Skip to main content

Libdoc

4 CVEs product

Monthly

CVE-2019-7233 HIGH POC This Week

In libdoc through 2019-01-28, doc2text in catdoc.c has a NULL pointer dereference. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Libdoc
NVD GitHub
CVSS 3.0
8.8
EPSS
1.5%
CVE-2019-7156 MEDIUM POC This Month

In libdoc through 2019-01-28, calcFileBlockOffset in ole.c allows division by zero. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Libdoc
NVD GitHub
CVSS 3.0
6.5
EPSS
1.3%
CVE-2018-20453 MEDIUM POC This Month

The getlong function in numutils.c in libdoc through 2017-10-23 has a heap-based buffer over-read that allows attackers to cause a denial of service (application crash) via a crafted file. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Denial Of Service Buffer Overflow Libdoc
NVD GitHub
CVSS 3.0
6.5
EPSS
0.9%
CVE-2018-20451 MEDIUM POC This Month

The process_file function in reader.c in libdoc through 2017-10-23 has a heap-based buffer over-read that allows attackers to cause a denial of service (application crash) via a crafted file. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Denial Of Service Buffer Overflow Libdoc
NVD GitHub
CVSS 3.1
6.5
EPSS
0.9%
EPSS 1% CVSS 8.8
HIGH POC This Week

In libdoc through 2019-01-28, doc2text in catdoc.c has a NULL pointer dereference. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Libdoc
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM POC This Month

In libdoc through 2019-01-28, calcFileBlockOffset in ole.c allows division by zero. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Libdoc
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM POC This Month

The getlong function in numutils.c in libdoc through 2017-10-23 has a heap-based buffer over-read that allows attackers to cause a denial of service (application crash) via a crafted file. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Denial Of Service Buffer Overflow +1
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM POC This Month

The process_file function in reader.c in libdoc through 2017-10-23 has a heap-based buffer over-read that allows attackers to cause a denial of service (application crash) via a crafted file. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Denial Of Service Buffer Overflow +1
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy