Description
Integer overflow in the htmldoc 1.9.11 and before may allow attackers to execute arbitrary code and cause a denial of service that is similar to CVE-2017-9181.
References
https://bugzilla.redhat.com/show_bug.cgi?id=1946289
ExploitIssue TrackingThird Party Advisory
https://github.com/michaelrsweet/htmldoc/issues/423
ExploitIssue TrackingThird Party Advisory
https://lists.debian.org/debian-lts-announce/2021/07/msg00000.html
Mailing ListThird Party Advisory
CVSS impact metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 · Critical
CVSS V3.1
CVSS V3.0
CVSS V2.0
Information
Source identifier
Vulnerability status
Analyzed
Published
2021-04-05T22:15:12.947
4 years agoLast modified
2021-12-03T18:23:01.467
3 years ago