Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
SumatraPDF's Integer Underflow in PalmDbReader Leads to Crash
Vulnerability Description
SumatraPDF is a multi-format reader for Windows. All versions contain an off-by-one error in the validation code that only triggers with exactly 2 records, causing an integer underflow in the size calculation. This bug exists in PalmDbReader::GetRecord when opening a crafted Mobi file, resulting in an out-of-bounds heap read that crashes the app. There are no published fixes at the time of publication.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Vulnerability Type
跨界内存读
Vulnerability Title
sumatrapdf 数字错误漏洞
Vulnerability Description
sumatrapdf是sumatrapdfreader开源的一个PDF阅读器。 SumatraPDF存在数字错误漏洞,该漏洞源于处理特制Mobi文件时存在差一错误和整数下溢,可能导致越界堆读取和应用程序崩溃。
CVSS Information
N/A
Vulnerability Type
N/A