CVE-2013-4986

Exploit

EPSS 8.04%
Veröffentlicht 04.10.2013 20:55:03
Zuletzt bearbeitet 11.04.2025 00:51:21
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

Stack-based buffer overflow in PDFAX0722_IconCool.dll 7.22.1125.2121 in IconCool PDFCool Studio 3.32 Build 130330 and earlier allows remote attackers to execute arbitrary code via a crafted PDF file.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 8

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Iconcool ≫ Pdfcool Studio Updatebuild130330 Version <= 3.32

Iconcool ≫ Pdfcool Studio Version2.0 Updatebuild110427

Iconcool ≫ Pdfcool Studio Version2.0 Updatebuild110502

Iconcool ≫ Pdfcool Studio Version2.0 Updatebuild110508

Iconcool ≫ Pdfcool Studio Version2.0 Updatebuild110510

Iconcool ≫ Pdfcool Studio Version2.0 Updatebuild110512

Iconcool ≫ Pdfcool Studio Version2.5 Updatebuild120405

Iconcool ≫ Pdfcool Studio Version2.6 Updatebuild120405

Iconcool ≫ Pdfcool Studio Version2.7 Updatebuild120405

Iconcool ≫ Pdfcool Studio Version2.8 Updatebuild120518

Iconcool ≫ Pdfcool Studio Version2.10 Updatebuild110519

Iconcool ≫ Pdfcool Studio Version2.10 Updatebuild110523

Iconcool ≫ Pdfcool Studio Version2.12 Updatebuild110528

Iconcool ≫ Pdfcool Studio Version2.14 Updatebuild110608

Iconcool ≫ Pdfcool Studio Version2.16 Updatebuild110612

Iconcool ≫ Pdfcool Studio Version2.20 Updatebuild110707

Iconcool ≫ Pdfcool Studio Version2.24 Updatebuild1110801

Iconcool ≫ Pdfcool Studio Version2.26 Updatebuild110823

Iconcool ≫ Pdfcool Studio Version2.30 Updatebuild110920

Iconcool ≫ Pdfcool Studio Version2.40 Updatebuild111016

Iconcool ≫ Pdfcool Studio Version3.0 Updatebuild121022

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	8.04%	0.913

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	6.8	8.6	6.4	AV:N/AC:M/Au:N/C:P/I:P/A:P

CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

http://archives.neohapsis.com/archives/bugtraq/2013-10/0002.html

Exploit

http://osvdb.org/97959

http://packetstormsecurity.com/files/123476

Exploit

http://secunia.com/advisories/55058

Vendor Advisory

http://www.coresecurity.com/advisories/pdfcool-studio-buffer-overflow-vulnerability

Exploit

https://nvd.nist.gov/vuln/detail/CVE-2013-4986

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2013-4986

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2013-4986

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2013-4986