Computer Security
[EN] securityvulns.ru no-pyccku


htmldoc buffer overflow
Published:14.09.2009
Source:
SecurityVulns ID:10236
Type:remote
Threat Level:
5/10
Description:Buffer overflow on oversized MEDIA SIZE comment.
Affected:HTMLDOC : htmldoc 1.8
CVE:CVE-2009-3050 (Buffer overflow in the set_page_size function in util.cxx in HTMLDOC 1.8.27 and earlier allows context-dependent attackers to execute arbitrary code via a long MEDIA SIZE comment. NOTE: it was later reported that there were additional vectors in htmllib.cxx and ps-pdf.cxx using an AFM font file with a long glyph name, but these vectors do not cross privilege boundaries.)
Original documentdocumentMANDRIVA, [ MDVSA-2009:231 ] htmldoc (14.09.2009)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod