PT-2022-27175 · Unknown · Html2Xhtml

Halcy0Nic

Published

2022-11-08

Updated

2025-05-01

CVE-2022-44311

CVSS v3.1

8.1

High

Vector

AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H

Name of the Vulnerable Software and Affected Versions html2xhtml version 1.3

Description The issue is related to an Out-Of-Bounds read in the elm close() function at procesador.c. This allows attackers to access sensitive files or cause a Denial of Service (DoS) via a crafted html file.

Recommendations For html2xhtml version 1.3, consider disabling the elm close() function as a temporary workaround until a patch is available. Restrict access to sensitive files to minimize the risk of exploitation. Avoid using crafted html files that could trigger the Out-Of-Bounds read in the elm close() function until the issue is resolved.

Exploit

Fix

DoS

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-125

Related Identifiers

CVE-2022-44311

Affected Products

Html2Xhtml

PT-2022-27175 · Unknown · Html2Xhtml

CVE-2022-44311

Weakness Enumeration

Related Identifiers

Affected Products

References · 7