CVE-2012-4895Improper Restriction of Operations within the Bounds of a Memory Buffer in Sumatrapdf

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer6 documents3 sources
Severity
9.3CRITICALNVD
EPSS
8.5%
top 7.64%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Sumatrapdfreader Sumatrapdf
Timeline
PublishedOct 5
Latest updateMay 13

Description

Heap-based buffer overflow in SumatraPDF before 2.1 allows remote attackers to execute arbitrary code via a crafted PDF document, a different vulnerability than CVE-2012-4896.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages1 packages

🔴Vulnerability Details

4
GHSA
GHSA-q9xm-6wgc-cfhr: Heap-based buffer overflow in SumatraPDF before 22022-05-13
GHSA
GHSA-678j-gm52-3vq4: Heap-based buffer overflow in SumatraPDF before 22022-05-13
CVEList
CVE-2012-4896: Heap-based buffer overflow in SumatraPDF before 22012-10-05
CVEList
CVE-2012-4895: Heap-based buffer overflow in SumatraPDF before 22012-10-05
CVE-2012-4895 — Sumatrapdf vulnerability | cvebase