GNU Libextractor through 1.8 has an out-of-bounds read vulnerability in the function historyextract() in plugins/ole2extractor.c, related to EXTRACTORcommonconverttoutf8 in common/convert.c.
{ "binaries": [ { "binary_version": "1:1.3-1ubuntu0.1~esm1", "binary_name": "extract" }, { "binary_version": "1:1.3-1ubuntu0.1~esm1", "binary_name": "extract-dbgsym" }, { "binary_version": "1:1.3-1ubuntu0.1~esm1", "binary_name": "libextractor-dbg" }, { "binary_version": "1:1.3-1ubuntu0.1~esm1", "binary_name": "libextractor-dev" }, { "binary_version": "1:1.3-1ubuntu0.1~esm1", "binary_name": "libextractor-dev-dbgsym" }, { "binary_version": "1:1.3-1ubuntu0.1~esm1", "binary_name": "libextractor3" }, { "binary_version": "1:1.3-1ubuntu0.1~esm1", "binary_name": "libextractor3-dbgsym" } ], "ubuntu_priority": "medium", "availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro" }
{ "binaries": [ { "binary_version": "1:1.3-4+deb9u3build0.16.04.1", "binary_name": "extract" }, { "binary_version": "1:1.3-4+deb9u3build0.16.04.1", "binary_name": "extract-dbgsym" }, { "binary_version": "1:1.3-4+deb9u3build0.16.04.1", "binary_name": "libextractor-dbg" }, { "binary_version": "1:1.3-4+deb9u3build0.16.04.1", "binary_name": "libextractor-dev" }, { "binary_version": "1:1.3-4+deb9u3build0.16.04.1", "binary_name": "libextractor-dev-dbgsym" }, { "binary_version": "1:1.3-4+deb9u3build0.16.04.1", "binary_name": "libextractor3" }, { "binary_version": "1:1.3-4+deb9u3build0.16.04.1", "binary_name": "libextractor3-dbgsym" } ], "ubuntu_priority": "medium", "availability": "No subscription required" }
{ "binaries": [ { "binary_version": "1:1.9-2", "binary_name": "extract" }, { "binary_version": "1:1.9-2", "binary_name": "extract-dbgsym" }, { "binary_version": "1:1.9-2", "binary_name": "libextractor-dev" }, { "binary_version": "1:1.9-2", "binary_name": "libextractor3" }, { "binary_version": "1:1.9-2", "binary_name": "libextractor3-dbgsym" } ], "ubuntu_priority": "medium", "availability": "No subscription required" }