CVE-2017-8054

MEDIUM(4.3)

AV:N/AC:M/Au:N/C:N/I:N/A:P

Risk Signal Score11/100 — NIEDRIG

CVSS 4.3 — Mittel

EPSS-Score

Exploit-Wahrscheinlichkeit (30 Tage)

CVSS Score

4.3

Technische Schwere

Beschreibung

The function PdfPagesTree::GetPageNodeFromArray in PdfPageTree.cpp:464 in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (infinite recursion and application crash) via a crafted PDF document.

Referenzen

http://qwertwwwe.github.io/2017/04/22/PoDoFo-0-9-5-allows-remote-attackers-to-ca...
http://qwertwwwe.github.io/2017/04/22/PoDoFo-0-9-5-allows-remote-attackers-to-ca...