CVE-2017-2792

CRITICAL Year: 2017
CVSS v3 Score
9.6
Critical
CVSS v2 Score
6.8
Medium
Weakness Type
CWE-119
View all →

Vulnerability Description

An exploitable heap corruption vulnerability exists in the iBldDirInfo functionality of Antenna House DMC HTMLFilter used by MarkLogic 8.0-6. A specially crafted xls file can cause a heap corruption resulting in arbitrary code execution. An attacker can provide a malicious xls file to trigger this vulnerability.

Related Vulnerabilities

CVE-2015-7939

CRITICAL
CVSS:9.6(Critical)

Heap-based buffer overflow in Unitronics VisiLogic OPLC IDE before 9.8.09 allows remote attackers to execute arbitrary code via a long vlp filename.

CWE-1192015

CVE-2016-0003

CRITICAL
CVSS:9.6(Critical)

Microsoft Edge allows remote attackers to execute arbitrary code via unspecified vectors, aka "Microsoft Edge Memory Corruption Vulnerability."

CWE-1192016

CVE-2016-4734

CRITICAL
CVSS:9.6(Critical)

WebKit in Apple iOS before 10, Safari before 10, and tvOS before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a differe...

CWE-1192016

CVE-2016-7277

CRITICAL
CVSS:9.6(Critical)

Microsoft Office 2016 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability."

CWE-1192016

CVE-2017-11309

CRITICAL
CVSS:9.6(Critical)

Buffer overflow in the SoftConsole client in Avaya IP Office before 10.1.1 allows remote servers to execute arbitrary code via a long response.

CWE-1192017

CVE-2017-12367

CRITICAL
CVSS:9.6(Critical)

A "Cisco WebEx Network Recording Player Denial of Service Vulnerability" exists in Cisco WebEx Network Recording Player for Advanced Recording Format (ARF) and WebEx Recording Format (WRF) files. A re...

CWE-1192017