CyberSec.Space Logo
Back to CVE Browser

CVE-2012-4895

CRITICAL
9.3
CVSS Severity Score
EPSS Score0.0250%
EPSS Percentile0.13th
PublishedOct 5, 2012
Last ModifiedApr 29, 2026

Vulnerability Description

Heap-based buffer overflow in SumatraPDF before 2.1 allows remote attackers to execute arbitrary code via a crafted PDF document, a different vulnerability than CVE-2012-4896.

Affected Platforms (CPE)

πŸ“¦
Sumatrapdfreader

Sumatrapdf

<= 2.0.1
πŸ“¦
Sumatrapdfreader

Sumatrapdf

= 0.1
πŸ“¦
Sumatrapdfreader

Sumatrapdf

= 0.2
πŸ“¦
Sumatrapdfreader

Sumatrapdf

= 0.3
πŸ“¦
Sumatrapdfreader

Sumatrapdf

= 0.4
πŸ“¦
Sumatrapdfreader

Sumatrapdf

= 0.5
πŸ“¦
Sumatrapdfreader

Sumatrapdf

= 0.6
πŸ“¦
Sumatrapdfreader

Sumatrapdf

= 0.7
πŸ“¦
Sumatrapdfreader

Sumatrapdf

= 0.8
πŸ“¦
Sumatrapdfreader

Sumatrapdf

= 0.8.1
πŸ“¦
Sumatrapdfreader

Sumatrapdf

= 0.9
πŸ“¦
Sumatrapdfreader

Sumatrapdf

= 0.9.1
πŸ“¦
Sumatrapdfreader

Sumatrapdf

= 0.9.2
πŸ“¦
Sumatrapdfreader

Sumatrapdf

= 0.9.3
πŸ“¦
Sumatrapdfreader

Sumatrapdf

= 0.9.4
πŸ“¦
Sumatrapdfreader

Sumatrapdf

= 1.0
πŸ“¦
Sumatrapdfreader

Sumatrapdf

= 1.0.1
πŸ“¦
Sumatrapdfreader

Sumatrapdf

= 1.1
πŸ“¦
Sumatrapdfreader

Sumatrapdf

= 1.2
πŸ“¦
Sumatrapdfreader

Sumatrapdf

= 1.3
πŸ“¦
Sumatrapdfreader

Sumatrapdf

= 1.4
πŸ“¦
Sumatrapdfreader

Sumatrapdf

= 1.5
πŸ“¦
Sumatrapdfreader

Sumatrapdf

= 1.5.1
πŸ“¦
Sumatrapdfreader

Sumatrapdf

= 1.6
πŸ“¦
Sumatrapdfreader

Sumatrapdf

= 1.7
πŸ“¦
Sumatrapdfreader

Sumatrapdf

= 1.8
πŸ“¦
Sumatrapdfreader

Sumatrapdf

= 1.9
πŸ“¦
Sumatrapdfreader

Sumatrapdf

= 2.0

References & Advisories

πŸ”— http://code.google.com/p/sumatrapdf/source/browse/trunk/docs/releasenotes.txt
πŸ”— http://secunia.com/advisories/50656
πŸ”— http://technet.microsoft.com/security/msvr/msvr12-014
πŸ”— http://code.google.com/p/sumatrapdf/source/browse/trunk/docs/releasenotes.txt
πŸ”— http://secunia.com/advisories/50656
πŸ”— http://technet.microsoft.com/security/msvr/msvr12-014

Related Vulnerabilities

CVE-2009-41179.3

Multiple stack-based buffer overflows in pdf_shade4.c in MuPDF before commit 20091125231942, as used in SumatraPDF before 1.0.1, a...

CVE-2012-48969.3

Heap-based buffer overflow in SumatraPDF before 2.1 allows remote attackers to execute arbitrary code via a crafted PDF document, ...

CVE-2012-53407.8

SumatraPDF 2.1.1/MuPDF 1.0 allows remote attackers to cause an Integer Overflow in the lex_number() function via a corrupt PDF fil...

CVE-2013-28307.8

Use-after-free vulnerability in SumatraPDF Reader 2.x before 2.2.1 allows remote attackers to execute arbitrary code via a crafted...