EUVD-2019-14648

Malware in sbrugna...

CVE-2019-5041

An exploitable Stack Based Buffer Overflow vulnerability exists in the EnumMetaInfo function of Aspose Aspose.Words library, version 18.11.0.0. A specially crafted doc file can cause a stack-based buffer overflow, resulting in remote code execution. An attacker needs to provide a malformed file t...

CVE-2024-32146

Missing Authorization vulnerability in Aspose.Cloud Marketplace Aspose.Words Exporter.This issue affects Aspose.Words Exporter: from n/a through 6.3.1...

CVE-2024-32146

CVE-2024-32146 corresponds to a Missing Authorization vulnerability in the Aspose.Words Exporter (Aspose.Cloud Marketplace) for WordPress. Affected product: Aspose.Words Exporter

CVE-2024-32146 WordPress Aspose.Words – Import and Export word documents plugin <= 6.3.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in Aspose.Cloud Marketplace Aspose.Words Exporter.This issue affects Aspose.Words Exporter: from n/a through 6.3.1...

CVE-2024-32146 WordPress Aspose.Words – Import and Export word documents plugin <= 6.3.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in Aspose.Cloud Marketplace Aspose.Words Exporter.This issue affects Aspose.Words Exporter: from n/a through 6.3.1...

Aspose.Words Exporter <= 6.3.1 - Missing Authorization

Description The Aspose.Words – Import and Export word documents plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in all versions up to, and including, 6.3.1. This makes it possible for authenticated attackers, with subscriber-level access a...

WordPress Aspose.Words Exporter Plugin <= 6.3.1 is vulnerable to Broken Access Control

Software Aspose.Words Exporter Type Plugin Vulnerable versions = 6.3.1 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-32146 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 11984c3d7834 Credits Abdi Pranata Required...

Remote Code Execution

aspose.words is vulnerable to remote code execution. A stack-based buffer overflow in EnumMetaInfo function allows an attacker to execute arbitrary code via a malicious file...

CVE-2019-5041

An exploitable Stack Based Buffer Overflow vulnerability exists in the EnumMetaInfo function of Aspose Aspose.Words library, version 18.11.0.0. A specially crafted doc file can cause a stack-based buffer overflow, resulting in remote code execution. An attacker needs to provide a malformed file t...

Stack overflow

An exploitable Stack Based Buffer Overflow vulnerability exists in the EnumMetaInfo function of Aspose Aspose.Words library, version 18.11.0.0. A specially crafted doc file can cause a stack-based buffer overflow, resulting in remote code execution. An attacker needs to provide a malformed file t...

CVE-2019-5041

An exploitable Stack Based Buffer Overflow vulnerability exists in the EnumMetaInfo function of Aspose Aspose.Words library, version 18.11.0.0. A specially crafted doc file can cause a stack-based buffer overflow, resulting in remote code execution. An attacker needs to provide a malformed file t...

CVE-2019-5041

CVE-2019-5041 affects Aspose.Words for C++ 18.11.0.0. A stack-based buffer overflow in EnumMetaInfo can be triggered by processing a crafted DOC file, causing remote code execution. Public TALOS advisory TALOS-2019-0805 documents the vulnerability in Aspose.Words for C++ 18.11.0.0, with CVSS v3.0...

Aspose Aspose.Words for C++ EnumMetaInfo Code Execution Vulnerability

Summary An exploitable Stack Based Buffer Overflow vulnerability exists in the EnumMetaInfo function of Aspose Aspose.Words for C++, version 18.11.0.0. A specially crafted doc file can cause a stack-based buffer overflow, resulting in remote code execution. An attacker needs to provide a malforme...

WordPress Aspose.Words Exporter plugin 1.0 - Arbitrary File Download

WordPress Aspose.Words Exporter plugin is prone to an arbitrary file download vulnerability. It allows an attacker to download arbitrary files from the web server and get potentially sensitive information. Solution Update the plugin...

Aspose.Words Exporter < 2.0 - Unauthenticated Arbitrary File Download

The Aspose.Words Exporter WordPress plugin was affected by an Arbitrary File Download security vulnerability. The asposedocexporterdownload.php file of the plugin does not restrict access, check permission or validate the file parameter, allowing unauthenticated user to download any file from the...

Aspose.Words Exporter < 2.0 - Unauthenticated Arbitrary File Download

The Aspose.Words Exporter WordPress plugin was affected by an Arbitrary File Download security vulnerability. The asposedocexporterdownload.php file of the plugin does not restrict access, check permission or validate the file parameter, allowing unauthenticated user to download any file from the...