PT-2008-1478 · Activepdf · Activepdf Server
Publicado
2008-02-28
·
Atualizado
2008-09-05
·
CVE-2007-5397
CVSS v2.0
7.5
Alta
| Vetor | AV:N/AC:L/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
activePDF Server versions 3.8.4 through 3.8.5.14
activePDF Server versions prior to 3.8.6.16
Description
The issue is a heap-based buffer overflow in the activePDF Server service, allowing remote attackers to execute arbitrary code. This can be achieved by sending a packet with a size field that is less than the actual size of the data.
Recommendations
For activePDF Server versions 3.8.4 through 3.8.5.14, update to version 3.8.6.16 or later.
For activePDF Server versions prior to 3.8.6.16, update to version 3.8.6.16 or later.
Correção
Buffer Overflow
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Activepdf Server