Shodan
Vulnerabilities
Vulnerable Software
Podofo Project:  >> Podofo  >> 0.9.4  Security Vulnerabilities
CVE-2017-6843
Heap-based buffer overflow in the PoDoFo::PdfVariant::DelayedLoad function in PdfVariant.h in PoDoFo 0.9.4 allows remote attackers to have unspecified impact via a crafted file.
CVSS Score
7.8
EPSS Score
0.005
Published
2017-03-15
CVE-2017-6844
Buffer overflow in the PoDoFo::PdfParser::ReadXRefSubsection function in PdfParser.cpp in PoDoFo 0.9.4 allows remote attackers to have unspecified impact via a crafted file.
CVSS Score
7.8
EPSS Score
0.006
Published
2017-03-15
CVE-2017-6845
The PoDoFo::PdfColor::operator function in PdfColor.cpp in PoDoFo 0.9.4 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file.
CVSS Score
5.5
EPSS Score
0.002
Published
2017-03-15
CVE-2017-6846
The GraphicsStack::TGraphicsStackElement::SetNonStrokingColorSpace function in graphicsstack.h in PoDoFo 0.9.4 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file.
CVSS Score
5.5
EPSS Score
0.004
Published
2017-03-15
CVE-2017-6847
The PoDoFo::PdfVariant::DelayedLoad function in PdfVariant.h in PoDoFo 0.9.4 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file.
CVSS Score
5.5
EPSS Score
0.004
Published
2017-03-15
CVE-2017-6849
The PoDoFo::PdfColorGray::~PdfColorGray function in PdfColor.cpp in PoDoFo 0.9.4 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file.
CVSS Score
5.5
EPSS Score
0.002
Published
2017-03-15
CVE-2017-5854
base/PdfOutputStream.cpp in PoDoFo 0.9.4 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted file.
CVSS Score
5.5
EPSS Score
0.001
Published
2017-03-01
CVE-2017-5855
The PoDoFo::PdfParser::ReadXRefSubsection function in PdfParser.cpp in PoDoFo 0.9.4 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file.
CVSS Score
5.5
EPSS Score
0.002
Published
2017-03-01
CVE-2017-5886
Heap-based buffer overflow in the PoDoFo::PdfTokenizer::GetNextToken function in PdfTokenizer.cpp in PoDoFo 0.9.4 allows remote attackers to have unspecified impact via a crafted file.
CVSS Score
7.8
EPSS Score
0.003
Published
2017-03-01
CVE-2017-5852
The PoDoFo::PdfPage::GetInheritedKeyFromObject function in base/PdfVariant.cpp in PoDoFo 0.9.4 allows remote attackers to cause a denial of service (infinite loop) via a crafted file.
CVSS Score
5.5
EPSS Score
0.002
Published
2017-03-01


Products
Pricing
Contact Us

Shodan ® - All rights reserved