| Errata ID | 292 |
|---|---|
| Date | 2018-02-14 |
| Source package | catdoc |
| Fixed in version | 0.94.4-1.1.A~4.2.3.201801211553 |
| Description | This update addresses the following issue: * The ole_init function in ole.c in catdoc allows remote attackers to cause a denial of service (heap-based buffer underflow and application crash) or possibly have unspecified other impact via a crafted file, i.e., data is written to memory addresses before the beginning of the tmpBuf buffer. (CVE-2017-11110) |
| Additional notes | |
| CVE ID | CVE-2017-11110 |
| UCS Bug number | #45150 |
