Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:2965
HistoryMar 01, 2008 - 12:00 a.m.

activePDF服务器报文处理远程堆溢出漏洞

2008-03-0100:00:00
Root
www.seebug.org
22

0.025 Low

EPSS

Percentile

90.2%

JSON

BUGTRAQ ID: 28013
CVE(CAN) ID: CVE-2007-5397

activePDF服务器用于为企业或Web应用提供集成的PDF生成和动态PDF转换功能。

activePDF Server服务(APServer.exe)在处理畸形客户端数据时存在堆溢出漏洞,远程攻击者可能利用此漏洞控制服务器。

如果用户连接到了该服务(默认端口53535/TCP)并在发送的报文中指定的大小小于之后数据的实际大小的话,就可能触发这个溢出,导致执行任意指令。

activePDF activePDF 3.8.5.14
activePDF activePDF 3.8.4
厂商补丁:

activePDF

目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:

<a href=“http://www.activepdf.com/products/serverproducts/server/index.cfm” target=“_blank”>http://www.activepdf.com/products/serverproducts/server/index.cfm</a>

Related

cvelist 1
nessus 2
prion 1
nvd 1
cve 1
cvelist
cvelist
CVE-2007-5397
2022-10-03 16:14:33
nessus
nessus
activePDF Server < 3.8.6 Packet Handling Remote Overflow (credentialed check)
2008-03-05 00:00:00
activePDF Server < 3.8.6 Packet Handling Remote Overflow
2008-03-05 00:00:00
prion
prion
Heap overflow
2008-02-28 20:44:00
nvd
nvd
CVE-2007-5397
2008-02-28 20:44:00
cve
cve
CVE-2007-5397
2022-10-03 16:14:33

0.025 Low

EPSS

Percentile

90.2%

JSON
Related for SSV:2965
cvelist1nessus2prion1nvd1cve1