CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
94.0%
DjVuLibre before 3.5.25.3, as used in Evince, Sumatra PDF Reader, VuDroid, and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted DjVu (aka .djv) file.
Vendor | Product | Version | CPE |
---|---|---|---|
djvulibre_project | djvulibre | * | cpe:2.3:a:djvulibre_project:djvulibre:*:*:*:*:*:*:*:* |
djvulibre_project | djvulibre | 3.5.1 | cpe:2.3:a:djvulibre_project:djvulibre:3.5.1:*:*:*:*:*:*:* |
djvulibre_project | djvulibre | 3.5.2 | cpe:2.3:a:djvulibre_project:djvulibre:3.5.2:*:*:*:*:*:*:* |
djvulibre_project | djvulibre | 3.5.3 | cpe:2.3:a:djvulibre_project:djvulibre:3.5.3:*:*:*:*:*:*:* |
djvulibre_project | djvulibre | 3.5.4 | cpe:2.3:a:djvulibre_project:djvulibre:3.5.4:*:*:*:*:*:*:* |
djvulibre_project | djvulibre | 3.5.5 | cpe:2.3:a:djvulibre_project:djvulibre:3.5.5:*:*:*:*:*:*:* |
djvulibre_project | djvulibre | 3.5.6 | cpe:2.3:a:djvulibre_project:djvulibre:3.5.6:*:*:*:*:*:*:* |
djvulibre_project | djvulibre | 3.5.7 | cpe:2.3:a:djvulibre_project:djvulibre:3.5.7:*:*:*:*:*:*:* |
djvulibre_project | djvulibre | 3.5.8 | cpe:2.3:a:djvulibre_project:djvulibre:3.5.8:*:*:*:*:*:*:* |
djvulibre_project | djvulibre | 3.5.9 | cpe:2.3:a:djvulibre_project:djvulibre:3.5.9:*:*:*:*:*:*:* |