Debian update for htmldoc



Published: 2021-06-10
Risk High
Patch available YES
Number of vulnerabilities 8
CVE ID CVE-2021-23158
CVE-2021-23165
CVE-2021-23180
CVE-2021-23191
CVE-2021-23206
CVE-2021-26252
CVE-2021-26259
CVE-2021-26948
CWE ID CWE-415
CWE-122
CWE-20
CWE-121
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe
htmldoc (Debian package)
Operating systems & Components / Operating system package or component

Vendor Debian

Security Advisory

1) Double Free

Risk: High

CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2021-23158

CWE-ID: CWE-415 - Double Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error within the pspdf_export(0 function in ps-pdf.cxx when processing JPEG images. A remote attacker can pass specially crafted data to the application, trigger double free error and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Update htmldoc package to version 1.9.3-1+deb10u2.

Vulnerable software versions

htmldoc (Debian package): 1.9.2-1, 1.9.2-2, 1.9.3, 1.9.3-1, 1.9.7-1, 1.9.8, 1.9.8-1, 1.9.8-2

CPE External links

https://www.debian.org/security/2021/dsa-4928

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Heap-based buffer overflow

Risk: Medium

CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2021-23165

CWE-ID: CWE-122 - Heap-based Buffer Overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary error within the pspdf_prepare_outpages() function in ps-pdf.cxx. A remote attacker can pass specially crafted data to the application, trigger heap-based buffer overflow and crash the library.


Mitigation

Update htmldoc package to version 1.9.3-1+deb10u2.

Vulnerable software versions

htmldoc (Debian package): 1.9.2-1, 1.9.2-2, 1.9.3, 1.9.3-1, 1.9.7-1, 1.9.8, 1.9.8-1, 1.9.8-2

CPE External links

https://www.debian.org/security/2021/dsa-4928

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Input validation error

Risk: Medium

CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2021-23180

CWE-ID: CWE-20 - Improper Input Validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input within the file_extension() function in file.c. A remote attacker can pass specially crafted URI to the application and perform a denial of service (DoS) attack.

Mitigation

Update htmldoc package to version 1.9.3-1+deb10u2.

Vulnerable software versions

htmldoc (Debian package): 1.9.2-1, 1.9.2-2, 1.9.3, 1.9.3-1, 1.9.7-1, 1.9.8, 1.9.8-1, 1.9.8-2

CPE External links

https://www.debian.org/security/2021/dsa-4928

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Input validation error

Risk: Medium

CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2021-23191

CWE-ID: CWE-20 - Improper Input Validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input. A remote attacker can pass specially crafted JPEG image to the application and perform a denial of service (DoS) attack.

Mitigation

Update htmldoc package to version 1.9.3-1+deb10u2.

Vulnerable software versions

htmldoc (Debian package): 1.9.2-1, 1.9.2-2, 1.9.3, 1.9.3-1, 1.9.7-1, 1.9.8, 1.9.8-1, 1.9.8-2

CPE External links

https://www.debian.org/security/2021/dsa-4928

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Stack-based buffer overflow

Risk: High

CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2021-23206

CWE-ID: CWE-121 - Stack-based Buffer Overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing table attributes in parse_table() function in ps-pdf.cxx. A remote unauthenticated attacker can pass specially crafted data to the application, trigger stack-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Update htmldoc package to version 1.9.3-1+deb10u2.

Vulnerable software versions

htmldoc (Debian package): 1.9.2-1, 1.9.2-2, 1.9.3, 1.9.3-1, 1.9.7-1, 1.9.8, 1.9.8-1, 1.9.8-2

CPE External links

https://www.debian.org/security/2021/dsa-4928

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Heap-based buffer overflow

Risk: High

CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2021-26252

CWE-ID: CWE-122 - Heap-based Buffer Overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error within the pspdf_prepare_page() function ps-pdf.cxx. A remote attacker can pass specially crafted JPEG image to the application, trigger heap-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Update htmldoc package to version 1.9.3-1+deb10u2.

Vulnerable software versions

htmldoc (Debian package): 1.9.2-1, 1.9.2-2, 1.9.3, 1.9.3-1, 1.9.7-1, 1.9.8, 1.9.8-1, 1.9.8-2

CPE External links

https://www.debian.org/security/2021/dsa-4928

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Heap-based buffer overflow

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2021-26259

CWE-ID: CWE-122 - Heap-based Buffer Overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error within the render_table_row() function in ps-pdf.cxx. A remote attacker can pass specially crafted JPEG image to the application, trigger heap-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Update htmldoc package to version 1.9.3-1+deb10u2.

Vulnerable software versions

htmldoc (Debian package): 1.9.2-1, 1.9.2-2, 1.9.3, 1.9.3-1, 1.9.7-1, 1.9.8, 1.9.8-1, 1.9.8-2

CPE External links

https://www.debian.org/security/2021/dsa-4928

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) Input validation error

Risk: Medium

CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2021-26948

CWE-ID: CWE-20 - Improper Input Validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input. A remote attacker can pass specially crafted URI to the application and perform a denial of service (DoS) attack.

Mitigation

Update htmldoc package to version 1.9.3-1+deb10u2.

Vulnerable software versions

htmldoc (Debian package): 1.9.2-1, 1.9.2-2, 1.9.3, 1.9.3-1, 1.9.7-1, 1.9.8, 1.9.8-1, 1.9.8-2

CPE External links

https://www.debian.org/security/2021/dsa-4928

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###