Описание
In Xpdf 4.01.01, the Parser::getObj() function in Parser.cc may cause infinite recursion via a crafted file. A remote attacker can leverage this for a DoS attack. This is similar to CVE-2018-16646.
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:glyphandcog:xpdfreader:4.01.01:*:*:*:*:*:*:*
EPSS
Процентиль: 96%
0.27509
Средний
5.5 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-674
Связанные уязвимости
CVSS3: 5.5
ubuntu
больше 6 лет назад
In Xpdf 4.01.01, the Parser::getObj() function in Parser.cc may cause infinite recursion via a crafted file. A remote attacker can leverage this for a DoS attack. This is similar to CVE-2018-16646.
CVSS3: 5.5
debian
больше 6 лет назад
In Xpdf 4.01.01, the Parser::getObj() function in Parser.cc may cause ...
github
больше 3 лет назад
In Xpdf 4.01.01, the Parser::getObj() function in Parser.cc may cause infinite recursion via a crafted file. A remote attacker can leverage this for a DoS attack. This is similar to CVE-2018-16646.
EPSS
Процентиль: 96%
0.27509
Средний
5.5 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-674