CATDOC 'ole_init' Letter Denial of Service Vulnerability

catdoc is a Word text extraction software. The software is able to extract readable text from Word with character encoding conversion. A security vulnerability exists in the 'oleinit' function of the ole.c file in catdoc version 0.95. A remote attacker can exploit this vulnerability with a...

CVE-2017-11110

The oleinit function in ole.c in catdoc 0.95 allows remote attackers to cause a denial of service heap-based buffer underflow and application crash or possibly have unspecified other impact via a crafted file, i.e., data is written to memory addresses before the beginning of the tmpBuf buffer...