CVE-2017-11110

2017-07-0800:00:00

ubuntu.com

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

0.001 Low

EPSS

Percentile

49.5%

JSON

The ole_init function in ole.c in catdoc 0.95 allows remote attackers to
cause a denial of service (heap-based buffer underflow and application
crash) or possibly have unspecified other impact via a crafted file, i.e.,
data is written to memory addresses before the beginning of the tmpBuf
buffer.

Bugs

<http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867717>

Notes

Author	Note
sbeattie	reproducer in redhat bug report

OSVersionArchitecturePackageVersionFilename
ubuntu14.04noarchcatdoc< 0.94.4-1.1+deb8u1build0.14.04.1UNKNOWN
ubuntu16.04noarchcatdoc< 1:0.94.3~git20160113.dbc9ec6+dfsg-1+deb9u1build0.16.04.1UNKNOWN
ubuntu17.04noarchcatdoc< 1:0.94.3~git20160113.dbc9ec6+dfsg-1+deb9u1build0.17.04.1UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	14.04	noarch	catdoc	< 0.94.4-1.1+deb8u1build0.14.04.1	UNKNOWN
ubuntu	16.04	noarch	catdoc	< 1:0.94.3~git20160113.dbc9ec6+dfsg-1+deb9u1build0.16.04.1	UNKNOWN
ubuntu	17.04	noarch	catdoc	< 1:0.94.3~git20160113.dbc9ec6+dfsg-1+deb9u1build0.17.04.1	UNKNOWN