NVD

Id
85884  
Name
CVE-2017-2798  
Description
An exploitable heap corruption vulnerability exists in the GetIndexArray functionality of Antenna House DMC HTMLFilter as used by MarkLogic 8.0-6. A specially crafted XLS file can cause a heap corruption resulting in arbitrary code execution. An attacker can send or provide a malicious XLS file to trigger this vulnerability.  
Reject
 
CVSS Version
2  
CVSS Score
6.8  
Severity
Medium  
CVSS Base Score
6.8  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:P/I:P/A:P)  
Pub Date
2017-06-12  
Published
2017-05-24  
Modified Date
2017-06-06  
Seq
2017-2798  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
422472 85884 CVE-2017-0259 98113  View
422473 85884 CVE-2017-0259 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0259  View
422474 85884 CVE-2017-0259 98113  View
422475 85884 CVE-2017-0259 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0259  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
68161 JVNDB-2017-004418 MarkLogic で使用される Antenna House DMC HTMLFilter の GetIndexArray 関数におけるバッファエラーの脆弱性 MarkLogic で使用される Antenna House DMC HTMLFilter の GetIndexArray 関数には、バッファエラーの脆弱性が存在します。 CVE-2017-2798 0 CVE-2017-2798 85884 6.8 7.8 http://jvndb.jvn.jp/ja/contents/2017/JVNDB-2017-004418.html 2017-05-04 2017-06-26 View