An integer underflow vulnerability exists in the OLE Document DIFAT Parser functionality of catdoc 0.95. A specially crafted malformed file can lead to heap-based memory corruption. An attacker can provide a malicious file to trigger this vulnerability.
References
| Link | Resource |
|---|---|
| https://talosintelligence.com/vulnerability_reports/TALOS-2024-2132 | Exploit Third Party Advisory |
| https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-2132 | Exploit Third Party Advisory |
Configurations
History
25 Aug 2025, 14:17
| Type | Values Removed | Values Added |
|---|---|---|
| References | () https://talosintelligence.com/vulnerability_reports/TALOS-2024-2132 - Exploit, Third Party Advisory | |
| References | () https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-2132 - Exploit, Third Party Advisory | |
| First Time |
Catdoc Project
Catdoc Project catdoc |
|
| CPE | cpe:2.3:a:catdoc_project:catdoc:0.95:*:*:*:*:*:*:* | |
| Summary |
|
02 Jun 2025, 17:15
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
02 Jun 2025, 15:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2025-06-02 15:15
Updated : 2025-08-25 14:17
NVD link : CVE-2024-54028
Mitre link : CVE-2024-54028
CVE.ORG link : CVE-2024-54028
JSON object : View
Products Affected
catdoc_project
- catdoc
CWE
CWE-191
Integer Underflow (Wrap or Wraparound)