Ace Team

**Name of the Vulnerable Software and Affected Versions** PoDoFo version 0.9.6 **Description** The issue is related to a NULL pointer dereference in the `setSource()` function, which can be triggered by sending a crafted PDF file. This can cause a Denial of Service (Segmentation fault) or possibly have other unspecified impacts. **Recommendations** For PoDoFo version 0.9.6, consider avoiding the use of the `setSource()` function in `PdfTranslator` until a patch is available. As a temporary workaround, restrict the input to the `podofoimpose` binary to prevent crafted PDF files from being processed.

**Name of the Vulnerable Software and Affected Versions** AdvanceCOMP versions prior to 2.1 **Description** An issue was discovered that can cause an invalid memory address to occur in the `adv png unfilter 8` function in `lib/png.c`. This can be triggered by sending a crafted file to a binary, allowing an attacker to cause a Denial of Service (Segmentation fault) or possibly have unspecified other impact when a victim opens a specially crafted file. **Recommendations** For AdvanceCOMP versions prior to 2.1, consider updating to a version that fixes the issue in the `adv png unfilter 8` function. As a temporary workaround, consider restricting the use of the `lib/png.c` module to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** PoDoFo version 0.9.6 **Description** A NULL pointer dereference issue exists in the function PdfTranslator::setTarget() in pdftranslator.cpp, which occurs when creating the PdfXObject. This can be exploited to cause a Denial of Service. **Recommendations** For PoDoFo version 0.9.6, consider applying a patch or fix that addresses the NULL pointer dereference in the PdfTranslator::setTarget() function to prevent Denial of Service attacks. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** PoDoFo version 0.9.6 **Description** The issue is related to a NULL pointer dereference in the `crop page` function. This occurs when the `GetObject()` function is called on a `pPage` object that is NULL, specifically when `pPage` has a value of 0x0. The problem arises when a crafted PDF document is processed, potentially leading to a denial of service. The vulnerability can be exploited by a remote attacker using a specially formed file. **Recommendations** For PoDoFo version 0.9.6, consider applying a patch or fix that addresses the NULL pointer dereference issue in the `crop page` function to prevent potential denial of service attacks. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** libmp4v2 version 2.1.0 **Description** The issue arises from the function `MP4Free()` in `mp4property.cpp`, which internally calls `free()` on an invalid pointer. This results in a SIGABRT signal being raised. **Recommendations** For libmp4v2 version 2.1.0, consider disabling the `MP4Free()` function as a temporary workaround until a patch is available.

**Name of the Vulnerable Software and Affected Versions** AdvanceCOMP versions prior to 2.1 **Description** An issue exists in the function `be uint32 read()` located in `endianrw.h`, which can cause a NULL pointer dereference. This can be triggered by sending a crafted file to a binary, allowing an attacker to cause a Denial of Service or possibly have other unspecified impact when a victim opens a specially crafted file. **Recommendations** For AdvanceCOMP versions prior to 2.1, as a temporary workaround, consider restricting the use of the `be uint32 read()` function until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** fig2dev version 3.2.7a **Description** A buffer underwrite issue in the `get line()` function allows an attacker to write prior to the beginning of the buffer via a crafted .fig file, potentially leading to a denial of service. The vulnerability is related to a buffer operation exceeding its boundaries in memory. **Recommendations** For fig2dev version 3.2.7a, consider avoiding the use of the `get line()` function until a patch is available. As a temporary workaround, restrict the processing of .fig files to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.