An exploitable heap corruption vulnerability exists in the UnCompressUnicode functionality of Antenna House DMC HTMLFilter used by MarkLogic 8.0-6. A specially crafted xls file can cause a heap corruption resulting in arbitrary code execution. An attacker can send/provide malicious XLS file to trigger this vulnerability.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
http://www.talosintelligence.com/reports/TALOS-2017-0285/ |
History
No history.
MITRE
Status: PUBLISHED
Assigner: talos
Published: 2017-05-23T16:00:00
Updated: 2024-08-05T14:02:07.751Z
Reserved: 2016-12-01T00:00:00
Link: CVE-2017-2793
Vulnrichment
No data.
NVD
Status : Modified
Published: 2017-05-23T16:29:00.287
Modified: 2022-04-19T19:15:20.967
Link: CVE-2017-2793
Redhat
No data.