podofo CVE-2017-5853 Integer Overflow Vulnerability

podofo is prone to an integer-overflow vulnerability because it fails to adequately bounds-check user-supplied data before copying it into an insufficiently sized buffer.

An attacker can exploit this issue to cause denial-of-service condition. Due to the nature of this issue, arbitrary code execution may be possible but this has not been confirmed.

podofo 0.9.4 is vulnerable; other versions may also be affected.


 

Privacy Statement
Copyright 2010, SecurityFocus