HTMLDoc 1.9.15 html.cxx write_header heap-based overflow

A vulnerability was found in HTMLDoc 1.9.15 and classified as critical. Affected by this issue is the function write_header of the file /htmldoc/htmldoc/html.cxx. Applying a patch is able to eliminate this problem. The bugfix is ready for download at github.com.

Field07/19/2022 10:01 AM08/06/2022 11:14 AM08/06/2022 11:21 AM
cvss2_vuldb_basescore5.25.25.2
cvss2_vuldb_tempscore5.25.25.2
cvss3_vuldb_basescore5.55.55.5
cvss3_vuldb_tempscore5.55.55.5
cvss3_meta_basescore5.55.56.5
cvss3_meta_tempscore5.55.56.5
price_0day$0-$5k$0-$5k$0-$5k
nameHTMLDocHTMLDocHTMLDoc
version1.9.151.9.151.9.15
file/htmldoc/htmldoc/html.cxx/htmldoc/htmldoc/html.cxx/htmldoc/htmldoc/html.cxx
functionwrite_headerwrite_headerwrite_header
cwe122 (heap-based overflow)122 (heap-based overflow)122 (heap-based overflow)
risk222
cvss3_vuldb_acLLL
cvss3_vuldb_uiNNN
cvss3_vuldb_sUUU
cvss3_vuldb_cLLL
cvss3_vuldb_iLLL
cvss3_vuldb_aLLL
cvss3_vuldb_rcCCC
identifier425425425
urlhttps://github.com/michaelrsweet/htmldoc/issues/425https://github.com/michaelrsweet/htmldoc/issues/425https://github.com/michaelrsweet/htmldoc/issues/425
cveCVE-2022-34033CVE-2022-34033CVE-2022-34033
cve_assigned1655676000 (06/20/2022)1655676000 (06/20/2022)1655676000 (06/20/2022)
cve_nvd_summaryHTMLDoc v1.9.15 was discovered to contain a heap overflow via (write_header) /htmldoc/htmldoc/html.cxx:273.HTMLDoc v1.9.15 was discovered to contain a heap overflow via (write_header) /htmldoc/htmldoc/html.cxx:273.HTMLDoc v1.9.15 was discovered to contain a heap overflow via (write_header) /htmldoc/htmldoc/html.cxx:273.
date1658181600 (07/19/2022)1658181600 (07/19/2022)1658181600 (07/19/2022)
cvss2_vuldb_acLLL
cvss2_vuldb_ciPPP
cvss2_vuldb_iiPPP
cvss2_vuldb_aiPPP
cvss2_vuldb_rcCCC
cvss2_vuldb_avAAA
cvss2_vuldb_auSSS
cvss2_vuldb_eNDNDND
cvss2_vuldb_rlNDNDND
cvss3_vuldb_avAAA
cvss3_vuldb_prLLL
cvss3_vuldb_eXXX
cvss3_vuldb_rlXXX
patch_urlhttps://github.com/michaelrsweet/htmldoc/commit/a0014be47d614220db111b360fb6170ef6f3937ehttps://github.com/michaelrsweet/htmldoc/commit/a0014be47d614220db111b360fb6170ef6f3937e
cvss3_nvd_avN
cvss3_nvd_acL
cvss3_nvd_prN
cvss3_nvd_uiN
cvss3_nvd_sU
cvss3_nvd_cN
cvss3_nvd_iN
cvss3_nvd_aH
cvss3_nvd_basescore7.5

Might our Artificial Intelligence support you?

Check our Alexa App!