Submit #117088: podofo-0.10.0 was discovered to contain a heap-buffer-overflow via the function readXRefStreamEntry at podofo-0.10.0/src/podofo/main/PdfXRefStreamParserObject.cppinfo

Titlepodofo-0.10.0 was discovered to contain a heap-buffer-overflow via the function readXRefStreamEntry at podofo-0.10.0/src/podofo/main/PdfXRefStreamParserObject.cpp
DescriptionThere exists heap-buffer-overflow at podofo-0.10.0/src/podofo/main/PdfXRefStreamParserObject.cpp:180:75 in readXRefStreamEntry. This flaw can be exploited to perform attacks such as code execution, denial of service, and privilege escalation. I have contacted the developer of podofo,and now the flaw was confirmed and fixed.The detail is in https://github.com/podofo/podofo/issues/69.
Source⚠️ https://github.com/podofo/podofo/issues/69
User
 DaisyPo (UID 45463)
Submission04/21/2023 18:34 (3 years ago)
Moderation04/22/2023 17:42 (23 hours later)
StatusAccepted
VulDB entry227226 [PoDoFo 0.10.0 PdfXRefStreamParserObject.cpp readXRefStreamEntry heap-based overflow]
Points19

PreviousOverviewNext

Want to know what is going to be exploited?

We predict KEV entries!