Published: 24 December 2018
GNU Libextractor through 1.8 has a NULL Pointer Dereference vulnerability in the function process_metadata() in plugins/ole2_extractor.c.
From the Ubuntu security team
It was discovered that Libextractor incorrectly handled metadata. An attacker could possibly use this issue to cause a denial of service.
CVSS 3 base score: 6.5
Launchpad, Ubuntu, Debian
|Ubuntu 21.04 (Hirsute Hippo)||
|Ubuntu 20.10 (Groovy Gorilla)||
|Ubuntu 20.04 LTS (Focal Fossa)||
|Ubuntu 18.04 LTS (Bionic Beaver)||
|Ubuntu 16.04 ESM (Xenial Xerus)||
|Ubuntu 14.04 ESM (Trusty Tahr)||
Does not exist
(trusty was needed)