CVE-2017-8378

HIGH(7.5)

AV:N/AC:L/Au:N/C:P/I:P/A:P

Risk Signal Score19/100 — NIEDRIG

CVSS 7.5 — Hoch

EPSS-Score

Exploit-Wahrscheinlichkeit (30 Tage)

CVSS Score

7.5

Technische Schwere

Beschreibung

Heap-based buffer overflow in the PdfParser::ReadObjects function in base/PdfParser.cpp in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via vectors related to m_offsets.size.

Referenzen

https://github.com/xiangxiaobo/poc_and_report/tree/master/podofo_heapoverflow_Pd...
https://github.com/xiangxiaobo/poc_and_report/tree/master/podofo_heapoverflow_Pd...