PT-2013-5545 · Ibm · Ibm Forms Viewer

Andrea Micalizzi

+1

·

Publicado

2013-12-10

·

Atualizado

2017-08-29

·

CVE-2013-5447

CVSS v2.0

6.8

Média

VetorAV:N/AC:M/Au:N/C:P/I:P/A:P
Name of the Vulnerable Software and Affected Versions IBM Forms Viewer versions 4.x before 4.0.0.3 IBM Forms Viewer versions 8.x before 8.0.1.1
Description The issue is a stack-based buffer overflow that allows remote attackers to execute arbitrary code. This is achieved via an XFDL form with a long fontname value.
Recommendations For versions 4.x before 4.0.0.3, update to version 4.0.0.3 or later. For versions 8.x before 8.0.1.1, update to version 8.0.1.1 or later.

Exploit

Correção

Buffer Overflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-119

Identificadores relacionados

CVE-2013-5447
ZDI-13-274

Produtos afetados

Ibm Forms Viewer