Описание
A use after free vulnerability was discovered in PDFTron SDK version 9.2.0. A crafted PDF can overwrite RIP with data previously allocated on the heap. This issue affects: PDFTron PDFTron SDK 9.2.0 on OSX; 9.2.0 on Linux; 9.2.0 on Windows.
Ссылки
- Third Party Advisory
- Vendor Advisory
- Third Party Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:a:pdftron:pdftron:9.2.0:*:*:*:*:*:*:*
Одно из
cpe:2.3:a:linux:linux_kernel:-:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
EPSS
Процентиль: 48%
0.00246
Низкий
6.5 Medium
CVSS3
7.8 High
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-416
Связанные уязвимости
CVSS3: 7.8
github
почти 4 года назад
A use after free vulnerability was discovered in PDFTron SDK version 9.2.0. A crafted PDF can overwrite RIP with data previously allocated on the heap. This issue affects: PDFTron PDFTron SDK 9.2.0 on OSX; 9.2.0 on Linux; 9.2.0 on Windows.
EPSS
Процентиль: 48%
0.00246
Низкий
6.5 Medium
CVSS3
7.8 High
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-416