Poppler 0.14.3 - '/utils/pdfseparate.cc' Local Format String
| EKU-ID: 43192 | CVE: CVE-2013-4474;OSVDB-99066 | OSVDB-ID: |
| Author: Daniel Kahn Gillmor | Published: 2013-10-26 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 43192 | CVE: CVE-2013-4474;OSVDB-99066 | OSVDB-ID: |
| Author: Daniel Kahn Gillmor | Published: 2013-10-26 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
source: https://www.securityfocus.com/bid/63374/info Poppler is prone to a local format-string vulnerability because it fails to sanitize user-supplied input. An attacker may exploit this issue to execute arbitrary code in the context of the vulnerable application. Failed exploit attempts will likely result in a denial-of-service condition. Versions prior to Poppler 0.24.3 are vulnerable. ./pdfseparate -f 1 -l 1 aPdfFile.pdf "%x%x%x%x%x%x%n"