3 matches found
CVE-2022-29886
An integer overflow vulnerability exists in the way ESTsoft Alyac 2.5.8.544 parses OLE files. A specially-crafted OLE file can lead to a heap buffer overflow, which can result in arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability...
CVE-2022-29886
ESTsoft Alyac 2.5.8.544 is affected by CVE-2022-29886 due to an integer overflow when parsing OLE files, causing a heap-based buffer overflow that can lead to arbitrary code execution. TALOS confirms the vulnerability occurs when processing the OLE header’s Number of Mini FAT sectors; an overflow...
ESTsoft Alyac OLE header Mini FAT sectors integer overflow
Talos Vulnerability Report TALOS-2022-1533 ESTsoft Alyac OLE header Mini FAT sectors integer overflow August 3, 2022 CVE Number CVE-2022-29886 SUMMARY An integer overflow vulnerability exists in the way ESTsoft Alyac 2.5.8.544 parses OLE files. A specially-crafted OLE file can lead to a heap buff...