Exploitation Summary
EIP tracks 1 public exploit for CVE-2018-25306. PoCs published by Hamm3r.py.
AI-analyzed exploit summary The provided content describes a buffer overflow vulnerability in PDFunite (part of the poppler package) when processing malformed PDF files. It includes a GDB stack trace showing the crash in the XRef::getEntry function and references a proof-of-concept file hosted externally.
Description
PDFunite 0.41.0 contains a buffer overflow vulnerability that allows local attackers to crash the application by processing malformed PDF files during merge operations. Attackers can trigger a segmentation fault in the XRef::getEntry function within libpoppler by providing a specially crafted PDF file to the pdfunite utility.
Exploits (1)
The provided content describes a buffer overflow vulnerability in PDFunite (part of the poppler package) when processing malformed PDF files. It includes a GDB stack trace showing the crash in the XRef::getEntry function and references a proof-of-concept file hosted externally.
References (4)
Scores
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H