A XFDL form with a PNG image that exposes this issue can crash the IBM Forms Viewer
CVEID: CVE-2013-6954
DESCRIPTION:
A XFDL form can be created utilizing a specially created PNG image that could result in the IBM Forms Viewer to crash.
CVSS Base Score: 4.3
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/89917> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:N/A:P)
IBM Forms Viewer 4.0
IBM Forms Viewer 8.0
IBM Forms Viewer 8.0.1
Product
| VRMF|APAR|Remediation
—|—|—|—
IBM Forms Viewer| 4.0.0.| LO79835| Install IBM Forms Viewer 4.0.0.3 CF1 from Fix Central
IBM Forms Viewer| 8.0.0.| LO79835| Install IBM Forms Viewer 8.0.1.1 CF1 from Fix Central
IBM Forms Viewer| 8.0.1.*| LO79835| Install IBM Forms Viewer 8.0.1.1 CF1 from Fix Central
To expose this issue, the user will have to be directed to open this specifically crafted form that uses a PNG image that exposes this issue.