) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
- Keyword (text search): cpe:2.3:a:sumatrapdfreader:sumatrapdf:0.9.3:*:*:*:*:*:*:*
- CPE Name Search: true
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2012-4896 |
Heap-based buffer overflow in SumatraPDF before 2.1 allows remote attackers to execute arbitrary code via a crafted PDF document, a different vulnerability than CVE-2012-4895. Published: October 05, 2012; 6:51:16 AM -0400 |
V3.x:(not available) V2.0: 9.3 HIGH |
| CVE-2012-4895 |
Heap-based buffer overflow in SumatraPDF before 2.1 allows remote attackers to execute arbitrary code via a crafted PDF document, a different vulnerability than CVE-2012-4896. Published: October 05, 2012; 6:51:16 AM -0400 |
V3.x:(not available) V2.0: 9.3 HIGH |
| CVE-2009-4117 |
Multiple stack-based buffer overflows in pdf_shade4.c in MuPDF before commit 20091125231942, as used in SumatraPDF before 1.0.1, allow remote attackers to cause a denial of service and possibly execute arbitrary code via a /Decode array for certain types of shading that are not properly handled by the (1) pdf_loadtype4shade, (2) pdf_loadtype5shade, (3) pdf_loadtype6shade, and (4) pdf_loadtype7shade functions. NOTE: some of these details are obtained from third party information. Published: November 30, 2009; 7:30:00 PM -0500 |
V3.x:(not available) V2.0: 9.3 HIGH |
| CVE-2009-1605 |
Heap-based buffer overflow in the loadexponentialfunc function in mupdf/pdf_function.c in MuPDF in the mupdf-20090223-win32 package, as used in SumatraPDF 0.9.3 and earlier, allows remote attackers to execute arbitrary code via a crafted PDF file. NOTE: some of these details are obtained from third party information. Published: May 11, 2009; 4:00:00 PM -0400 |
V3.x:(not available) V2.0: 9.3 HIGH |