http://bugzilla.opensuse.org/show_bug.cgi?id=1037000 Bug ID: 1037000 Summary: VUL-1: CVE-2017-8378: podofo: denial of service (application crash) vectors related to m_offsets.size (PdfParser::ReadObjects func in base/PdfParser.cpp) Classification: openSUSE Product: openSUSE Distribution Version: Leap 42.2 Hardware: Other OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Security Assignee: security-team@suse.de Reporter: mikhail.kasimov@gmail.com QA Contact: qa-bugs@suse.de Found By: --- Blocker: --- Ref: https://nvd.nist.gov/vuln/detail/CVE-2017-8378 =================================================== Description Heap-based buffer overflow in the PdfParser::ReadObjects function in base/PdfParser.cpp in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via vectors related to m_offsets.size. Source: MITRE Last Modified: 04/30/2017 =================================================== Hyperlink [1] https://github.com/xiangxiaobo/poc_and_report/tree/master/podofo_heapoverflo... -- You are receiving this mail because: You are on the CC list for the bug.