CVE-2017-5854

CVE-2017-5854

EPSS 1.5%

base/PdfOutputStream.cpp in PoDoFo 0.9.4 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted file.

Productos afectados

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://blogs.gentoo.org/ago/2017/02/01/podofo-null-pointer-dereference-in-pdfoutputstream-cpp/http://www.openwall.com/lists/oss-security/2017/02/01/14 http://www.openwall.com/lists/oss-security/2017/02/02/12 http://www.securityfocus.com/bid/96072