Описание
In PoDoFo 0.9.5, there exists an infinite loop vulnerability in PdfParserObject::ParseFileComplete() in PdfParserObject.cpp which may result in stack overflow. Remote attackers could leverage this vulnerability to cause a denial-of-service or possibly unspecified other impact via a crafted pdf file.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | ignored | end of life |
| bionic | ignored | end of standard support, was needed |
| cosmic | ignored | end of life |
| devel | not-affected | 0.9.8+dfsg-3.2 |
| disco | ignored | end of life |
| eoan | ignored | end of life |
| esm-apps/bionic | released | 0.9.5-9ubuntu0.1~esm1 |
| esm-apps/focal | released | 0.9.6+dfsg-5ubuntu0.1~esm1 |
| esm-apps/jammy | released | 0.9.7+dfsg-3ubuntu0.1~esm1 |
| esm-apps/noble | not-affected | 0.9.8+dfsg-3.1build3 |
Показывать по
6.8 Medium
CVSS2
8.8 High
CVSS3
Связанные уязвимости
In PoDoFo 0.9.5, there exists an infinite loop vulnerability in PdfParserObject::ParseFileComplete() in PdfParserObject.cpp which may result in stack overflow. Remote attackers could leverage this vulnerability to cause a denial-of-service or possibly unspecified other impact via a crafted pdf file.
In PoDoFo 0.9.5, there exists an infinite loop vulnerability in PdfPar ...
In PoDoFo 0.9.5, there exists an infinite loop vulnerability in PdfParserObject::ParseFileComplete() in PdfParserObject.cpp which may result in stack overflow. Remote attackers could leverage this vulnerability to cause a denial-of-service or possibly unspecified other impact via a crafted pdf file.
Уязвимость функции PdfParserObject::ParseFileComplete() компонента PdfParserObject.cpp программной библиотеки для работы с PDF PoDoFo, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации и вызвать отказ в обслуживании
6.8 Medium
CVSS2
8.8 High
CVSS3