CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2017-7994

The function TextExtractor::ExtractText in TextExtractor.cpp:77 in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PDF document.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.006

EPSS Ranking 69.8%

CVSS Severity

CVSS v3 Score 6.5

CVSS v2 Score 4.3

References

http://www.securityfocus.com/bid/97980
https://github.com/icepng/PoC/tree/master/PoC1
https://icepng.github.io/2017/04/21/PoDoFo-1/
http://www.securityfocus.com/bid/97980
https://github.com/icepng/PoC/tree/master/PoC1
https://icepng.github.io/2017/04/21/PoDoFo-1/

Products affected by CVE-2017-7994

Podofo Project » Podofo » Version: 0.9.5

cpe:2.3:a:podofo_project:podofo:0.9.5

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-7994

Products

Pricing

Contact Us