← Back

Fossies

fossies

6 CVEs • 1 product

Products (1)

Click to collapse
Toggle
Catdoc
catdoc
6 CVEs

CVEs (6)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2024-54028
3Catdoc Project
DebianFossies
3Catdoc
CatdocDebian Linux
Jun 17, 2026
Jun 2, 2025
N/A· v4
7.8 HIGH· v3
N/A· v2
An integer underflow vulnerability exists in the OLE Document DIFAT Parser functionality of catdoc 0.95. A specially crafted malformed file can lead to heap-based memory corruption. An attacker can provide a malicious fi...Show more
An integer underflow vulnerability exists in the OLE Document DIFAT Parser functionality of catdoc 0.95. A specially crafted malformed file can lead to heap-based memory corruption. An attacker can provide a malicious file to trigger this vulnerability.Show less
CVE-2024-52035
3Catdoc Project
DebianFossies
3Catdoc
CatdocDebian Linux
Jun 17, 2026
Jun 2, 2025
N/A· v4
7.8 HIGH· v3
N/A· v2
An integer overflow vulnerability exists in the OLE Document File Allocation Table Parser functionality of catdoc 0.95. A specially crafted malformed file can lead to heap-based memory corruption. An attacker can provide...Show more
An integer overflow vulnerability exists in the OLE Document File Allocation Table Parser functionality of catdoc 0.95. A specially crafted malformed file can lead to heap-based memory corruption. An attacker can provide a malicious file to trigger this vulnerability.Show less
CVE-2023-46345
1Fossies
1Catdoc
Jun 17, 2026
Oct 26, 2023
N/A· v4
7.5 HIGH· v3
N/A· v2
Catdoc v0.95 was discovered to contain a NULL pointer dereference via the component xls2csv at src/xlsparse.c.
CVE-2023-41633
2Catdoc Project
Fossies
2Catdoc
Catdoc
Jun 17, 2026
Sep 1, 2023
N/A· v4
5.5 MEDIUM· v3
N/A· v2
Catdoc v0.95 was discovered to contain a NULL pointer dereference via the component xls2csv at src/fileutil.c.
CVE-2023-31979
2Catdoc Project
Fossies
2Catdoc
Catdoc
Jun 17, 2026
May 9, 2023
N/A· v4
7.8 HIGH· v3
N/A· v2
Catdoc v0.95 was discovered to contain a global buffer overflow via the function process_file at /src/reader.c.
CVE-2017-11110
1Fossies
1Catdoc
May 13, 2026
Jul 8, 2017
N/A· v4
7.8 HIGH· v3
6.8 MEDIUM· v2
The ole_init function in ole.c in catdoc 0.95 allows remote attackers to cause a denial of service (heap-based buffer underflow and application crash) or possibly have unspecified other impact via a crafted file, i.e., d...Show more
The ole_init function in ole.c in catdoc 0.95 allows remote attackers to cause a denial of service (heap-based buffer underflow and application crash) or possibly have unspecified other impact via a crafted file, i.e., data is written to memory addresses before the beginning of the tmpBuf buffer.Show less