CVE-2018-20453

Name of the Vulnerable Software and Affected Versions libdoc through 2017-10-23

Description The issue is related to a heap-based buffer over-read in the getlong function in numutils.c, which can be exploited by attackers to cause a denial of service, resulting in an application crash. This can be achieved by providing a crafted file.

Recommendations For libdoc through 2017-10-23, consider updating to a version released after 2017-10-23 to resolve the issue. As a temporary workaround, restrict the processing of crafted files to minimize the risk of exploitation.