CVE-2024-46478 – CVE-2024-46478 is a critical buffer overflow vu... (How to Fix)

Q: What is the severity of CVE-2024-46478?

CVE-2024-46478 has a CVSS score of 9.8 (CRITICAL). CVE-2024-46478 is a critical buffer overflow vulnerability in HTMLDOC v1.9.18 that allows remote attackers to execute arbitrary code or cause denial of service. The vulnerability affects systems running HTMLDOC to process untrusted HTML input, particularly web applications or document conversion services using this library.

📋 TL;DR

CVE-2024-46478 is a critical buffer overflow vulnerability in HTMLDOC v1.9.18 that allows remote attackers to execute arbitrary code or cause denial of service. The vulnerability affects systems running HTMLDOC to process untrusted HTML input, particularly web applications or document conversion services using this library.

💻 Affected Systems

Products:

HTMLDOC

Versions: v1.9.18 and earlier

Operating Systems: Linux, Windows, macOS, BSD

Default Config Vulnerable: ⚠️ Yes

Notes: Any system using HTMLDOC to process untrusted HTML/PDF files is vulnerable. The vulnerability is in the parse_pre function in ps-pdf.cxx.

📦 What is this software?

Htmldoc by Htmldoc Project

View all CVEs affecting Htmldoc →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution with full system compromise, allowing attackers to install malware, exfiltrate data, or pivot to other systems.

🟠

Likely Case

Denial of service through application crashes, with potential for limited code execution depending on memory layout and exploit sophistication.

🟢

If Mitigated

Application crashes without code execution if exploit attempts fail or memory protections are effective.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Buffer overflow vulnerabilities in parsing functions are often easily exploitable. The CWE-120 classification indicates classic buffer copy without checking size.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Fixed in commit 683bec548e642cf4a17e003fb34f6bbaf2d27b98

Vendor Advisory: https://github.com/michaelrsweet/htmldoc/issues/529

Restart Required: Yes

Instructions:

1. Update HTMLDOC to the latest version from GitHub. 2. Recompile if using source. 3. Restart any services using HTMLDOC.

🔧 Temporary Workarounds

Input Validation

all

Implement strict input validation for HTML content before passing to HTMLDOC

Process Isolation

linux

Run HTMLDOC in a sandboxed or containerized environment with limited privileges

docker run --read-only --cap-drop=ALL -v /tmp:/tmp:ro htmldoc

🧯 If You Can't Patch

Disable HTMLDOC processing of untrusted content entirely
Implement network segmentation to isolate systems running vulnerable HTMLDOC versions

🔍 How to Verify

Check if Vulnerable:

Check HTMLDOC version: htmldoc --version. If version is 1.9.18 or earlier, system is vulnerable.

Check Version:

htmldoc --version

Verify Fix Applied:

Verify version is newer than 1.9.18 and check that commit 683bec548e642cf4a17e003fb34f6bbaf2d27b98 is included.

📡 Detection & Monitoring

Log Indicators:

Segmentation fault or crash logs from HTMLDOC process
Unusual memory access patterns in system logs

Network Indicators:

Unexpected network connections from HTMLDOC process
Large or malformed HTML/PDF uploads to conversion services

SIEM Query:

process_name:"htmldoc" AND (event_type:"crash" OR memory_violation:"true")

📊 Metadata

CVE ID: CVE-2024-46478

CVSS v3 Score: 9.8 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-120

Published: October 24, 2024

Last Updated: June 24, 2025

🔗 References

https://github.com/michaelrsweet/htmldoc/commit/683bec548e642cf4a17e003fb34f6bbaf2d27b98 Patch
https://github.com/michaelrsweet/htmldoc/issues/529 Exploit,Issue Tracking,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-46478, you might also want to check these: