Search Results | AttackerKB

Show filters

Topics 4 Users 9,788

Clear All

Disclosure Date

Disclosure Year Disclosure Month

Collection Command and Control Credential Access Defense Evasion Discovery Execution Exfiltration Impact Initial Access Lateral Movement Persistence Privilege Escalation

4 Total Results

Displaying 1-4 of 4

Attacker Value

Unknown

CVE-2023-46345

Disclosure Date: October 26, 2023 (last updated February 25, 2025)

Catdoc v0.95 was discovered to contain a NULL pointer dereference via the component xls2csv at src/xlsparse.c.

Attack Vector: Network Privileges: None User Interaction: None

0

Attacker Value

Unknown

CVE-2023-41633

Disclosure Date: September 01, 2023 (last updated February 25, 2025)

Catdoc v0.95 was discovered to contain a NULL pointer dereference via the component xls2csv at src/fileutil.c.

Attack Vector: Local Privileges: None User Interaction: Required

0

Attacker Value

Unknown

CVE-2023-31979

Disclosure Date: May 09, 2023 (last updated February 24, 2025)

Catdoc v0.95 was discovered to contain a global buffer overflow via the function process_file at /src/reader.c.

Attack Vector: Local Privileges: None User Interaction: Required

0

Attacker Value

Unknown

CVE-2017-11110

Disclosure Date: July 08, 2017 (last updated November 26, 2024)

The ole_init function in ole.c in catdoc 0.95 allows remote attackers to cause a denial of service (heap-based buffer underflow and application crash) or possibly have unspecified other impact via a crafted file, i.e., data is written to memory addresses before the beginning of the tmpBuf buffer.

0