CVE-2017-2794

Name of the Vulnerable Software and Affected Versions MarkLogic versions 8.0-6

Description A stack-based buffer overflow issue exists in the DHFSummary functionality of AntennaHouse DMC HTMLFilter as used by MarkLogic. This can be triggered by a specially crafted PPT file, leading to stack corruption and potentially allowing arbitrary code execution. An attacker can exploit this by sending or providing a malicious PPT file.

Recommendations For MarkLogic versions 8.0-6, consider disabling the DHFSummary functionality until a patch is available to prevent exploitation through malicious PPT files.