Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2018-5309

Опубликовано: 09 янв. 2018
Источник: debian

Описание

In PoDoFo 0.9.5, there is an integer overflow in the PdfObjectStreamParserObject::ReadObjectsFromStream function (base/PdfObjectStreamParserObject.cpp). Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted pdf file.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
libpodofofixed0.9.6+dfsg-3package
libpodofono-dsastretchpackage
libpodofono-dsajessiepackage
libpodofono-dsawheezypackage

Примечания

  • https://sourceforge.net/p/podofo/tickets/5/

  • https://bugzilla.redhat.com/show_bug.cgi?id=1532381

  • upstream commit: https://sourceforge.net/p/podofo/code/1907

Связанные уязвимости

ubuntu логотип

CVE-2018-5309

CVSS3: 5.5
ubuntu
около 8 лет назад

In PoDoFo 0.9.5, there is an integer overflow in the PdfObjectStreamParserObject::ReadObjectsFromStream function (base/PdfObjectStreamParserObject.cpp). Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted pdf file.

nvd логотип

CVE-2018-5309

CVSS3: 5.5
nvd
около 8 лет назад

In PoDoFo 0.9.5, there is an integer overflow in the PdfObjectStreamParserObject::ReadObjectsFromStream function (base/PdfObjectStreamParserObject.cpp). Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted pdf file.

github логотип

GHSA-493w-wpw3-cqhw

CVSS3: 5.5
github
больше 3 лет назад

In PoDoFo 0.9.5, there is an integer overflow in the PdfObjectStreamParserObject::ReadObjectsFromStream function (base/PdfObjectStreamParserObject.cpp). Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted pdf file.

suse-cvrf логотип

SUSE-SU-2024:3550-1

suse-cvrf
больше 1 года назад

Security update for podofo

suse-cvrf логотип

SUSE-SU-2019:0393-1

suse-cvrf
почти 7 лет назад

Security update for podofo