Vulnerabilities > CVE-2022-24960 - Use After Free vulnerability in Pdftron 9.2.0

047910
CVSS 4.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
PARTIAL
Availability impact
NONE

Summary

A use after free vulnerability was discovered in PDFTron SDK version 9.2.0. A crafted PDF can overwrite RIP with data previously allocated on the heap. This issue affects: PDFTron PDFTron SDK 9.2.0 on OSX; 9.2.0 on Linux; 9.2.0 on Windows.

Vulnerable Configurations

Part Description Count
Application
Pdftron
1
Application
Linux
1
OS
Apple
1
OS
Microsoft
1

Common Weakness Enumeration (CWE)