PoDoFo 'UnescapeName()' function heap buffer out-of-bounds read vulnerability
PoDoFo is an open source , written in C++ using the PDF file format library . A heap buffer out-of-bounds read vulnerability exists in the 'UnescapeName' function of the PdfName.cpp file in PoDoFo version 0.9.5. A remote attacker can exploit this vulnerability with the help of a specially crafted...