Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
DjVuLibre before 3.5.25.3, as used in Evince, Sumatra PDF Reader, VuDroid, and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted DjVu (aka .djv) file.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
DjVuLibre 文本编码转换内存破坏漏洞
Vulnerability Description
DjVuLibre是一个DjVu图库和文档查看器,它主要用于查看DjVu格式的文档。 DjVuLibre 3.5.25.2及之前的版本的应用程序以导致内存损坏的方式分析DjVu(.djv) 文件时,存在一个漏洞。成功利用此漏洞的攻击者可以在当前用户的安全上下文中运行任意代码。如果当前用户使用管理用户权限登录,成功利用此漏洞的攻击者便可完全控制受影响的系统。攻击者可随后安装程序;查看、更改或删除数据;或者创建拥有完全用户权限的新帐户。
CVSS Information
N/A
Vulnerability Type
N/A