CyberSec.Space Logo
Back to CVE Browser

CVE-2012-5340

HIGH
7.8
CVSS Severity Score
EPSS Score0.1330%
EPSS Percentile23.78th
PublishedJan 23, 2020
Last ModifiedNov 21, 2024

Vulnerability Description

SumatraPDF 2.1.1/MuPDF 1.0 allows remote attackers to cause an Integer Overflow in the lex_number() function via a corrupt PDF file.

Affected Platforms (CPE)

πŸ“¦
Sumatrapdfreader

Sumatrapdf

= 2.1.1
πŸ“¦
Artifex

Mupdf

= 1.0
πŸ“¦
Artifex

Mupdf

= 1.1

References & Advisories

πŸ”— http://www.exploit-db.com/exploits/23246
πŸ”— https://bugs.ghostscript.com/show_bug.cgi?id=693371
πŸ”— https://cgit.ghostscript.com/cgi-bin/cgit.cgi/mupdf.git/commit/?id=f919270b6a732ff45c3ba2d0c105e2b39e9c9bc9
πŸ”— http://www.exploit-db.com/exploits/23246

Related Vulnerabilities

CVE-2009-41179.3

Multiple stack-based buffer overflows in pdf_shade4.c in MuPDF before commit 20091125231942, as used in SumatraPDF before 1.0.1, a...

CVE-2012-48959.3

Heap-based buffer overflow in SumatraPDF before 2.1 allows remote attackers to execute arbitrary code via a crafted PDF document, ...

CVE-2012-48969.3

Heap-based buffer overflow in SumatraPDF before 2.1 allows remote attackers to execute arbitrary code via a crafted PDF document, ...

CVE-2013-28307.8

Use-after-free vulnerability in SumatraPDF Reader 2.x before 2.2.1 allows remote attackers to execute arbitrary code via a crafted...

CVE-2012-5340 Detail & Impact Analysis | CVSS 7.8 (HIGH) | Cyber-Sec.Space | Cyber-Sec.Space