CVE-2009-3050

Published Sep 2, 2009

Last updated 15 years ago

Overview

Description: Buffer overflow in the set_page_size function in util.cxx in HTMLDOC 1.8.27 and earlier allows context-dependent attackers to execute arbitrary code via a long MEDIA SIZE comment. NOTE: it was later reported that there were additional vectors in htmllib.cxx and ps-pdf.cxx using an AFM font file with a long glyph name, but these vectors do not cross privilege boundaries.
Source: cve@mitre.org
NVD status: Analyzed

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 10
Impact score: 10
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:C/I:C/A:C

Weaknesses

nvd@nist.gov: CWE-119

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:htmldoc:htmldoc:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "869A7EC3-6B3E-45B8-A507-CE0004CC12E0",
            "versionEndIncluding": "1.8.27"
          },
          {
            "criteria": "cpe:2.3:a:htmldoc:htmldoc:1.8.24:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DC979928-F1B0-43C6-97A2-066BC6DC5B7A"
          },
          {
            "criteria": "cpe:2.3:a:htmldoc:htmldoc:1.8.25:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8ACF69DD-2922-4B08-A13C-8F5AB50E2FB8"
          },
          {
            "criteria": "cpe:2.3:a:htmldoc:htmldoc:1.8.26:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FE1F2321-B852-4660-BAF2-A19B3A501897"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Social media

Risk scores

CVSS 2.0

Weaknesses

Configurations

References