CVE-2012-5340 — Vulnetix

CVE-2012-5340 REJECTED

SumatraPDF 2.1.1/MuPDF 1.0 allows remote attackers to cause an Integer Overflow in the lex_number() function via a corrupt PDF file.

EPSS 2.48% · 85.6th percentile

Risk Scores

EPSS Score

2.48%

85.6th percentile

Affected Products

Vendor	Product	Versions
Ubuntu:18.04:LTS	mupdf	1.11+ds1-1.1, *, 0

Exploit Intelligence

CIRCL confirmed: CVE-2012-5340 (circl-sighting)
https://bugs.ghostscript.com/show_bug.cgi?id=693371 (circl)
https://cgit.ghostscript.com/cgi-bin/cgit.cgi/mupdf.git/commit/?id=f919270b6a732ff45c3ba2d0c105e2b39e9c9bc9 (circl)
SumatraPDF 2.1.1/MuPDF 1.0 - Integer Overflow - Windows dos Exploit (variot)
SumatraPDF 2.1.1/MuPDF 1.0 - Integer Overflow - Windows dos Exploit (variot)
SumatraPDF 2.1.1/MuPDF 1.0 - Integer Overflow - Windows dos Exploit (variot)
23246 (cve.org)
Sumatra 2.1.1/MuPDF 1.0 Integer Overflow (0day-today)
Sumatra 2.1.1/MuPDF 1.0 Integer Overflow (0day-today)

Timeline

Dec 9, 2012 CVE Published
Dec 9, 2012 PoC Published
Dec 9, 2012 PoC Published
Dec 9, 2012 PoC Published
Feb 4, 2022 EPSS Score
Mar 29, 2022 EPSS Score
May 20, 2022 EPSS Score
Sep 3, 2022 EPSS Score
Oct 26, 2022 EPSS Score
Dec 18, 2022 EPSS Score
Feb 8, 2023 EPSS Score
Mar 7, 2023 EPSS Score

References

https://ubuntu.com/security/CVE-2012-5340 third-party-advisory
https://git.ghostscript.com/?p=mupdf.git;a=commitdiff;h=f919270b6a732ff45c3ba2d0c105e2b39e9c9bc9 third-party-advisory
http://www.exploit-db.com/exploits/23246 third-party-advisory
https://www.cve.org/CVERecord?id=CVE-2012-5340 third-party-advisory

Open in Interactive Console →

$ Console Community · 100/wk Open console ›