Nuance PDF Reader 'pdfcore8.dll' Buffer Overflow Vulnerability Apr14 Network Vulnerability

Summary

The host is installed with Nuance PDF Reader and is prone to buffer overflow vulnerability.

Impact

Successful exploitation will allow remote attackers to conduct denial of service or possibly execution of arbitrary code. Impact Level: System/Application

Solution

Upgrade to Nuance PDF Reader version 8.1 or later. For updates refer, http://www.nuance.com/products/pdf-reader/index.htm

Insight

The flaw is due to an error in 'pdfcore8.dll' when processing naming table entries within embedded TTF files.

Affected

Nuance PDF Reader version before 8.1

Detection

Get the installed version with the help of detect NVT and check the version is vulnerable or not.

References

http://osvdb.org/93870
http://secunia.com/advisories/51943
http://xforce.iss.net/xforce/xfdb/84695

Updated on 2015-03-25

Severity

Classification

CVE CVE-2013-0732
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

ClamAV 'find_stream_bounds()' function Buffer Overflow Vulnerability
Adobe Reader Buffer Overflow Vulnerability Sep09 (Win)
Apache APR and APR-util Multiple Integer Overflow Vulnerabilities
CTorrent/Enhanced CTorrent Buffer Overflow Vulnerability
Adobe Reader 'XFDF' File Buffer Overflow Vulnerability (Linux)

Take action and discover your vulnerabilities