Vulnerabilities (CVE)

Filtered by vendor Antennahouse Subscribe
Filtered by product Office Server Document Converter
Total 8 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-20839 1 Antennahouse 1 Office Server Document Converter 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
Office Server Document Converter V7.2MR4 and earlier and V7.1MR7 and earlier allows a remote unauthenticated attacker to conduct an XML External Entity (XXE) attack to cause a denial of service (DoS) condition to the other servers by processing a specially crafted XML document.
CVE-2021-20838 1 Antennahouse 1 Office Server Document Converter 2024-11-21 5.0 MEDIUM 7.5 HIGH
Office Server Document Converter V7.2MR4 and earlier and V7.1MR7 and earlier allows a remote unauthenticated attacker to conduct an XML External Entity (XXE) attack to cause a denial of service (DoS) condition by processing a specially crafted XML document.
CVE-2018-3936 2 Antennahouse, Linux 2 Office Server Document Converter, Linux Kernel 2024-11-21 6.8 MEDIUM 8.8 HIGH
In Antenna House Office Server Document Converter version V6.1 Pro MR2 for Linux64 (6,1,2018,0312), a crafted Microsoft Word (DOC) document can lead to an out-of-bounds write, resulting in remote code execution.
CVE-2018-3933 2 Antennahouse, Linux 2 Office Server Document Converter, Linux Kernel 2024-11-21 6.8 MEDIUM 8.8 HIGH
An exploitable out-of-bounds write exists in the Microsoft Word document conversion functionality of the Antenna House Office Server Document Converter version V6.1 Pro MR2 for Linux64 (6,1,2018,0312). A crafted Microsoft Word (DOC) document can lead to an out-of-bounds write, resulting in remote code execution. This vulnerability occurs in the `vbputanld` method.
CVE-2018-3932 2 Antennahouse, Linux 2 Office Server Document Converter, Linux Kernel 2024-11-21 6.8 MEDIUM 8.8 HIGH
An exploitable stack-based buffer overflow exists in the Microsoft Word document conversion functionality of the Antenna House Office Server Document Converter version V6.1 Pro MR2 for Linux64 (6,1,2018,0312). A crafted Microsoft Word (DOC) document can lead to a stack-based buffer overflow, resulting in remote code execution.
CVE-2018-3931 2 Antennahouse, Linux 2 Office Server Document Converter, Linux Kernel 2024-11-21 6.8 MEDIUM 7.8 HIGH
In Antenna House Office Server Document Converter version V6.1 Pro MR2 for Linux64 (6,1,2018,0312), a crafted Microsoft Word (DOC) document can lead to an out-of-bounds write, resulting in remote code execution. This vulnerability occurs in the `putShapeProperty` method.
CVE-2018-3930 2 Antennahouse, Linux 2 Office Server Document Converter, Linux Kernel 2024-11-21 6.8 MEDIUM 7.8 HIGH
In Antenna House Office Server Document Converter version V6.1 Pro MR2 for Linux64 (6,1,2018,0312), a crafted Microsoft Word (DOC) document can lead to an out-of-bounds write, resulting in remote code execution. This vulnerability occurs in the `vbgetfp` method.
CVE-2018-3929 2 Antennahouse, Linux 2 Office Server Document Converter, Linux Kernel 2024-11-21 6.8 MEDIUM 7.8 HIGH
An exploitable heap corruption exists in the PowerPoint document conversion functionality of the Antenna House Office Server Document Converter version V6.1 Pro MR2 for Linux64 (6,1,2018,0312). A crafted PowerPoint (PPT) document can lead to heap corruption, resulting in remote code execution.