Lucene search

PRIOn knowledge basePRION:CVE-2009-3050

HistorySep 02, 2009 - 5:30 p.m.

Buffer overflow

2009-09-0217:30:00

PRIOn knowledge base

www.prio-n.com

8.1 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.004 Low

EPSS

Percentile

74.1%

JSON

Buffer overflow in the set_page_size function in util.cxx in HTMLDOC 1.8.27 and earlier allows context-dependent attackers to execute arbitrary code via a long MEDIA SIZE comment. NOTE: it was later reported that there were additional vectors in htmllib.cxx and ps-pdf.cxx using an AFM font file with a long glyph name, but these vectors do not cross privilege boundaries.

CPENameOperatorVersion
htmldoceq1.8.26
htmldocle1.8.27
htmldoceq1.8.24
htmldoceq1.8.25

Name	Operator	Version
htmldoc	eq	1.8.26
htmldoc	le	1.8.27
htmldoc	eq	1.8.24
htmldoc	eq	1.8.25

References

bugs.gentoo.org/show_bug.cgi?id=278186

packetstormsecurity.org/0907-exploits/htmldoc-overflow.txt

secunia.com/advisories/35780

www.htmldoc.org/str.php?L214

www.openwall.com/lists/oss-security/2009/07/25/3

www.openwall.com/lists/oss-security/2009/07/26/2

www.openwall.com/lists/oss-security/2009/09/01/1

8.1 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.004 Low

EPSS

Percentile

74.1%

JSON

Related for PRION:CVE-2009-3050