Vulnerability CVE-2013-0729


Published: 2014-04-02

Description:
Heap-based buffer overflow in Tracker Software PDF-XChange before 2.5.208 allows remote attackers to execute arbitrary code via a crafted Define Huffman Table header in a JPEG image file stream in a PDF file.

Type:

CWE-119

(Improper Restriction of Operations within the Bounds of a Memory Buffer)

CVSS2 => (AV:N/AC:M/Au:N/C:C/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
9.3/10
10/10
8.6/10
Exploit range
Attack complexity
Authentication
Remote
Medium
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete
Affected software
Tracker-software -> Pdf-xchange 

 References:
http://www.securityfocus.com/bid/57491
http://www.tracker-software.com/company/news_press_events/view/123
https://exchange.xforce.ibmcloud.com/vulnerabilities/81427

Copyright 2024, cxsecurity.com

 

Back to Top