CVE-2024-35333

Name of the Vulnerable Software and Affected Versions html2xhtml version 1.3

Description A stack-buffer-overflow issue exists in the read charset decl function due to improper bounds checking when copying data into a fixed-size stack buffer. An attacker can exploit this by providing a specially crafted input, causing a buffer overflow and potentially leading to arbitrary code execution, denial of service, or data corruption.

Recommendations For html2xhtml version 1.3, as a temporary workaround, consider disabling the read charset decl function until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.