Uncontrolled Memory Allocation Vulnerability in PoDoFo 0.9.5

CVE-2018-5296 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:N/A:P

In PoDoFo 0.9.5, there is an uncontrolled memory allocation in the PdfParser::ReadXRefSubsection function (base/PdfParser.cpp). Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted pdf file.

Learn more about our Web Application Penetration Testing UK.