Heap-based Buffer Overflow in SumatraPDF Affects Users
CVE-2012-4896

Currently unrated

Key Information:

Vendor: SumatraPDFreader
Status: SumatraPDF
Vendor: CVE Published:; 5 October 2012

🔔 Create SumatraPDFreader Vulnerability Alert

What is CVE-2012-4896?

The vulnerability found in SumatraPDF prior to version 2.1 is a heap-based buffer overflow that enables remote attackers to execute arbitrary code. This exploitation occurs when a specially crafted PDF document is processed by the application, potentially allowing unauthorized access and manipulation of system resources.

References

http://secunia.com/advisories/50656

third-party-advisoryx_refsource_SECUNIA

http://code.google.com/p/sumatrapdf/source/browse/trunk/d...

x_refsource_CONFIRM

http://technet.microsoft.com/security/msvr/msvr12-014

x_refsource_MISC

EPSS Score

8% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 5, 2012
Vulnerability Reserved
Sep 12, 2012

CVE-2012-4896 Data

JSON