htmldoc

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description HTML Conversion Software
Version 1.9.12-1 [community]

Resolved

Group Affected Fixed Severity Status Ticket
AVG-1773 1.9.11-1 1.9.12-1 Medium Fixed
Issue Group Severity Remote Type Description
CVE-2021-26948 AVG-1773 Low No Denial of service
A null pointer dereference in htmldoc before version 1.9.12 may allow attackers to cause a denial of service via a crafted html file.
CVE-2021-26259 AVG-1773 Medium No Arbitrary code execution
A security issue was found in htmldoc before version 1.9.12. A heap buffer overflow in render_table_row() in ps-pdf.cxx may lead to arbitrary code execution...
CVE-2021-26252 AVG-1773 Medium No Arbitrary code execution
A security issue was found in htmldoc before version 1.9.12. A heap buffer overflow in pspdf_prepare_page() in ps-pdf.cxx may lead to arbitrary code...
CVE-2021-23206 AVG-1773 Medium No Arbitrary code execution
A security issue was found in htmldoc before version 1.9.12. A stack buffer overflow in parse_table() in ps-pdf.cxx may lead to arbitrary code execution and...
CVE-2021-23191 AVG-1773 Low No Denial of service
A security issue was found in htmldoc before version 1.9.12. A NULL pointer dereference in the function image_load_jpeg() in image.cxx may result in denial...
CVE-2021-23180 AVG-1773 Low No Denial of service
A security issue was found in htmldoc before version 1.9.12. A null pointer dereference in file_extension() in file.c may lead to denial of service.
CVE-2021-23165 AVG-1773 Medium No Arbitrary code execution
A security issue was found in htmldoc before version 1.9.12. A heap buffer overflow in pspdf_prepare_outpages(), in ps-pdf.cxx may lead to arbitrary code...
CVE-2021-23158 AVG-1773 Medium No Arbitrary code execution
A security issue was found in htmldoc before version 1.9.12. Double- free in function pspdf_export() in ps-pdf.cxx may result in a write- what-where...
CVE-2021-20308 AVG-1773 Medium No Arbitrary code execution
Integer overflow in htmldoc 1.9.11 and before may allow attackers to execute arbitrary code and cause a denial of service that is similar to CVE-2017-9181.