Nuance PDF Reader 'pdfcore8.dll' Buffer Overflow Vulnerability Apr14 Network Vulnerability

Summary

The host is installed with Nuance PDF Reader and is prone to buffer overflow vulnerability.

Impact

Successful exploitation will allow remote attackers to conduct denial of service or possibly execution of arbitrary code. Impact Level: System/Application

Solution

Upgrade to Nuance PDF Reader version 8.1 or later. For updates refer, http://www.nuance.com/products/pdf-reader/index.htm

Insight

The flaw is due to an error in 'pdfcore8.dll' when processing naming table entries within embedded TTF files.

Affected

Nuance PDF Reader version before 8.1

Detection

Get the installed version with the help of detect NVT and check the version is vulnerable or not.

References

http://osvdb.org/93870
http://secunia.com/advisories/51943
http://xforce.iss.net/xforce/xfdb/84695

Updated on 2015-03-25

Severity

Classification

CVE CVE-2013-0732

CVSS	Base Score: 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

BaoFeng Storm '.smpl' File Buffer Overflow Vulnerability
Buffer Overflow Vulnerability in Adobe Reader (Linux)
Dell Webcam 'crazytalk4.ocx' ActiveX Multiple BOF Vulnerabilities
Alleycode HTML Editor Buffer Overflow Vulnerabilities
Adobe Reader '/Registry' and '/Ordering' Buffer Overflow Vulnerability (Win)

Take action and discover your vulnerabilities