Buffer overflow in Sumatrapdfreader Sumatrapdf

CVE-2012-4896

Heap-based buffer overflow in SumatraPDF before 2.1 allows remote attackers to execute arbitrary code via a crafted PDF document, a different vulnerability than CVE-2012-4895.

Vulnerability class: Buffer Overflow

EPSS: 0.052 (91.4th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

Public proof-of-concept exploits

References

Frequently asked questions

What is CVE-2012-4896?
CVE-2012-4896 is a vulnerability in Sumatrapdfreader Sumatrapdf, classified under Improper Restriction of Operations within the Bounds of a Memory Buffer. Published 2012-10-05.
Is CVE-2012-4896 known to be exploited?
2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.