Bug ID | 1037000 |
---|---|
Summary | VUL-1: CVE-2017-8378: podofo: denial of service (application crash) vectors related to m_offsets.size (PdfParser::ReadObjects func in base/PdfParser.cpp) |
Classification | openSUSE |
Product | openSUSE Distribution |
Version | Leap 42.2 |
Hardware | Other |
OS | Other |
Status | NEW |
Severity | Normal |
Priority | P5 - None |
Component | Security |
Assignee | security-team@suse.de |
Reporter | mikhail.kasimov@gmail.com |
QA Contact | qa-bugs@suse.de |
Found By | --- |
Blocker | --- |
Ref: https://nvd.nist.gov/vuln/detail/CVE-2017-8378 =================================================== Description Heap-based buffer overflow in the PdfParser::ReadObjects function in base/PdfParser.cpp in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via vectors related to m_offsets.size. Source: MITRE Last Modified: 04/30/2017 =================================================== Hyperlink [1] https://github.com/xiangxiaobo/poc_and_report/tree/master/podofo_heapoverflow_PdfParser.ReadObjects