Vulnerabilities > CVE-2021-30472 - Out-of-bounds Write vulnerability in Podofo Project Podofo 0.9.7

047910
CVSS 7.8 - HIGH
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
local
low complexity
podofo-project
CWE-787

Summary

A flaw was found in PoDoFo 0.9.7. A stack-based buffer overflow in PdfEncryptMD5Base::ComputeOwnerKey function in PdfEncrypt.cpp is possible because of a improper check of the keyLength value.

Vulnerable Configurations

Part Description Count
Application
Podofo_Project
1

Common Weakness Enumeration (CWE)