Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-5006

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2012-5006
Last Modified 20 Sep 2012 12:00:00
Published 19 Sep 2012 05:55:09
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2012-5006

Summary

Heap-based buffer overflow in npdjvu.dll in Caminova DjVu Browser Plug-in 6.1.4 Build 27351 and other versions before 6.1.4.27993 allows remote attackers to execute arbitrary code via a crafted Sjbz chunk in a djvu file.

Vulnerable Systems

Application

  • Caminova Djvu Browser Plug-in 6.1.4


References

BID - 51675

OSVDB - 78526

CONFIRM - http://www.caminova.com/en/downloads/download.aspx?id=1

SECUNIA - 46091


Last Updated: 27 May 2016 11:00:44