CVE-2021-43579
published 2022-01-10CVE-2021-43579: A stack-based buffer overflow in image_load_bmp() in HTMLDOC <= 1.9.13 results in remote code execution if the victim converts an HTML document linking to a…
PriorityP347high7.8CVSS 3.1
AVLACLPRNUIRSUCHIHAH
EXPLOIT
EPSS
7.35%
93.6th percentile
A stack-based buffer overflow in image_load_bmp() in HTMLDOC <= 1.9.13 results in remote code execution if the victim converts an HTML document linking to a crafted BMP file.
Affected
11 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | debian_linux | — | — |
| debian | htmldoc | < htmldoc 1.9.13-1 (bookworm) | htmldoc 1.9.13-1 (bookworm) |
| htmldoc_project | htmldoc | <= 1.9.13 | — |
| htmldoc_project | htmldoc | >= 0 < 1.9.11-4+deb11u1 | 1.9.11-4+deb11u1 |
| htmldoc_project | htmldoc | >= 0 < 1.9.13-1 | 1.9.13-1 |
| htmldoc_project | htmldoc | >= 0 < 1.9.13-1 | 1.9.13-1 |
| htmldoc_project | htmldoc | >= 0 < 1.9.13-1 | 1.9.13-1 |
| htmldoc_project | htmldoc | >= 0 < 1.8.27-8ubuntu1+esm3 | 1.8.27-8ubuntu1+esm3 |
| htmldoc_project | htmldoc | >= 0 < 1.8.27-8ubuntu1.1+esm2 | 1.8.27-8ubuntu1.1+esm2 |
| htmldoc_project | htmldoc | >= 0 < 1.9.2-1ubuntu0.2+esm1 | 1.9.2-1ubuntu0.2+esm1 |
| htmldoc_project | htmldoc | >= 0 < 1.9.7-1ubuntu0.3+esm1 | 1.9.7-1ubuntu0.3+esm1 |
CVSS provenance
nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
osv9.8CRITICAL
vendor_ubuntu9.8CRITICAL
vendor_debian7.8LOW
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
HTMLDOC vulnerabilities
osv·2025-01-08·CVSS 9.8
CVE-2021-20308 [CRITICAL] HTMLDOC vulnerabilities
HTMLDOC vulnerabilities
It was discovered that HTMLDOC incorrectly handled certain inputs, which
could lead to an integer overflow. An attacker could potentially use this
issue to cause a denial of service or execute arbitrary code.
(CVE-2021-20308)
It was discovered that HTMLDOC incorrectly handled memory in pspdf_export,
which could lead to a double-free. An attacker could potentially use this
issue to cause a denial of service or execute arbitrary code.
(CVE-2021-23158)
It was discovered that HTMLDOC incorrectly handled memory when loading a
JPEG image, which could lead to a NULL pointer dereference. An attacker
could potentially use this issue to cause a denial of service.
(CVE-2021-23191, CVE-2021-26948)
It was discovered that HTMLDOC incorrectly handled certain inputs, which
coul
GHSA
GHSA-999x-mjp8-5gfp: A stack-based buffer overflow in image_load_bmp() in HTMLDOC <= 1
ghsa_unreviewed·2022-01-11
CVE-2021-43579 [HIGH] CWE-787 GHSA-999x-mjp8-5gfp: A stack-based buffer overflow in image_load_bmp() in HTMLDOC <= 1
A stack-based buffer overflow in image_load_bmp() in HTMLDOC <= 1.9.13 results in remote code execution if the victim converts an HTML document linking to a crafted BMP file.
OSV
CVE-2021-43579: A stack-based buffer overflow in image_load_bmp() in HTMLDOC <= 1
osv·2022-01-10·CVSS 7.8
CVE-2021-43579 [HIGH] CVE-2021-43579: A stack-based buffer overflow in image_load_bmp() in HTMLDOC <= 1
A stack-based buffer overflow in image_load_bmp() in HTMLDOC <= 1.9.13 results in remote code execution if the victim converts an HTML document linking to a crafted BMP file.
Ubuntu
HTMLDOC vulnerabilities
vendor_ubuntu·2025-01-08·CVSS 9.8
CVE-2021-34121 [CRITICAL] HTMLDOC vulnerabilities
Title: HTMLDOC vulnerabilities
Summary: Several security issues were fixed in HTMLDOC.
It was discovered that HTMLDOC incorrectly handled certain inputs, which
could lead to an integer overflow. An attacker could potentially use this
issue to cause a denial of service or execute arbitrary code.
(CVE-2021-20308)
It was discovered that HTMLDOC incorrectly handled memory in pspdf_export,
which could lead to a double-free. An attacker could potentially use this
issue to cause a denial of service or execute arbitrary code.
(CVE-2021-23158)
It was discovered that HTMLDOC incorrectly handled memory when loading a
JPEG image, which could lead to a NULL pointer dereference. An attacker
could potentially use this issue to cause a denial of service.
(CVE-2021-23191, CVE-2021-26948)
It was discov
Debian
CVE-2021-43579: htmldoc - A stack-based buffer overflow in image_load_bmp() in HTMLDOC <= 1.9.13 results i...
vendor_debian·2021·CVSS 7.8
CVE-2021-43579 [HIGH] CVE-2021-43579: htmldoc - A stack-based buffer overflow in image_load_bmp() in HTMLDOC <= 1.9.13 results i...
A stack-based buffer overflow in image_load_bmp() in HTMLDOC <= 1.9.13 results in remote code execution if the victim converts an HTML document linking to a crafted BMP file.
Scope: local
bookworm: resolved (fixed in 1.9.13-1)
bullseye: resolved (fixed in 1.9.11-4+deb11u1)
forky: resolved (fixed in 1.9.13-1)
sid: resolved (fixed in 1.9.13-1)
trixie: resolved (fixed in 1.9.13-1)
No detection rules found.
No writeups or analysis indexed.
https://github.com/michaelrsweet/htmldoc/commit/27d08989a5a567155d506ac870ae7d8cc88fa58bhttps://github.com/michaelrsweet/htmldoc/compare/v1.9.12...v1.9.13https://github.com/michaelrsweet/htmldoc/issues/453https://github.com/michaelrsweet/htmldoc/issues/456https://lists.debian.org/debian-lts-announce/2022/02/msg00022.htmlhttps://github.com/michaelrsweet/htmldoc/commit/27d08989a5a567155d506ac870ae7d8cc88fa58bhttps://github.com/michaelrsweet/htmldoc/compare/v1.9.12...v1.9.13https://github.com/michaelrsweet/htmldoc/issues/453https://github.com/michaelrsweet/htmldoc/issues/456https://lists.debian.org/debian-lts-announce/2022/02/msg00022.html
2022-01-10
Published