Denial of Service and Arbitrary Code Execution Vulnerability in Investintech.com SlimPDF Reader

Denial of Service and Arbitrary Code Execution Vulnerability in Investintech.com SlimPDF Reader

CVE-2011-4219 · HIGH Severity

AV:N/AC:M/AU:N/C:C/I:C/A:C

Investintech.com SlimPDF Reader does not prevent faulting-address data from affecting branch selection, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document.

Learn more about our Web Application Penetration Testing UK.