libpodofo.so is susceptible to denial of service (DoS). The attacker can send a malicious PDF file to the crop_page()
function of tools/podofocrop/podofocrop.cpp
which leads to the execution of pPage->GetObject()->GetDictionary().AddKey( PdfName("MediaBox"), var )
resulting in an unauthorized access to the memory.
CPE | Name | Operator | Version |
---|---|---|---|
libpodofo.so | le | 0.9.1 | |
podofo:edge | eq | 0.9.6-r2 |