Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
saintSAINT CorporationSAINT:82FBFE2D454FF6A62ED96D617049527A
HistoryMar 11, 2013 - 12:00 a.m.

Cool PDF Reader Image Stream Stack Overflow

2013-03-1100:00:00
SAINT Corporation
my.saintcorporation.com
19

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

EPSS

0.914

Percentile

98.9%

JSON

Added: 03/11/2013
CVE: CVE-2012-4914
BID: 57461
OSVDB: 89349

Background

Cool PDF Reader is a small viewer/reader that can view, print, and convert PDF files to TXT, BMP, JPG, GIF, PNG, WMF, EMF, EPS.

Problem

Cool PDF Reader versions 3.0.2.256 and prior do not perform proper bounds checking on image stream objects. An attacker may be able to craft a malicious PDF document that exploits this vulnerability to trigger a stack overflow condition, which may lead to the ability to execute arbitrary code.

Resolution

No update is available at this time.

References

[http://www.protekresearchlab.com/index.php?option=com_content&amp;view=article&amp;id=70&amp;Itemid=70 ](<http://www.protekresearchlab.com/index.php?option=com_content&view=article&id=70&Itemid=70
>)
<http://www.pdf2exe.com/reader.html&gt;

Limitations

This exploit has been tested against CoolPDF Software Cool PDF Reader 3.0.2.256 on Windows XP SP3 English (DEP OptIn) and Windows 7 SP1 (DEP OptIn).

Platforms

Windows

Related

zdt 1
checkpoint_advisories 3
metasploit 1
saint 3
seebug 1
exploitpack 1
prion 1
cvelist 1
cve 1
nvd 1
exploitdb 2
packetstorm 2
zdt
zdt
Cool PDF Image Stream Buffer Overflow Vulnerability
2013-03-20 00:00:00
checkpoint_advisories
checkpoint_advisories
CoolPDF Reader Image Stream Processing Buffer Overflow (CVE-2012-4914)
2013-06-30 00:00:00
CoolPDF Reader Image Stream Processing Buffer Overflow - ver 2 (CVE-2012-4914)
2014-09-02 00:00:00
CoolPDF Reader Image Stream Processing Buffer Overflow - Ver2 (CVE-2012-4914)
2015-05-18 00:00:00
metasploit
metasploit
Cool PDF Image Stream Buffer Overflow
2013-03-17 20:12:40
saint
saint
Cool PDF Reader Image Stream Stack Overflow
2013-03-11 00:00:00
Cool PDF Reader Image Stream Stack Overflow
2013-03-11 00:00:00
Cool PDF Reader Image Stream Stack Overflow
2013-03-11 00:00:00
seebug
seebug
Cool PDF Reader 3.0.2.256 Buffer Overflow
2014-07-01 00:00:00
exploitpack
exploitpack
Cool PDF Reader 3.0.2.256 - Buffer Overflow
2013-02-07 00:00:00
prion
prion
Stack overflow
2013-01-26 23:55:00
cvelist
cvelist
CVE-2012-4914
2013-01-26 23:00:00
cve
cve
CVE-2012-4914
2013-01-26 23:55:01
nvd
nvd
CVE-2012-4914
2013-01-26 23:55:01
exploitdb
exploitdb
Cool PDF Reader 3.0.2.256 - Buffer Overflow
2013-02-07 00:00:00
Cool PDF Image Stream - Remote Buffer Overflow (Metasploit)
2013-03-22 00:00:00
packetstorm
packetstorm
Cool PDF Reader 3.0.2.256 Buffer Overflow
2013-02-08 00:00:00
Cool PDF Image Stream Buffer Overflow
2013-03-20 00:00:00

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

EPSS

0.914

Percentile

98.9%

JSON
Related for SAINT:82FBFE2D454FF6A62ED96D617049527A
zdt1checkpoint_advisories3metasploit1saint3seebug1exploitpack1prion1cvelist1cve1nvd1exploitdb2packetstorm2