Your submission was sent successfully! Close

CVE-2021-43579

Published: 10 January 2022

A stack-based buffer overflow in image_load_bmp() in HTMLDOC <= 1.9.13 results in remote code execution if the victim converts an HTML document linking to a crafted BMP file.

Priority

Medium

CVSS 3 base score: 7.8

Status

Package Release Status
htmldoc
Launchpad, Ubuntu, Debian
bionic Needed

focal Needed

hirsute Ignored
(reached end-of-life)
impish Ignored
(reached end-of-life)
jammy Needs triage

trusty Needed

upstream
Released (1.9.13-1)
xenial Ignored
(out of standard support)