---

Log

CVE-2021-23191 edited at 02 Jun 2021 11:02:13
Severity	- Unknown + Low
Remote	- Unknown + Local
Type	- Unknown + Denial of service
Description	+ A security issue was found in htmldoc before version 1.9.12. A NULL pointer dereference in the function image_load_jpeg() in image.cxx may result in denial of service.
References	+ https://bugzilla.redhat.com/show_bug.cgi?id=1967022 + https://github.com/michaelrsweet/htmldoc/issues/415 + https://github.com/michaelrsweet/htmldoc/commit/369b2ea1fd0d0537ba707f20a2f047b6afd2fbdc

AVG-1773 edited at 02 Jun 2021 11:01:06
Issues	CVE-2021-20308 CVE-2021-23158 CVE-2021-23165 + CVE-2021-23191 CVE-2021-26252 CVE-2021-26948

CVE-2021-23191 created at 02 Jun 2021 11:01:06
Severity	+ Unknown
Remote	+ Unknown
Type	+ Unknown
Description
References
Notes

CVE-2021-23158 edited at 02 Jun 2021 10:55:30
Severity	- Unknown + Medium
Remote	- Unknown + Local
Type	- Unknown + Arbitrary code execution
Description	+ A security issue was found in htmldoc before version 1.9.12. Double-free in function pspdf_export() in ps-pdf.cxx may result in a write-what-where condition, allowing an attacker to execute arbitrary code and denial of service.
References	+ https://bugzilla.redhat.com/show_bug.cgi?id=1967018 + https://github.com/michaelrsweet/htmldoc/issues/414 + https://github.com/michaelrsweet/htmldoc/commit/369b2ea1fd0d0537ba707f20a2f047b6afd2fbdc

AVG-1773 edited at 02 Jun 2021 10:54:19
Issues	CVE-2021-20308 + CVE-2021-23158 CVE-2021-23165 CVE-2021-26252 CVE-2021-26948

CVE-2021-23158 created at 02 Jun 2021 10:54:19
Severity	+ Unknown
Remote	+ Unknown
Type	+ Unknown
Description
References
Notes

CVE-2021-23165 edited at 02 Jun 2021 10:50:43
Severity	- Unknown + Medium
Remote	- Unknown + Local
Type	- Unknown + Arbitrary code execution
Description	+ A security issue was found in htmldoc before version 1.9.12. A heap buffer overflow in pspdf_prepare_outpages(), in ps-pdf.cxx may lead to arbitrary code execution and denial of service.
References	+ https://bugzilla.redhat.com/show_bug.cgi?id=1967014 + https://github.com/michaelrsweet/htmldoc/issues/413 + https://github.com/michaelrsweet/htmldoc/commit/6e8a95561988500b5b5ae4861b3b0cbf4fba517f

AVG-1773 edited at 02 Jun 2021 10:49:25
Issues	CVE-2021-20308 + CVE-2021-23165 CVE-2021-26252 CVE-2021-26948

CVE-2021-23165 created at 02 Jun 2021 10:49:25
Severity	+ Unknown
Remote	+ Unknown
Type	+ Unknown
Description
References
Notes

CVE-2021-26948 edited at 02 Jun 2021 10:49:06
Severity	- Unknown + Low
Remote	- Unknown + Local
Type	- Unknown + Denial of service
Description	+ A null pointer dereference in htmldoc before version 1.9.12 may allow attackers to cause a denial of service via a crafted html file.
References	+ https://bugzilla.redhat.com/show_bug.cgi?id=1967001 + https://github.com/michaelrsweet/htmldoc/issues/410 + https://github.com/michaelrsweet/htmldoc/commit/008861d8339c6ec777e487770b70b95b1ed0c1d2

CVE-2021-26252 edited at 02 Jun 2021 10:47:35
Severity	- Unknown + Medium
Remote	- Unknown + Local
Type	- Unknown + Arbitrary code execution
Description	+ A security issue was found in htmldoc before version 1.9.12. A heap buffer overflow in pspdf_prepare_page() in ps-pdf.cxx may lead to arbitrary code execution and denial of service.
References	+ https://bugzilla.redhat.com/show_bug.cgi?id=1967009 + https://github.com/michaelrsweet/htmldoc/issues/412 + https://github.com/michaelrsweet/htmldoc/commit/369b2ea1fd0d0537ba707f20a2f047b6afd2fbdc

AVG-1773 edited at 02 Jun 2021 10:46:07
Issues	CVE-2021-20308 + CVE-2021-26252 + CVE-2021-26948

CVE-2021-26252 created at 02 Jun 2021 10:46:07
Severity	+ Unknown
Remote	+ Unknown
Type	+ Unknown
Description
References
Notes

AVG-1773 edited at 02 Jun 2021 10:46:07
Issues	CVE-2021-20308 + CVE-2021-26252 + CVE-2021-26948

CVE-2021-26948 created at 02 Jun 2021 10:46:07
Severity	+ Unknown
Remote	+ Unknown
Type	+ Unknown
Description
References
Notes