Buffer overflow in Sumatrapdfreader Sumatrapdf
CVE-2012-4896
Heap-based buffer overflow in SumatraPDF before 2.1 allows remote attackers to execute arbitrary code via a crafted PDF document, a different vulnerability than CVE-2012-4895.
Vulnerability class: Buffer Overflow
EPSS: 0.052 (91.4th percentile) — read the EPSS interpretation.
Affected products
- Sumatrapdfreader Sumatrapdf — versions 0.1, 0.2, 0.3
- N/a — versions n/a
Weakness classification (CWE)
Public proof-of-concept exploits
References
- cve@mitre.org (x_refsource_SECUNIA, third-party-advisory)
- cve@mitre.org (x_refsource_CONFIRM)
- cve@mitre.org (x_refsource_MISC)
Frequently asked questions
- What is CVE-2012-4896?
- CVE-2012-4896 is a vulnerability in Sumatrapdfreader Sumatrapdf, classified under Improper Restriction of Operations within the Bounds of a Memory Buffer. Published 2012-10-05.
- Is CVE-2012-4896 known to be exploited?
- 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.