Lucene search
Andrea Micalizzi aka rgodZDI-13-274HistoryDec 15, 2013 - 12:00 a.m.
IBM Forms Viewer 'fontname' Stack Buffer Overflow Remote Code Execution Vulnerability
2013-12-1500:00:00
Andrea Micalizzi aka rgod
www.zerodayinitiative.com
17
0.959 High
EPSS
Percentile
99.5%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Forms Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within a document handler of an XFDL document. The parsing of the βfontnameβ tag with a large value can lead to a stack buffer overflow. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the process.
Related
zdt
zdt
IBM Forms Viewer Unicode Buffer Overflow
2014-01-04 00:00:00
seebug
seebug
IBM Forms Viewerζ ηΌε²εΊζΊ’εΊζΌζ΄
2013-12-12 00:00:00
prion
prion
Stack overflow
2013-12-10 06:14:00
ibm
ibm
nessus
nessus
IBM Forms Viewer Stack Buffer Overflow
2014-01-19 00:00:00
cve
cve
CVE-2013-5447
2013-12-10 06:14:55
packetstorm
packetstorm
IBM Forms Viewer Unicode Buffer Overflow
2014-01-03 00:00:00
checkpoint_advisories
checkpoint_advisories
nvd
nvd
CVE-2013-5447
2013-12-10 06:14:55
cvelist
cvelist
CVE-2013-5447
2013-12-10 02:00:00