CyberSec.Space Logo
返回 CVE 浏览器

CVE-2012-4896

CRITICAL
9.3
CVSS Severity Score
EPSS Score0.1460%
EPSS Percentile37.11th
Published2012年10月5日
Last Modified2026年4月29日

Vulnerability Description

Heap-based buffer overflow in SumatraPDF before 2.1 allows remote attackers to execute arbitrary code via a crafted PDF document, a different vulnerability than CVE-2012-4895.

Affected Platforms (CPE)

📦
Sumatrapdfreader

Sumatrapdf

<= 2.0.1
📦
Sumatrapdfreader

Sumatrapdf

= 0.1
📦
Sumatrapdfreader

Sumatrapdf

= 0.2
📦
Sumatrapdfreader

Sumatrapdf

= 0.3
📦
Sumatrapdfreader

Sumatrapdf

= 0.4
📦
Sumatrapdfreader

Sumatrapdf

= 0.5
📦
Sumatrapdfreader

Sumatrapdf

= 0.6
📦
Sumatrapdfreader

Sumatrapdf

= 0.7
📦
Sumatrapdfreader

Sumatrapdf

= 0.8
📦
Sumatrapdfreader

Sumatrapdf

= 0.8.1
📦
Sumatrapdfreader

Sumatrapdf

= 0.9
📦
Sumatrapdfreader

Sumatrapdf

= 0.9.1
📦
Sumatrapdfreader

Sumatrapdf

= 0.9.2
📦
Sumatrapdfreader

Sumatrapdf

= 0.9.3
📦
Sumatrapdfreader

Sumatrapdf

= 0.9.4
📦
Sumatrapdfreader

Sumatrapdf

= 1.0
📦
Sumatrapdfreader

Sumatrapdf

= 1.0.1
📦
Sumatrapdfreader

Sumatrapdf

= 1.1
📦
Sumatrapdfreader

Sumatrapdf

= 1.2
📦
Sumatrapdfreader

Sumatrapdf

= 1.3
📦
Sumatrapdfreader

Sumatrapdf

= 1.4
📦
Sumatrapdfreader

Sumatrapdf

= 1.5
📦
Sumatrapdfreader

Sumatrapdf

= 1.5.1
📦
Sumatrapdfreader

Sumatrapdf

= 1.6
📦
Sumatrapdfreader

Sumatrapdf

= 1.7
📦
Sumatrapdfreader

Sumatrapdf

= 1.8
📦
Sumatrapdfreader

Sumatrapdf

= 1.9
📦
Sumatrapdfreader

Sumatrapdf

= 2.0

References & Advisories

🔗 http://code.google.com/p/sumatrapdf/source/browse/trunk/docs/releasenotes.txt
🔗 http://secunia.com/advisories/50656
🔗 http://technet.microsoft.com/security/msvr/msvr12-014
🔗 http://code.google.com/p/sumatrapdf/source/browse/trunk/docs/releasenotes.txt
🔗 http://secunia.com/advisories/50656
🔗 http://technet.microsoft.com/security/msvr/msvr12-014

相关漏洞威胁

CVE-2009-41179.3

Multiple stack-based buffer overflows in pdf_shade4.c in MuPDF before commit 20091125231942, as used in SumatraPDF before 1.0.1, a...

CVE-2012-48959.3

Heap-based buffer overflow in SumatraPDF before 2.1 allows remote attackers to execute arbitrary code via a crafted PDF document, ...

CVE-2012-53407.8

SumatraPDF 2.1.1/MuPDF 1.0 allows remote attackers to cause an Integer Overflow in the lex_number() function via a corrupt PDF fil...

CVE-2013-28307.8

Use-after-free vulnerability in SumatraPDF Reader 2.x before 2.2.1 allows remote attackers to execute arbitrary code via a crafted...