Описание
A stack-based buffer overflow in image_load_bmp() in HTMLDOC <= 1.9.13 results in remote code execution if the victim converts an HTML document linking to a crafted BMP file.
Ссылки
- PatchThird Party Advisory
- Release NotesThird Party Advisory
- ExploitIssue TrackingPatchThird Party Advisory
- ExploitIssue TrackingPatchThird Party Advisory
- Mailing ListThird Party Advisory
- PatchThird Party Advisory
- Release NotesThird Party Advisory
- ExploitIssue TrackingPatchThird Party Advisory
- ExploitIssue TrackingPatchThird Party Advisory
- Mailing ListThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 1.9.13 (включая)
cpe:2.3:a:htmldoc_project:htmldoc:*:*:*:*:*:*:*:*
Конфигурация 2
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
EPSS
Процентиль: 89%
0.04961
Низкий
7.8 High
CVSS3
6.8 Medium
CVSS2
Дефекты
CWE-787
Связанные уязвимости
CVSS3: 7.8
ubuntu
около 4 лет назад
A stack-based buffer overflow in image_load_bmp() in HTMLDOC <= 1.9.13 results in remote code execution if the victim converts an HTML document linking to a crafted BMP file.
CVSS3: 7.8
debian
около 4 лет назад
A stack-based buffer overflow in image_load_bmp() in HTMLDOC <= 1.9.13 ...
CVSS3: 7.8
github
около 4 лет назад
A stack-based buffer overflow in image_load_bmp() in HTMLDOC <= 1.9.13 results in remote code execution if the victim converts an HTML document linking to a crafted BMP file.
EPSS
Процентиль: 89%
0.04961
Низкий
7.8 High
CVSS3
6.8 Medium
CVSS2
Дефекты
CWE-787