{"id":"CVE-2017-11110","details":"The ole_init function in ole.c in catdoc 0.95 allows remote attackers to cause a denial of service (heap-based buffer underflow and application crash) or possibly have unspecified other impact via a crafted file, i.e., data is written to memory addresses before the beginning of the tmpBuf buffer.","modified":"2026-02-04T04:07:59.200385Z","published":"2017-07-08T17:29:00Z","related":["MGASA-2017-0240"],"references":[{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1468471"}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}]}