Lucene search
+L
FossiesCatdoc

6 matches found

CVE
CVE
added 2025/06/02 3:0 p.m.80 views

CVE-2024-52035

CVE-2024-52035 concerns catdoc 0.95, where an integer overflow in the OLE Document File Allocation Table Parser can cause heap-based memory corruption when processing a crafted file. The vulnerability is documented across multiple sources (NVD and Debian advisories) and is exploitable locally via...

8.4CVSS7.1AI score0.00252EPSS
CVE
CVE
added 2025/06/02 3:0 p.m.73 views

CVE-2024-54028

CVE-2024-54028 is a memory corruption vulnerability in catdoc 0.95, caused by an integer underflow in the OLE Document DIFAT Parser. A specially crafted file can trigger heap-based memory corruption. Reports in Debian/Mageia advisories indicate fixes are available in updated catdoc packages (e.g....

8.4CVSS6.8AI score0.00252EPSS
CVE
CVE
added 2017/07/08 5:0 p.m.72 views

CVE-2017-11110

CVE-2017-11110 affects catdoc 0.95, with a heap-based buffer underflow in ole_init (ole.c) that can be triggered by a crafted file, potentially allowing remote denial of service or other impact. Public advisories from Mageia, Debian, openSUSE, and others confirm the issue and provide patches; exa...

7.8CVSS7.9AI score0.01234EPSS
CVE
CVE
added 2023/09/01 12:0 a.m.50 views

CVE-2023-41633

Catdoc v0.95 contains a NULL pointer dereference in the xls2csv component (src/fileutil.c). This CVE (CVE-2023-41633) is supported by multiple sources (NVD, Red Hat, OSV, etc.). The vulnerability can cause crashes (availability impact), but exploitation details and a vendor patch are not provided...

5.5CVSS5.5AI score0.00205EPSS
CVE
CVE
added 2023/05/09 12:0 a.m.46 views

CVE-2023-31979

Catdoc v0.95 is affected by CVE-2023-31979: a global buffer overflow in the function process_file at /src/reader.c. Reports across NVD/OSV indicate high impact (C/H/I/A) with LOCAL attack vector and user interaction required. No patch/remediation details are provided in the connected documents; e...

7.8CVSS7.8AI score0.00277EPSS
CVE
CVE
added 2023/10/25 12:0 a.m.45 views

CVE-2023-46345

Catdoc v0.95 is affected by a NULL pointer dereference in the xls2csv component (src/xlsparse.c). The issue can impact availability (per CVSS: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) but does not affect confidentiality or integrity per the same entry. There is no publicly documented fix or patched v...

7.5CVSS7.5AI score0.00576EPSS