source: http://www.securityfocus.com/bid/63374/info Poppler is prone to a local format-string vulnerability because it fails to sanitize user-supplied input. An attacker may exploit this issue to execute arbitrary code in the context of the vulnerable application. Failed exploit attempts will likely result in a denial-of-service condition. Versions prior to Poppler 0.24.3 are vulnerable. ./pdfseparate -f 1 -l 1 aPdfFile.pdf "%x%x%x%x%x%x%n"
Related ExploitsTrying to match CVEs (1): CVE-2013-4474
Trying to match OSVDBs (1): 99066
Other Possible E-DB Search Terms: Poppler 0.14.3, Poppler
|2008-07-08||6032||Poppler 0.8.4 - libpoppler Uninitialized pointer Code Execution (PoC)||Felipe Andres Manzano|
|2009-02-12||32800||Poppler 0.10.3 - Multiple Denial of Service Vulnerabilities||Romario|