CVE-2024-52035

CVSS v3.1

8.4

High

Vector

AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions catdoc version 0.95

Description An integer overflow issue exists in the OLE Document File Allocation Table Parser functionality. This can be triggered by a specially crafted malformed file, leading to heap-based memory corruption. An attacker can exploit this by providing a malicious file.

Recommendations For catdoc version 0.95, consider avoiding the use of the OLE Document File Allocation Table Parser functionality with untrusted files until a patch is available. As a temporary workaround, restrict the processing of malformed files to minimize the risk of exploitation.

Exploit

Fix

Integer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-190

Related Identifiers

BDU:2025-12924

CVE-2024-52035

DLA-4234-1

DSA-5953-1

MGASA-2025-0202

Affected Products

Astra Linux

Debian

Red Os

Catdoc

CVE-2024-52035

Weakness Enumeration

Related Identifiers

Affected Products

References · 29