CVE-2017-8053

Опубликовано: 22 апр. 2017

Источник: debian

Описание

PoDoFo 0.9.5 allows denial of service (infinite recursion and stack consumption) via a crafted PDF file in PoDoFo::PdfParser::ReadDocumentStructure (PdfParser.cpp).

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
libpodofo	fixed	0.9.6+dfsg-3		package
libpodofo	no-dsa		stretch	package
libpodofo	no-dsa		jessie	package
libpodofo	no-dsa		wheezy	package

Примечания

http://openwall.com/lists/oss-security/2017/04/22/1
https://sourceforge.net/p/podofo/tickets/7/
upstream commit: https://sourceforge.net/p/podofo/code/1834
upstream commit: https://sourceforge.net/p/podofo/code/1924

Связанные уязвимости

CVE-2017-8053

CVSS3: 5.5

ubuntu

почти 9 лет назад

PoDoFo 0.9.5 allows denial of service (infinite recursion and stack consumption) via a crafted PDF file in PoDoFo::PdfParser::ReadDocumentStructure (PdfParser.cpp).

CVE-2017-8053

CVSS3: 5.5

nvd

почти 9 лет назад

PoDoFo 0.9.5 allows denial of service (infinite recursion and stack consumption) via a crafted PDF file in PoDoFo::PdfParser::ReadDocumentStructure (PdfParser.cpp).

GHSA-p7r7-9m7f-qm95

CVSS3: 5.5

github

больше 3 лет назад

PoDoFo 0.9.5 allows denial of service (infinite recursion and stack consumption) via a crafted PDF file in PoDoFo::PdfParser::ReadDocumentStructure (PdfParser.cpp).