Vulnerabilities > CVE-2019-1000031 - Memory Leak vulnerability in Article2Pdf Project Article2Pdf

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

article2pdf-project

CWE-401

NVD

Published: 2019-03-27

Updated: 2023-02-02

Summary

A disk space or quota exhaustion issue exists in article2pdf_getfile.php in the article2pdf Wordpress plugin 0.24, 0.25, 0.26, 0.27. Visiting PDF generation link but not following the redirect will leave behind a PDF file on disk which will never be deleted by the plug-in.

Vulnerable Configurations

Part	Description	Count
Application	Article2Pdf_Project Article2Pdf Project Article2Pdf 0.24 Article2Pdf Project Article2Pdf 0.25 Article2Pdf Project Article2Pdf 0.26 Article2Pdf Project Article2Pdf 0.27	4

Common Weakness Enumeration (CWE)

CWE-401 - Improper Release of Memory Before Removing Last Reference ('Memory Leak')

Packetstorm

data source	https://packetstormsecurity.com/files/download/152236/wparticle2pdf024-dosdisclose.txt
id	PACKETSTORM:152236
last seen	2019-03-26
published	2019-03-26
reporter	Christian Lerrahn
source	https://packetstormsecurity.com/files/152236/WordPress-article2pdf-0.24-DoS-File-Deletion-Disclosure.html
title	WordPress article2pdf 0.24 DoS / File Deletion / Disclosure

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

Packetstorm

References