OESA-2026-2613 catdoc security update

catdoc is program which reads one or more Microsoft word files and outputs text, contained insinde them to standard output. Therefore it does same work for.doc files, as unix cat command for plain ASCII files. It is now accompanied by xls2csv - program which converts Excel spreadsheet into...

Astra Linux – Vulnerability in catdoc

There is a memory corruption vulnerability in the implementation of the Shared String Table Record Parser in the xls2csv utility version 0.95. A specially crafted, malformed file can lead to a heap buffer overflow. An attacker can provide a malicious file to exploit this vulnerability...

ROS-20251007-01

A vulnerability in the command-line utility for extracting text content from Microsoft Word files catdoc is related to an integer overflow in the OLE Document DIFAT parser function. Exploitation vulnerability could allow an attacker to execute arbitrary code on the target system Vulnerability in ...

EUVD-2024-54625

Malicious code in bioql PyPI...

EUVD-2023-50565

Malicious code in bioql PyPI...

EUVD-2023-46126

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2023-46345

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Catdoc v0.95 was discovered to contain a NULL pointer dereference via the component xls2csv at src/xlsparse.c. CVE-2023-46345 Note that Nessus relies on the...

Linux Distros Unpatched Vulnerability : CVE-2023-41633

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Catdoc v0.95 was discovered to contain a NULL pointer dereference via the component xls2csv at src/fileutil.c. CVE-2023-41633 Note that Nessus relies on the...

Linux Distros Unpatched Vulnerability : CVE-2024-48877

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A memory corruption vulnerability exists in the Shared String Table Record Parser implementation in xls2csv utility version 0.95. A specially crafted malformed...

MGASA-2025-0202 Updated catdoc packages fix security vulnerabilities

A memory corruption vulnerability exists in the Shared String Table Record Parser implementation in the xls2csv utility version 0.95. CVE-2024-48877 An integer overflow vulnerability exists in the OLE Document File Allocation Table Parser functionality of catdoc 0.95. CVE-2024-52035 An integer...

CVE-2024-48877

A memory corruption vulnerability exists in the Shared String Table Record Parser implementation in xls2csv utility version 0.95. A specially crafted malformed file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability...

CVE-2024-48877

A memory corruption vulnerability exists in the Shared String Table Record Parser implementation in xls2csv utility version 0.95. A specially crafted malformed file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability...

CVE-2024-48877

A memory corruption vulnerability exists in the Shared String Table Record Parser implementation in xls2csv utility version 0.95. A specially crafted malformed file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability...

DEBIAN-CVE-2024-48877

A memory corruption vulnerability exists in the Shared String Table Record Parser implementation in xls2csv utility version 0.95. A specially crafted malformed file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability...

UBUNTU-CVE-2024-48877

A memory corruption vulnerability exists in the Shared String Table Record Parser implementation in xls2csv utility version 0.95. A specially crafted malformed file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability...

CVE-2024-48877

A memory corruption vulnerability exists in the Shared String Table Record Parser implementation in xls2csv utility version 0.95. A specially crafted malformed file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability...

CVE-2024-48877

A memory corruption vulnerability exists in the Shared String Table Record Parser implementation in xls2csv utility version 0.95. A specially crafted malformed file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability...

CVE-2024-48877

CVE-2024-48877 describes a memory corruption in the xls2csv 0.95 Shared String Table Record Parser, leading to a heap buffer overflow when processing a crafted file. The CVE is reflected across multiple advisories: Debian has released fixes (catdoc 0.95-4.1+deb11u1 for Bullseye and 0.95-6~deb12u1...

PT-2025-23526

Name of the Vulnerable Software and Affected Versions xls2csv utility version 0.95 Description A memory corruption issue exists in the Shared String Table Record Parser implementation. This can be triggered by a specially crafted malformed file, leading to a heap buffer overflow. An attacker can...

Catdoc xls2csv utility Shared String Table Record Parser memory corruption vulnerability

Talos Vulnerability Report TALOS-2024-2128 Catdoc xls2csv utility Shared String Table Record Parser memory corruption vulnerability June 2, 2025 CVE Number CVE-2024-48877 SUMMARY A memory corruption vulnerability exists in the Shared String Table Record Parser implementation in xls2csv utility...