---

CVE-2017-5886 - log back

CVE-2017-5886 edited at 10 Jan 2021 10:18:39
Description	- Heap-based buffer overflow in the PoDoFo::PdfTokenizer::GetNextToken function in PdfTokenizer.cpp in PoDoFo 0.9.4 allows remote attackers to have unspecified impact via a crafted file. + Heap-based buffer overflow in the PoDoFo::PdfTokenizer::GetNextToken function in PdfTokenizer.cpp in PoDoFo 0.9.5 allows remote attackers to have unspecified impact via a crafted file.

CVE-2017-5886 edited at 10 Jan 2021 10:03:13
References	https://www.securityfocus.com/bid/96512 - https://sourceforge.net/p/podofo/code/1892/ + https://sourceforge.net/p/podofo/code/1837/

CVE-2017-5886 edited at 10 Jan 2021 09:58:12
References	https://www.securityfocus.com/bid/96512 + https://sourceforge.net/p/podofo/code/1892/

CVE-2017-5886 edited at 10 Jan 2021 09:56:24
Severity	- Unknown + Medium
Remote	- Unknown + Local
Type	- Unknown + Arbitrary code execution
Description	+ Heap-based buffer overflow in the PoDoFo::PdfTokenizer::GetNextToken function in PdfTokenizer.cpp in PoDoFo 0.9.4 allows remote attackers to have unspecified impact via a crafted file.
References	+ https://www.securityfocus.com/bid/96512
Notes

CVE-2017-5886 created at 10 Jan 2021 09:54:00