Описание
In PoDoFo 0.9.5, there exists an infinite loop vulnerability in PdfParserObject::ParseFileComplete() in PdfParserObject.cpp which may result in stack overflow. Remote attackers could leverage this vulnerability to cause a denial-of-service or possibly unspecified other impact via a crafted pdf file.
Ссылки
- Issue TrackingThird Party Advisory
- ExploitThird Party AdvisoryVDB Entry
- Issue TrackingThird Party Advisory
- ExploitThird Party AdvisoryVDB Entry
Уязвимые конфигурации
EPSS
8.8 High
CVSS3
6.8 Medium
CVSS2
Дефекты
Связанные уязвимости
In PoDoFo 0.9.5, there exists an infinite loop vulnerability in PdfParserObject::ParseFileComplete() in PdfParserObject.cpp which may result in stack overflow. Remote attackers could leverage this vulnerability to cause a denial-of-service or possibly unspecified other impact via a crafted pdf file.
In PoDoFo 0.9.5, there exists an infinite loop vulnerability in PdfPar ...
In PoDoFo 0.9.5, there exists an infinite loop vulnerability in PdfParserObject::ParseFileComplete() in PdfParserObject.cpp which may result in stack overflow. Remote attackers could leverage this vulnerability to cause a denial-of-service or possibly unspecified other impact via a crafted pdf file.
Уязвимость функции PdfParserObject::ParseFileComplete() компонента PdfParserObject.cpp программной библиотеки для работы с PDF PoDoFo, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации и вызвать отказ в обслуживании
EPSS
8.8 High
CVSS3
6.8 Medium
CVSS2