7 results (0.003 seconds)

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1

A buffer overflow in SumatraPDF Reader v3.4.6 allows attackers to cause a Denial of Service (DoS) via a crafted text file. • https://github.com/CDACesec/CVE-2023-33802 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •

CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0

Use-after-free vulnerability in SumatraPDF Reader 2.x before 2.2.1 allows remote attackers to execute arbitrary code via a crafted PDF file. Vulnerabilidad de uso de memoria previamente liberada en las versiones 2.x de SumatraPDF Reader anteriores a la 2.2.1 permiten que atacantes remotos ejecuten código arbitrario mediante un archivo PDF manipulado. • https://docs.microsoft.com/en-us/security-updates/vulnerabilityresearchadvisories/2013/msvr13-005 • CWE-416: Use After Free •

CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 2

SumatraPDF 2.1.1/MuPDF 1.0 allows remote attackers to cause an Integer Overflow in the lex_number() function via a corrupt PDF file. SumatraPDF versión 2.1.1 y MuPDF versión 1.0, permite a atacantes remotos causar un desbordamiento de enteros en la función lex_number() por medio de un archivo PDF corrupto. • https://www.exploit-db.com/exploits/23246 http://www.exploit-db.com/exploits/23246 https://bugs.ghostscript.com/show_bug.cgi?id=693371 https://cgit.ghostscript.com/cgi-bin/cgit.cgi/mupdf.git/commit/?id=f919270b6a732ff45c3ba2d0c105e2b39e9c9bc9 • CWE-190: Integer Overflow or Wraparound •

CVSS: 9.3EPSS: 4%CPEs: 28EXPL: 0

Heap-based buffer overflow in SumatraPDF before 2.1 allows remote attackers to execute arbitrary code via a crafted PDF document, a different vulnerability than CVE-2012-4896. Desbordamiento de búfer basado en memoria dinámica en SumatraPDF antes de v2.1 permite a atacantes remotos ejecutar código arbitrario a través de un documento PDF modificado, una vulnerabilidad diferente a CVE-2012-4896. • http://code.google.com/p/sumatrapdf/source/browse/trunk/docs/releasenotes.txt http://secunia.com/advisories/50656 http://technet.microsoft.com/security/msvr/msvr12-014 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.3EPSS: 4%CPEs: 28EXPL: 0

Heap-based buffer overflow in SumatraPDF before 2.1 allows remote attackers to execute arbitrary code via a crafted PDF document, a different vulnerability than CVE-2012-4895. Desbordamiento de búfer basado en memoria dinámica en SumatraPDF antes de v2.1 permite a atacantes remotos ejecutar código arbitrario a través de un documento PDF modificado, una vulnerabilidad diferente a CVE-2012-4895. • http://code.google.com/p/sumatrapdf/source/browse/trunk/docs/releasenotes.txt http://secunia.com/advisories/50656 http://technet.microsoft.com/security/msvr/msvr12-014 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •