CVE-2019-5032/5033/5041: Aspose Remote Code Execution Vulnerability Alert
Recently, the Cisco Talos team released several technical analysis that Aspose.cells and Aspose.words in Aspose products have remote code execution vulnerabilities. Attackers can make a malicious file to exploit related vulnerabilities and remotely execute code after user triggers.
Vulnerability summary
Aspose.Cells Code Execution Vulnerability
CVE-2019-5032
CVSS 3.0 : 9.8
An out-of-bounds read vulnerability exists in the LabelSst record parser in the Aspose.Cells library, which can be triggered by an attacker using a special XLS file, resulting in remote code execution. The user’s action is required to successfully exploit the vulnerability.
CVE-2019-5033
CVSS 3.0 : 9.8
This vulnerability is similar to CVE-2019-5032.
- Affected version
Aspose.Cells 19.1.0
For details, please refer to:
- https://www.talosintelligence.com/vulnerability_reports/TALOS-2019-0794
- https://www.talosintelligence.com/vulnerability_reports/TALOS-2019-0795
Aspose.Words code execution vulnerability
CVE-2019-5041
A stack overflow vulnerability exists in the EnumMetaInfo function of version 18.11.0.0 of the Aspose Aspose.Words library. A specially crafted doc file can cause a stack overflow, which can result in remote code execution. An attacker needs a file tailored to the victim to trigger this vulnerability.
- Affected version:
Aspose.Words 18.11.0.0
For details, please refer to:
https://www.talosintelligence.com/vulnerability_reports/TALOS-2019-0805
Solution
According to the researcher’s instructions, Aspose officials have not responded to the above vulnerabilities, nor have they released relevant patches to fix the above vulnerabilities.