CVE-2018-8002 - log back

CVE-2018-8002 edited at 10 Jan 2021 10:30:51
References
+ https://www.exploit-db.com/exploits/44946
- https://sourceforge.net/p/podofo/tickets/23/
+ https://sourceforge.net/p/podofo/tickets/15/
- https://bugzilla.redhat.com/show_bug.cgi?id=1595693
+ https://bugzilla.redhat.com/show_bug.cgi?id=1548930
- https://bugzilla.redhat.com/attachment.cgi?id=1455024
+ https://bugzilla.redhat.com/attachment.cgi?id=1400720
CVE-2018-8002 edited at 10 Jan 2021 10:27:30
Severity
- Unknown
+ Low
Remote
- Unknown
+ Local
Type
- Unknown
+ Denial of service
Description
+ In PoDoFo, there exists an infinite loop vulnerability in PdfParserObject::ParseFileComplete() in PdfParserObject.cpp which may result in stack overflow. Remote attackers could leverage this vulnerability to cause a denial-of-service or possibly unspecified other impact via a crafted pdf file.
References
+ https://sourceforge.net/p/podofo/tickets/23/
+ https://bugzilla.redhat.com/show_bug.cgi?id=1595693
+ https://bugzilla.redhat.com/attachment.cgi?id=1455024
Notes
CVE-2018-8002 created at 10 Jan 2021 10:26:08