---

CVE-2017-8054 - log back

CVE-2017-8054 edited at 10 Jan 2021 10:56:19

Description

- The function PdfPagesTree::GetPageNodeFromArray in PdfPageTree.cpp:464 in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (infinite recursion and application crash) via a crafted PDF document. + The function PdfPagesTree::GetPageNodeFromArray in PdfPageTree.cpp:464 in PoDoFo 0.9.6 allows remote attackers to cause a denial of service (infinite recursion and application crash) via a crafted PDF document. The issue is fixed in PoDoFo version 0.9.7.

CVE-2017-8054 edited at 10 Jan 2021 09:32:52
References	https://qwertwwwe.github.io/2017/04/22/PoDoFo-0-9-5-allows-remote-attackers-to-cause-a-denial-of-service-infinit-loop/ + https://sourceforge.net/p/podofo/code/1941/

CVE-2017-8054 edited at 10 Jan 2021 09:17:02
Severity	- Unknown + Low
Remote	- Unknown + Local
Type	- Unknown + Denial of service
Description	+ The function PdfPagesTree::GetPageNodeFromArray in PdfPageTree.cpp:464 in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (infinite recursion and application crash) via a crafted PDF document.
References	+ https://qwertwwwe.github.io/2017/04/22/PoDoFo-0-9-5-allows-remote-attackers-to-cause-a-denial-of-service-infinit-loop/

CVE-2017-8054 created at 10 Jan 2021 09:16:02
Severity	+ Unknown
Remote	+ Unknown
Type	+ Unknown
Description
References
Notes