CVE-2019-5041

Vulnerability

A stack-based buffer overflow vulnerability exists in the EnumMetaInfo function of Aspose.Words for C++ library, version 18.11.0.0. The vulnerability occurs when processing a specially crafted DOC file, leading to a buffer overflow on the stack. The library is used for document processing by various organizations [1].

Exploitation

An attacker can exploit this vulnerability by providing a malformed DOC file to the victim. The victim must open the file using an application that utilizes the vulnerable Aspose.Words library. No authentication or special network position is required; the attack can be delivered remotely, e.g., via email or download. Upon opening the file, the vulnerable code path is triggered, causing the stack-based buffer overflow [1].

Impact

Successful exploitation results in remote code execution in the context of the application using the library. This can lead to full compromise of confidentiality, integrity, and availability of the affected system. The CVSSv3 score is 9.8 (Critical) [1].

Mitigation

As of the publication date of the Talos advisory (August 21, 2019), no fix was available [1]. Users should monitor for updates from Aspose and apply patches when released. In the absence of a patch, avoid opening untrusted DOC files with applications using the vulnerable version of the library.