Lucene search

[email protected]CVE-2013-4978

HistoryFeb 05, 2014 - 3:10 p.m.

CVE-2013-4978

2014-02-0515:10:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2013-4978

aloahapdfviewer

buffer overflow

remote code execution

pdf

vulnerability

8.1 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.22 Low

EPSS

Percentile

96.4%

JSON

Stack-based buffer overflow in AloahaPDFViewer 5.0.0.7 and earlier in Aloaha PDF Suite FREE allows remote attackers to execute arbitrary code via a crafted PDF file.

CPENameOperatorVersion
aloaha:aloaha_pdf_suite_freealoaha aloaha pdf suite freeeq-
aloaha:aloahapdfvieweraloaha aloahapdfviewerle5.0.0.7

CPE	Name	Operator	Version
aloaha:aloaha_pdf_suite_free	aloaha aloaha pdf suite free	eq	-
aloaha:aloahapdfviewer	aloaha aloahapdfviewer	le	5.0.0.7

References

archives.neohapsis.com/archives/bugtraq/2013-08/0179.html

secunia.com/advisories/54585

www.coresecurity.com/advisories/aloaha-pdf-suite-buffer-overflow-vulnerability

www.securityfocus.com/bid/62036

8.1 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.22 Low

EPSS

Percentile

96.4%

JSON

Related for CVE-2013-4978

securityvulns2 prion1 openvas1 coresecurity1 cvelist1