Lucene search

MitreCVE-2012-4895

HistoryOct 05, 2012 - 10:51 a.m.

CVE-2012-4895

2012-10-0510:51:16

CWE-119

mitre

web.nvd.nist.gov

cve-2012-4895

sumatrapdf

buffer overflow

remote code execution

pdf

vulnerability

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

8.1

Confidence

Low

EPSS

0.04

Percentile

92.1%

JSON

Heap-based buffer overflow in SumatraPDF before 2.1 allows remote attackers to execute arbitrary code via a crafted PDF document, a different vulnerability than CVE-2012-4896.

Affected configurations

Nvd

Node

sumatrapdfreadersumatrapdfRange≤2.0.1

sumatrapdfreadersumatrapdfMatch0.1

sumatrapdfreadersumatrapdfMatch0.2

sumatrapdfreadersumatrapdfMatch0.3

sumatrapdfreadersumatrapdfMatch0.4

sumatrapdfreadersumatrapdfMatch0.5

sumatrapdfreadersumatrapdfMatch0.6

sumatrapdfreadersumatrapdfMatch0.7

sumatrapdfreadersumatrapdfMatch0.8

sumatrapdfreadersumatrapdfMatch0.8.1

sumatrapdfreadersumatrapdfMatch0.9

sumatrapdfreadersumatrapdfMatch0.9.1

sumatrapdfreadersumatrapdfMatch0.9.2

sumatrapdfreadersumatrapdfMatch0.9.3

sumatrapdfreadersumatrapdfMatch0.9.4

sumatrapdfreadersumatrapdfMatch1.0

sumatrapdfreadersumatrapdfMatch1.0.1

sumatrapdfreadersumatrapdfMatch1.1

sumatrapdfreadersumatrapdfMatch1.2

sumatrapdfreadersumatrapdfMatch1.3

sumatrapdfreadersumatrapdfMatch1.4

sumatrapdfreadersumatrapdfMatch1.5

sumatrapdfreadersumatrapdfMatch1.5.1

sumatrapdfreadersumatrapdfMatch1.6

sumatrapdfreadersumatrapdfMatch1.7

sumatrapdfreadersumatrapdfMatch1.8

sumatrapdfreadersumatrapdfMatch1.9

sumatrapdfreadersumatrapdfMatch2.0

VendorProductVersionCPE
sumatrapdfreadersumatrapdf*cpe:2.3:a:sumatrapdfreader:sumatrapdf:*:*:*:*:*:*:*:*
sumatrapdfreadersumatrapdf0.1cpe:2.3:a:sumatrapdfreader:sumatrapdf:0.1:*:*:*:*:*:*:*
sumatrapdfreadersumatrapdf0.2cpe:2.3:a:sumatrapdfreader:sumatrapdf:0.2:*:*:*:*:*:*:*
sumatrapdfreadersumatrapdf0.3cpe:2.3:a:sumatrapdfreader:sumatrapdf:0.3:*:*:*:*:*:*:*
sumatrapdfreadersumatrapdf0.4cpe:2.3:a:sumatrapdfreader:sumatrapdf:0.4:*:*:*:*:*:*:*
sumatrapdfreadersumatrapdf0.5cpe:2.3:a:sumatrapdfreader:sumatrapdf:0.5:*:*:*:*:*:*:*
sumatrapdfreadersumatrapdf0.6cpe:2.3:a:sumatrapdfreader:sumatrapdf:0.6:*:*:*:*:*:*:*
sumatrapdfreadersumatrapdf0.7cpe:2.3:a:sumatrapdfreader:sumatrapdf:0.7:*:*:*:*:*:*:*
sumatrapdfreadersumatrapdf0.8cpe:2.3:a:sumatrapdfreader:sumatrapdf:0.8:*:*:*:*:*:*:*
sumatrapdfreadersumatrapdf0.8.1cpe:2.3:a:sumatrapdfreader:sumatrapdf:0.8.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
sumatrapdfreader	sumatrapdf	*	cpe:2.3:a:sumatrapdfreader:sumatrapdf::::::::
sumatrapdfreader	sumatrapdf	0.1	cpe:2.3:a:sumatrapdfreader:sumatrapdf:0.1:::::::*
sumatrapdfreader	sumatrapdf	0.2	cpe:2.3:a:sumatrapdfreader:sumatrapdf:0.2:::::::*
sumatrapdfreader	sumatrapdf	0.3	cpe:2.3:a:sumatrapdfreader:sumatrapdf:0.3:::::::*
sumatrapdfreader	sumatrapdf	0.4	cpe:2.3:a:sumatrapdfreader:sumatrapdf:0.4:::::::*
sumatrapdfreader	sumatrapdf	0.5	cpe:2.3:a:sumatrapdfreader:sumatrapdf:0.5:::::::*
sumatrapdfreader	sumatrapdf	0.6	cpe:2.3:a:sumatrapdfreader:sumatrapdf:0.6:::::::*
sumatrapdfreader	sumatrapdf	0.7	cpe:2.3:a:sumatrapdfreader:sumatrapdf:0.7:::::::*
sumatrapdfreader	sumatrapdf	0.8	cpe:2.3:a:sumatrapdfreader:sumatrapdf:0.8:::::::*
sumatrapdfreader	sumatrapdf	0.8.1	cpe:2.3:a:sumatrapdfreader:sumatrapdf:0.8.1:::::::*

Rows per page:

1-10 of 281

References

code.google.com/p/sumatrapdf/source/browse/trunk/docs/releasenotes.txt

secunia.com/advisories/50656

technet.microsoft.com/security/msvr/msvr12-014

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

8.1

Confidence

Low

EPSS

0.04

Percentile

92.1%

JSON

Related for CVE-2012-4895