EUVD-2024-54624

Malicious code in bioql PyPI...

CVE-2024-54028

An integer underflow vulnerability exists in the OLE Document DIFAT Parser functionality of catdoc 0.95. A specially crafted malformed file can lead to heap-based memory corruption. An attacker can provide a malicious file to trigger this vulnerability...

CVE-2024-54028

An integer underflow vulnerability exists in the OLE Document DIFAT Parser functionality of catdoc 0.95. A specially crafted malformed file can lead to heap-based memory corruption. An attacker can provide a malicious file to trigger this vulnerability...

CVE-2024-52035

An integer overflow vulnerability exists in the OLE Document File Allocation Table Parser functionality of catdoc 0.95. A specially crafted malformed file can lead to heap-based memory corruption. An attacker can provide a malicious file to trigger this vulnerability...

CVE-2024-52035

An integer overflow vulnerability exists in the OLE Document File Allocation Table Parser functionality of catdoc 0.95. A specially crafted malformed file can lead to heap-based memory corruption. An attacker can provide a malicious file to trigger this vulnerability...

CVE-2024-54028

An integer underflow vulnerability exists in the OLE Document DIFAT Parser functionality of catdoc 0.95. A specially crafted malformed file can lead to heap-based memory corruption. An attacker can provide a malicious file to trigger this vulnerability...

CVE-2024-54028

An integer underflow vulnerability exists in the OLE Document DIFAT Parser functionality of catdoc 0.95. A specially crafted malformed file can lead to heap-based memory corruption. An attacker can provide a malicious file to trigger this vulnerability...

CVE-2024-54028

An integer underflow vulnerability exists in the OLE Document DIFAT Parser functionality of catdoc 0.95. A specially crafted malformed file can lead to heap-based memory corruption. An attacker can provide a malicious file to trigger this vulnerability...

CVE-2024-54028

CVE-2024-54028 is a memory corruption vulnerability in catdoc 0.95, caused by an integer underflow in the OLE Document DIFAT Parser. A specially crafted file can trigger heap-based memory corruption. Reports in Debian/Mageia advisories indicate fixes are available in updated catdoc packages (e.g....

Catdoc utilities OLE Document DIFAT Parser integer underflow vulnerability

Talos Vulnerability Report TALOS-2024-2132 Catdoc utilities OLE Document DIFAT Parser integer underflow vulnerability June 2, 2025 CVE Number CVE-2024-54028 SUMMARY An integer underflow vulnerability exists in the OLE Document DIFAT Parser functionality of catdoc 0.95. A specially crafted malform...

PT-2025-23528 · Catdoc +1 · Catdoc +1

Name of the Vulnerable Software and Affected Versions: catdoc version 0.95 Description: An integer underflow vulnerability exists in the OLE Document DIFAT Parser functionality. A specially crafted malformed file can lead to heap-based memory corruption. An attacker can provide a malicious file t...

CVE-2009-3032

Integer overflow in kvolefio.dll 8.5.0.8339 and 10.5.0.0 in the Autonomy KeyView Filter SDK, as used in IBM Lotus Notes 8.5, Symantec Mail Security for Microsoft Exchange 5.0.10 through 5.0.13, and other products, allows context-dependent attackers to execute arbitrary code via a crafted OLE...

Integer overflow

Integer overflow in kvolefio.dll 8.5.0.8339 and 10.5.0.0 in the Autonomy KeyView Filter SDK, as used in IBM Lotus Notes 8.5, Symantec Mail Security for Microsoft Exchange 5.0.10 through 5.0.13, and other products, allows context-dependent attackers to execute arbitrary code via a crafted OLE...

CVE-2009-3032

CVE-2009-3032 describes a heap-based buffer overflow in Autonomy KeyView Filter SDK (kvolefio.dll v8.5.0.8339 and v10.5.0.0) triggered by processing crafted OLE documents, impacting products that embed KeyView (e.g., IBM Lotus Notes 8.5, Symantec Mail Security for Microsoft Exchange 5.0.x). The v...

Multi-Vendor Autonomy KeyView Filter Module OLE Document Processing Overflow

SUMMARY Symantec products that ship a third-party Autonomy KeyView filter have updated the module to address a vulnerability in the processing of specifically crafted OLE documents reported against the KeyView module. AFFECTED PRODUCTS Product | Version | Build | Solutions ---|---|---|--- Symante...

Moderate: Red Hat Security Advisory: libgsf security update

Updated libgsf packages that fix a buffer overflow flaw are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The GNOME Structured File Library is a utility library for reading and writing structured file formats. A heap based buff...

GLSA-200612-13 : libgsf: Buffer overflow

The remote host is affected by the vulnerability described in GLSA-200612-13 libgsf: Buffer overflow 'infamous41md' has discovered that the 'oleinitinfo' function may allocate too little memory for storing the contents of an OLE document, resulting in a heap buffer overflow. Impact : An attacker...

libgsf: Buffer overflow

Background The GNOME Structured File Library is an I/O library that can read and write common file types and handle structured formats that provide file-system-in-a-file semantics. Description "infamous41md" has discovered that the "oleinitinfo" function may allocate too little memory for storing...

LibGSF程序库远程堆溢出漏洞

GNOME结构化文件库（LibGSF）是用于读写结构化文件格式的工具库。 多家厂商的操作系统中所捆绑的libgsf库的oleinitinfo函数中存在堆溢出漏洞，远程攻击者可能利用此漏洞在用户机器上执行任意指令。 在分配内存时oleinitinfo函数仅获得了numbat中所指定数目的空间，然后在读取文件内容时nummetabat中所指定的数目被用作了循环的边界。由于没有充分地验证变量，因此攻击者可能通过诱骗用户打开特制的OLE文档触发堆溢出，导致执行任意指令。 Jody Goldberg libgsf 1.14.1 Jody Goldberg libgsf 1.14 Jody...

CVE-2006-4514

Heap-based buffer overflow in the oleinforeadmetabat function in Gnome Structured File library libgsf 1.14.0, and other versions before 1.14.2, allows context-dependent attackers to execute arbitrary code via a large nummetabat value in an OLE document, which causes the oleinitinfo function to...