CVE-2007-6561 – PDFlib 7.0.2 - Multiple Remote Buffer Overflow Vulnerabilities

https://notcve.org/view.php?id=CVE-2007-6561

Multiple stack-based buffer overflows in PDFLib allow user-assisted remote attackers to execute arbitrary code via a long filename argument to the PDF_load_image function that results in an overflow in the pdc_fsearch_fopen function, and possibly other vectors. Múltiples desbordamientos de búfer basado en pila en PDFLib permiten a atacantes remotos con la intervención del usuario ejecutar código de su elección mediante un argumento filename (nombre de archivo) largo para la función PDF_load_image que resulta en un desbordamiento en la función pdc_fsearch_fopen, y posiblemente otros vectores. • https://www.exploit-db.com/exploits/30928 http://osvdb.org/40275 http://secunia.com/advisories/28239 http://secunia.com/advisories/29304 http://security.gentoo.org/glsa/glsa-200803-17.xml http://securityreason.com/securityalert/3495 http://www.securityfocus.com/archive/1/485479/100/0/threaded http://www.securityfocus.com/bid/27001 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •