Vulnerability Details : CVE-2013-0729
Heap-based buffer overflow in Tracker Software PDF-XChange before 2.5.208 allows remote attackers to execute arbitrary code via a crafted Define Huffman Table header in a JPEG image file stream in a PDF file.
Vulnerability category: OverflowExecute code
Products affected by CVE-2013-0729
- cpe:2.3:a:tracker-software:pdf-xchange_viewer:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2013-0729
9.25%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 92 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2013-0729
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
9.3
|
HIGH | AV:N/AC:M/Au:N/C:C/I:C/A:C |
8.6
|
10.0
|
NIST |
CWE ids for CVE-2013-0729
-
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.Assigned by: nvd@nist.gov (Primary)
References for CVE-2013-0729
-
http://www.tracker-software.com/company/news_press_events/view/123
Tracker Software Products :: News, Press Releases & EventsPatch;Vendor Advisory
-
http://osvdb.org/89442
Broken Link
-
http://www.securityfocus.com/bid/57491
PDF-XChange Viewer PDF File Handling Heap Buffer Overflow VulnerabilityThird Party Advisory;VDB Entry
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/81427
PDF-XChange Viewer buffer overflow CVE-2013-0729 Vulnerability ReportVDB Entry
-
http://secunia.com/advisories/51855
Sign inVendor Advisory
Jump to