Aggregates CVE and security vulnerability intelligence across all marklogic-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Common weakness patterns include vendor risk buffer overflow, with potential vendor impact application crash and vendor impact memory corruption across vendor surface software deployment use cases.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2017-2795 | An exploitable heap corruption vulnerability exists in the Txo functionality of Antenna House DMC HTMLFilter as used by MarkLogic 8.0-6. A specially crafted xls file can cause a heap corruption resulting in arbitrary code execution. An attacker can send/provide malicious XLS file to trigger this vulnerability. | [email protected] | 8.3 | 0.46% | 2018-09-07 | 2024-11-21 |
| CVE-2017-2792 | An exploitable heap corruption vulnerability exists in the iBldDirInfo functionality of Antenna House DMC HTMLFilter used by MarkLogic 8.0-6. A specially crafted xls file can cause a heap corruption resulting in arbitrary code execution. An attacker can provide a malicious xls file to trigger this vulnerability. | [email protected] | 8.3 | 0.62% | 2018-09-07 | 2024-11-21 |
| CVE-2016-8384 | An exploitable heap corruption vulnerability exists in the DHFSummary functionality of AntennaHouse DMC HTMLFilter. | [email protected] | 8.8 | 0.40% | 2018-04-24 | 2024-11-21 |
| CVE-2016-8383 | An exploitable heap corruption vulnerability exists in the Doc_GetFontTable functionality of AntennaHouse DMC HTMLFilter. A specially crafted doc file can cause a heap corruption resulting in arbitrary code execution. An attacker can send/provide malicious doc file to trigger this vulnerability. | [email protected] | 8.8 | 0.67% | 2018-04-24 | 2024-11-21 |
| CVE-2016-8382 | An exploitable heap corruption vulnerability exists in the Doc_SetSummary functionality of AntennaHouse DMC HTMLFilter. A specially crafted doc file can cause a heap corruption resulting in arbitrary code execution. An attacker can send a malicious doc file to trigger this vulnerability. | [email protected] | 8.3 | 0.67% | 2018-04-24 | 2024-11-21 |
| CVE-2017-2799 | An exploitable heap corruption vulnerability exists in the AddSst functionality of Antenna House DMC HTMLFilter as used by MarkLogic 8.0-6. A specially crafted XLS file can cause a heap corruption resulting in arbitrary code execution. An attacker can send or provide a malicious XLS file to trigger this vulnerability. | [email protected] | 8.3 | 0.56% | 2017-05-24 | 2026-05-13 |
| CVE-2017-2798 | An exploitable heap corruption vulnerability exists in the GetIndexArray functionality of Antenna House DMC HTMLFilter as used by MarkLogic 8.0-6. A specially crafted XLS file can cause a heap corruption resulting in arbitrary code execution. An attacker can send or provide a malicious XLS file to trigger this vulnerability. | [email protected] | 8.3 | 0.56% | 2017-05-24 | 2026-05-13 |
| CVE-2017-2797 | An exploitable heap overflow vulnerability exists in the ParseEnvironment functionality of AntennaHouse DMC HTMLFilter as used by MarkLogic 8.0-6. | [email protected] | 8.3 | 0.34% | 2017-05-23 | 2026-05-13 |
| CVE-2017-2794 | An exploitable stack-based buffer overflow vulnerability exists in the DHFSummary functionality of AntennaHouse DMC HTMLFilter as used by MarkLogic 8.0-6. A specially crafted PPT file can cause a stack corruption resulting in arbitrary code execution. An attacker can send/provide malicious PPT file to trigger this vulnerability. | [email protected] | 8.3 | 1.02% | 2017-05-23 | 2026-05-13 |
| CVE-2017-2793 | An exploitable heap corruption vulnerability exists in the UnCompressUnicode functionality of Antenna House DMC HTMLFilter used by MarkLogic 8.0-6. A specially crafted xls file can cause a heap corruption resulting in arbitrary code execution. An attacker can send/provide malicious XLS file to trigger this vulnerability. | [email protected] | 8.3 | 0.94% | 2017-05-23 | 2026-05-13 |
| CVE-2017-2783 | An exploitable heap corruption vulnerability exists in the FillRowFormat functionality of Antenna House DMC HTMLFilter that is shipped with MarkLogic 8.0-6. A specially crafted xls file can cause a heap corruption resulting in arbitrary code execution. An attacker can send/provide malicious xls file to trigger this vulnerability. | [email protected] | 8.3 | 0.56% | 2017-05-23 | 2026-05-13 |