CVE-2013-4474
Canonical Ubuntu Linux < 0.24.1 - Improper Input Validation
Title source: ruleExploitation Summary
EIP tracks 1 public exploit for CVE-2013-4474. PoCs published by Daniel Kahn Gillmor.
AI-analyzed exploit summary This exploit leverages a format-string vulnerability in Poppler's pdfseparate utility by passing unsanitized format specifiers as a filename argument, potentially leading to arbitrary code execution or denial-of-service.
Description
Format string vulnerability in the extractPages function in utils/pdfseparate.cc in poppler before 0.24.3 allows remote attackers to cause a denial of service (crash) via format string specifiers in a destination filename.
Exploits (1)
This exploit leverages a format-string vulnerability in Poppler's pdfseparate utility by passing unsanitized format specifiers as a filename argument, potentially leading to arbitrary code execution or denial-of-service.