CVE-2006-6146

Sažetak

Buffer overflow in the HPDF_Page_Circle function in hpdf_page_operator.c in Takeshi Kanno Haru Free PDF Library (libharu2, aka libharu) 2.0.7 and earlier allows context-dependent attackers to cause a denial of service (application crash) via certain arguments that yield a large amount of PDF data, as demonstrated by a filled circle.

Reference

http://sourceforge.net/project/shownotes.php?release_id=465886
http://sourceforge.net/tracker/index.php?func=detail&aid=1597538&group_id=83044&atid=568129
http://www.securityfocus.com/bid/21259
http://www.vupen.com/english/advisories/2006/4675

CVSS

Base:	2.6
Impact:	2.9
Exploitability:	4.9

Pristup

Vektor	Složenost	Autentikacija
NETWORK	HIGH	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	NONE	PARTIAL

CVSS vektor

AV:N/AC:H/Au:N/C:N/I:N/A:P

Zadnje važnije ažuriranje

08-03-2011 - 02:45

Objavljeno

28-11-2006 - 23:28