CVE-2012-4914

CoolPDF 3.0.2.256 - Buffer Overflow

Title source: llm

Description

Stack-based buffer overflow in the reader in CoolPDF 3.0.2.256 allows remote attackers to execute arbitrary code via a PDF document with a crafted stream.

Exploits (3)

exploitdb WORKING POC VERIFIED

by Chris Gabriel · textdoswindows

https://www.exploit-db.com/exploits/24463

View Code ZIP pw:eip

metasploit WORKING POC NORMAL

by Francis Provencher, Chris Gabriel, juan vazquez · rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/fileformat/coolpdf_image_stream_bof.rb

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotewindows

https://www.exploit-db.com/exploits/24876

View Code ZIP pw:eip

References (2)

[Vendor Advisory] http://secunia.com/advisories/51602

[Various Sources] http://www.protekresearchlab.com/index.php?option=com_content&view=article&id=70&Itemid=70

Scores

EPSS 0.6592

EPSS Percentile 98.5%

Classification

CWE

CWE-119

Status draft

Affected Products (1)

coolpdf/coolpdf

Timeline

Published Jan 26, 2013

Tracked Since Feb 18, 2026