Good morning,
I would be grateful if you advise me if the Code Execution Exploit bug has been fixed and if so, what version the fix is in?
Thanks
Good morning,
I would be grateful if you advise me if the Code Execution Exploit bug has been fixed and if so, what version the fix is in?
Thanks
Could you please share some more detail about your query along with APIs that you are using? We will then answer your query according to your requirement.
Thank you for your reply, please see below:
We are using WordsAPI
More detail:
CVE-2019-5041
The EnumMetaInfo function in the Aspose Aspose.Words library, version 18.11.0.0, contains an exploitable stack-based buffer overflow vulnerability. A specially crafted .doc file can cause a stack-based buffer overflow, resulting in remote code execution. An attacker needs to provide a malformed file to the victim to trigger this vulnerability.
Affected version:
Aspose.Words 18.11.0.0
I am attempting to gain knowledge that the affect has been rectified and if so what version is currently without the above bug?
Thanks
I think this covers it (you’re welcome, Aspose):
Thank you for your assistance. This does in fact answer my question.
Much appreciated
Kind regards