Lucene search
HistoryDec 02, 2013 - 10:55 p.m.
CVE-2012-6535
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
7.5
Confidence
High
EPSS
0.068
Percentile
94.0%
DjVuLibre before 3.5.25.3, as used in Evince, Sumatra PDF Reader, VuDroid, and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted DjVu (aka .djv) file.
Affected configurations
Node
djvulibre_projectdjvulibreRange≤3.5.25
ORdjvulibre_projectdjvulibreMatch3.5.1
ORdjvulibre_projectdjvulibreMatch3.5.2
ORdjvulibre_projectdjvulibreMatch3.5.3
ORdjvulibre_projectdjvulibreMatch3.5.4
ORdjvulibre_projectdjvulibreMatch3.5.5
ORdjvulibre_projectdjvulibreMatch3.5.6
ORdjvulibre_projectdjvulibreMatch3.5.7
ORdjvulibre_projectdjvulibreMatch3.5.8
ORdjvulibre_projectdjvulibreMatch3.5.9
ORdjvulibre_projectdjvulibreMatch3.5.10
ORdjvulibre_projectdjvulibreMatch3.5.11
ORdjvulibre_projectdjvulibreMatch3.5.12
ORdjvulibre_projectdjvulibreMatch3.5.13
ORdjvulibre_projectdjvulibreMatch3.5.14
ORdjvulibre_projectdjvulibreMatch3.5.15
ORdjvulibre_projectdjvulibreMatch3.5.16
ORdjvulibre_projectdjvulibreMatch3.5.17
ORdjvulibre_projectdjvulibreMatch3.5.18
ORdjvulibre_projectdjvulibreMatch3.5.19
ORdjvulibre_projectdjvulibreMatch3.5.20
ORdjvulibre_projectdjvulibreMatch3.5.21
ORdjvulibre_projectdjvulibreMatch3.5.22
ORdjvulibre_projectdjvulibreMatch3.5.23
ORdjvulibre_projectdjvulibreMatch3.5.24
Related
gentoo
gentoo
DjVu: User-assisted execution of arbitrary code
2014-02-09 00:00:00
openvas
openvas
Debian Security Advisory DSA 2844-1 (djvulibre - arbitrary code execution)
2014-01-15 00:00:00
Ubuntu Update for djvulibre USN-2056-1
2013-12-17 00:00:00
Gentoo Security Advisory GLSA 201402-13
2015-09-29 00:00:00
debiancve
debiancve
CVE-2012-6535
2013-12-02 22:55:03
prion
prion
Memory corruption
2013-12-02 22:55:00
msvr
msvr
Vulnerability in DjVuLibre Could Allow Remote Code Execution
2013-03-19 00:00:00
nessus
nessus
GLSA-201402-13 : DjVu: User-assisted execution of arbitrary code
2014-02-10 00:00:00
Ubuntu 12.04 LTS : djvulibre vulnerability (USN-2056-1)
2013-12-17 00:00:00
Debian DSA-2844-1 : djvulibre - arbitrary code execution
2014-01-16 00:00:00
ubuntucve
ubuntucve
CVE-2012-6535
2013-12-02 00:00:00
securityvulns
securityvulns
djvulibre code execution
2014-01-08 00:00:00
[USN-2056-1] DjVuLibre vulnerability
2014-01-08 00:00:00
debian
debian
[SECURITY] [DSA 2844-1] djvulibre security update
2014-01-15 06:55:18
cvelist
cvelist
CVE-2012-6535
2013-12-02 22:00:00
ubuntu
ubuntu
DjVuLibre vulnerability
2013-12-16 00:00:00
cve
cve
CVE-2012-6535
2013-12-02 22:55:03
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
7.5
Confidence
High
EPSS
0.068
Percentile
94.0%
Related for NVD:CVE-2012-6535