2009-11-10 20:30:01 2009-11-24 08:04:25

Multiple integer overflows in Christos Zoulas file before 5.02 allow user-assisted remote attackers to have an unspecified impact via a malformed compound document (aka cdf) file that triggers a buffer overflow.

Vector

NETWORK

Complexity

MEDIUM

Authentication

NONE

Confidentiality

COMPLETE

Integrity

COMPLETE

Availability

COMPLETE
Christos zoulas File 3.41 (not an official CPE) Christos zoulas File 3.40 (not an official CPE) Christos zoulas File 4.01 (not an official CPE) Christos zoulas File 4.06 (not an official CPE) Christos zoulas File 4.03 (not an official CPE) Christos zoulas File 4.07 (not an official CPE) Christos zoulas File 4.02 (not an official CPE) Christos zoulas File 4.08 (not an official CPE) Christos zoulas File 4.09 (not an official CPE) Christos zoulas File 4.04 (not an official CPE) Christos zoulas File 4.25 (not an official CPE) Christos zoulas File 4.24 (not an official CPE) Christos zoulas File 4.26 (not an official CPE) Christos zoulas File 4.21 (not an official CPE) Christos zoulas File 4.20 (not an official CPE) Christos zoulas File 4.23 (not an official CPE) Christos zoulas File 4.19 (not an official CPE) Christos zoulas File 4.17 (not an official CPE) Christos zoulas File 3.33 (not an official CPE) Christos zoulas File 3.32 (not an official CPE) Christos zoulas File 5.00 (not an official CPE) Christos zoulas File 5.01 (not an official CPE) Christos zoulas File 3.31 (not an official CPE) Christos zoulas File 3.30 (not an official CPE) Christos zoulas File 3.37 (not an official CPE) Christos zoulas File 3.36 (not an official CPE) Christos zoulas File 3.34 (not an official CPE) Christos zoulas File 4.16 (not an official CPE) Christos zoulas File 4.15 (not an official CPE) Christos zoulas File 4.14 (not an official CPE) Christos zoulas File 4.13 (not an official CPE) Christos zoulas File 4.12 (not an official CPE) Christos zoulas File 4.11 (not an official CPE) Christos zoulas File 3.38 (not an official CPE) Christos zoulas File 3.39 (not an official CPE)
Advisory Patch Confirmed Link
37074
[file] 20090504 file-5.02 is now available