OESA-2026-2614

See a problem?
Please try reporting it to the source first.
Source
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2026-2614
Import Source
https://repo.openeuler.org/security/data/osv/OESA-2026-2614.json
JSON Data
https://api.osv.dev/v1/vulns/OESA-2026-2614
Upstream
Published
2026-06-12T12:24:59Z
Modified
2026-06-12T12:45:05.995958999Z
Summary
catdoc security update
Details

catdoc is program which reads one or more Microsoft word files and outputs text, contained insinde them to standard output. Therefore it does same work for.doc files, as unix cat command for plain ASCII files. It is now accompanied by xls2csv - program which converts Excel spreadsheet into comma-separated value file, and catppt - utility to extract textual information from Powerpoint files

Security Fix(es):

A memory corruption vulnerability exists in the Shared String Table Record Parser implementation in xls2csv utility version 0.95. A specially crafted malformed file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability.(CVE-2024-48877)

An integer overflow vulnerability exists in the OLE Document File Allocation Table Parser functionality of catdoc 0.95. A specially crafted malformed file can lead to heap-based memory corruption. An attacker can provide a malicious file to trigger this vulnerability.(CVE-2024-52035)

An integer underflow vulnerability exists in the OLE Document DIFAT Parser functionality of catdoc 0.95. A specially crafted malformed file can lead to heap-based memory corruption. An attacker can provide a malicious file to trigger this vulnerability.(CVE-2024-54028)

Database specific 
{
    "severity": "High"
}
References

Affected packages

openEuler:24.03-LTS-SP3 / catdoc

Package

Name
catdoc
Purl
pkg:rpm/openEuler/catdoc&distro=openEuler-24.03-LTS-SP3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.95-2.oe2403sp3

Ecosystem specific 

{
    "x86_64": [
        "catdoc-0.95-2.oe2403sp3.x86_64.rpm",
        "catdoc-debuginfo-0.95-2.oe2403sp3.x86_64.rpm",
        "catdoc-debugsource-0.95-2.oe2403sp3.x86_64.rpm"
    ],
    "src": [
        "catdoc-0.95-2.oe2403sp3.src.rpm"
    ],
    "aarch64": [
        "catdoc-0.95-2.oe2403sp3.aarch64.rpm",
        "catdoc-debuginfo-0.95-2.oe2403sp3.aarch64.rpm",
        "catdoc-debugsource-0.95-2.oe2403sp3.aarch64.rpm"
    ]
}

Database specific

source 
"https://repo.openeuler.org/security/data/osv/OESA-2026-2614.json"