CVE-2007-5397
activePDF Server < 3.8.6.16 - Remote Code Execution via Malformed Packet Size Field
Title source: llmDescription
Heap-based buffer overflow in the activePDF Server service (aka APServer.exe) in activePDF Server 3.8.4 and 3.8.5.14, and possibly other versions before 3.8.6.16, allows remote attackers to execute arbitrary code via a packet with a size field that is less than the actual size of the data.
References (3)
Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/28013
Vendor Advisory x_refsource_misc
http://secunia.com/secunia_research/2007-87/advisory/
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/27371
Scores
EPSS
0.0287
EPSS Percentile
85.2%
Details
CWE
CWE-119
Status
published
Products (1)
activepdf/server
< 3.8.4
Published
Feb 28, 2008
Tracked Since
Feb 18, 2026