V
Scaner-VS
ENRU
HomeCatalogSourcesCWECAPECATT&CKMitigationsProductsVendorsDocs
Back to catalog
CVE-2017-5886
DEB
High

Heap-based buffer overflow in the PoDoFo::PdfTokenizer::GetNextToken function in PdfTokenizer.cpp in PoDoFo 0.9.4 allows remote attackers t…

CVSS
7.8
High
EPSS
0.02
p74
Published
2017-01-01
Updated
2017-01-01
Description

Heap-based buffer overflow in the PoDoFo::PdfTokenizer::GetNextToken function in PdfTokenizer.cpp in PoDoFo 0.9.4 allows remote attackers to have unspecified impact via a crafted file.

Tags · CWE
CWE-119
CAPEC-8
CAPEC-9
CAPEC-10
CAPEC-14
CAPEC-24
CAPEC-42
CAPEC-44
CAPEC-45
CAPEC-46
CAPEC-47
CAPEC-100
CAPEC-123
Affected products
LibpodofoLibpodofoLibpodofoLibpodofoLibpodofoLibpodofoLibpodofoLibpodofoLibpodofoLibpodofoLibpodofoLibpodofoLibpodofoLibpodofoLibpodofoLibpodofoLibpodofoLibpodofoLibpodofoLibpodofo
CVSS vector
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Timeline
2017-01-01
Published
2017-01-01
Updated
CVSS 3.1 breakdown
Attack Vector
AV: L
Local (L)
Attack Complexity
AC: L
Low (L)
Privileges Required
PR: N
None (N)
User Interaction
UI: R
Required (R)
Scope
S: U
Unchanged (U)
Confidentiality Impact
C: H
High (H)
Integrity Impact
I: H
High (H)
Availability Impact
A: H
High (H)
Exploit indicators
EPSS
0.017 · p74
Known exploited (KEV)
No
Known exploits — Сканер-ВС
No Сканер-ВС checks registered for this vulnerability yet.
Affected products
Debian
Libpodofo
Canonical
Libpodofo
Podofo_project
Podofo
ProductVendorStatus
libpodofoTracked
libpodofoTracked
libpodofoTracked
libpodofoTracked
libpodofoTracked
libpodofoTracked
libpodofoTracked
libpodofoTracked
libpodofoTracked
libpodofoTracked
libpodofoTracked
libpodofoTracked
libpodofoTracked
libpodofoTracked
libpodofoTracked
libpodofoTracked
libpodofoTracked
libpodofoTracked
libpodofoTracked
libpodofoTracked
Showing first 20 of 22
Source databases
DEB
CVE
UBU