oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: podofo: heap-based buffer overflow in PoDoFo::PdfTokenizer::GetNextToken (PdfTokenizer.cpp)

From: <cve-assign () mitre org>
Date: Sat, 4 Feb 2017 21:37:33 -0500
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256


https://blogs.gentoo.org/ago/2017/02/03/podofo-heap-based-buffer-overflow-in-podofopdftokenizergetnexttoken-pdftokenizer-cpp

AddressSanitizer: heap-buffer-overflow ... WRITE of size 1
PoDoFo::PdfTokenizer::GetNextToken
podofo-0.9.4/src/base/PdfTokenizer.cpp:319:35


Use CVE-2017-5886.

- -- 
CVE Assignment Team
M/S M300, 202 Burlington Road, Bedford, MA 01730 USA
[ A PGP key is available for encrypted communications at
  http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJYlo4QAAoJEHb/MwWLVhi2T54P/3G4AZvxhRQ/saMpglz/74oO
pJJlK/9Jyz2XS6dVOtl9TvZEKeoBDMBRVLSn/pmmd0+4Xc6xJH6jHOFJ7aj3uBYa
zsezTQ//REBWTqGj4KzVv5rDnWzHgjxQOVXKlgpE7Hjk33Qj0MpBFOMLohhcJvRb
hQDDVX5ESBPd8QqId3LeH7Shvuwmc2BdzmnmPIKIQhyhX0Bko15cv6HNkMi3Glwm
iNKyLBYfAG6SqxL79+R6nA1Lwwuiggei1o+D0KCJnbNyseSmN5+3/BwEYV1NCKk+
gOBVFQzQZCNEDhOjm4jniIvayq7Xz9CcdU2UrNw9zz8Wqbo2zpDnOK45/Bc8A0VK
6PT8E+4ZIRHCpawKI6ahLa/2R4JX+0cbgVvBAsXi8ag0hv/GaCB07tpwmNixUGpU
gAGiTdhLkYgaggFxl/Lhy98YJ+nylxda53X+p5oufLKeNDNG++eNoCdK/G4Xe1cs
DDO2NO+bJgVuS1F3LnUkPKICAOB2oX3uyTvNZYf4HyT1siE5xAexW74aPgzgBBAo
XHop6F9+UfPXoirsjYYf7eXg11/nsgWOMaQGMhOiTRtmO1vCtnvPivzQQFddOzAo
dzVyY4vauylo3u3uHvGZ55cdGQlOI3zqCfuxMrTiy/5oeDAUm0gJbY+8JZ8gQa55
WhzHoLiuILdVj/UH9Uo7
=Si1S
-----END PGP SIGNATURE-----
Previous By Date Next
Previous By Thread Next

Current thread: