-based buffer overflow, resulting in remote code execution. An attacker needs to provide a malformed file to the victim to trigger this vulnerability.

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:a:aspose:aspose.words:18.11.0.0:*:*:*:*:*:*:*

EPSS

Процентиль: 84%
0.02118
Низкий

9.8 Critical

CVSS3

8.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-121
CWE-787

Связанные уязвимости

github логотип

GHSA-q4jc-m3mv-qhjx

CVSS3: 8.8
github
больше 3 лет назад

An exploitable Stack Based Buffer Overflow vulnerability exists in the EnumMetaInfo function of Aspose Aspose.Words library, version 18.11.0.0. A specially crafted doc file can cause a stack-based buffer overflow, resulting in remote code execution. An attacker needs to provide a malformed file to the victim to trigger this vulnerability.

EPSS

Процентиль: 84%
0.02118
Низкий

9.8 Critical

CVSS3

8.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-121
CWE-787