漏洞标题
N/A
漏洞描述信息
在 Iceni Argus 中存在一个可被攻击的整除漏洞。当尝试将不完整的 PDF 转换为 XML 时,它将尝试将字体中的每个字符转换为多边形,然后尝试将这些形状 rasterize。当应用程序尝试遍历行并初始化缓冲区中的多边形形状时,它将写入缓冲区的界外。这可能导致运行该帐户上下文中的代码执行。
CVSS信息
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
漏洞类别
N/A
漏洞标题
N/A
漏洞描述信息
An exploitable integer-overflow vulnerability exists within Iceni Argus. When it attempts to convert a malformed PDF to XML, it will attempt to convert each character from a font into a polygon and then attempt to rasterize these shapes. As the application attempts to iterate through the rows and initializing the polygon shape in the buffer, it will write outside of the bounds of said buffer. This can lead to code execution under the context of the account running it.
CVSS信息
N/A
漏洞类别
N/A
漏洞标题
Iceni Argus 数字错误漏洞
漏洞描述信息
Iceni Argus是英国Iceni公司的一套PDF文档类型转换工具。 Iceni Argus中存在整数溢出漏洞。攻击者可利用该漏洞执行任意代码。
CVSS信息
N/A
漏洞类别
输入验证错误