Описание
iText v7.1.17 was discovered to contain an out-of-bounds exception via the component ARCFOUREncryption.encryptARCFOUR, which allows attackers to cause a Denial of Service (DoS) via a crafted PDF file. NOTE: Vendor does not view this as a vulnerability and has not found it to be exploitable.
Ссылки
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:itextpdf:itext:7.1.17:*:*:*:*:*:*:*
EPSS
Процентиль: 59%
0.00389
Низкий
6.5 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-125
Связанные уязвимости
EPSS
Процентиль: 59%
0.00389
Низкий
6.5 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-125