header-logo
Suggest Exploit
vendor:
Poppler
by:
SecurityFocus
7,5
CVSS
HIGH
Format-String Vulnerability
134
CWE
Product Name: Poppler
Affected Version From: Prior to 0.24.3
Affected Version To: N/A
Patch Exists: YES
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2013

Poppler Local Format-String Vulnerability

Poppler is prone to a local format-string vulnerability because it fails to sanitize user-supplied input. An attacker may exploit this issue to execute arbitrary code in the context of the vulnerable application. Failed exploit attempts will likely result in a denial-of-service condition.

Mitigation:

Upgrade to Poppler 0.24.3 or later
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/63374/info

Poppler is prone to a local format-string vulnerability because it fails to sanitize user-supplied input.

An attacker may exploit this issue to execute arbitrary code in the context of the vulnerable application. Failed exploit attempts will likely result in a denial-of-service condition.

Versions prior to Poppler 0.24.3 are vulnerable. 

./pdfseparate -f 1 -l 1 aPdfFile.pdf "%x%x%x%x%x%x%n"

Navigation

Suggest Exploit

Services By CQR