CVE-2013-4986
UnknownEPSS 4.08%
Last modified
CVE-2013-4986 is a vulnerability of currently unknown severity. Stack-based buffer overflow in PDFAX0722_IconCool.dll 7.22.1125.2121 in IconCool PDFCool Studio 3.32 Build 130330 and earlier allows remote attackers to execute arbitrary code via a crafted PDF file.. EPSS estimates a 4.08% chance of exploitation in the next 30 days.
Description
Stack-based buffer overflow in PDFAX0722_IconCool.dll 7.22.1125.2121 in IconCool PDFCool Studio 3.32 Build 130330 and earlier allows remote attackers to execute arbitrary code via a crafted PDF file.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions | Update |
|---|---|---|---|
| Iconcool | Pdfcool Studio | <= 3.32 | Build130330 |
| Iconcool | Pdfcool Studio | 2.0 | Build110427 |
| Iconcool | Pdfcool Studio | 2.5 | Build120405 |
| Iconcool | Pdfcool Studio | 2.6 | Build120405 |
| Iconcool | Pdfcool Studio | 2.7 | Build120405 |
| Iconcool | Pdfcool Studio | 2.8 | Build120518 |
| Iconcool | Pdfcool Studio | 2.10 | Build110519 |
| Iconcool | Pdfcool Studio | 2.12 | Build110528 |
| Iconcool | Pdfcool Studio | 2.14 | Build110608 |
| Iconcool | Pdfcool Studio | 2.16 | Build110612 |
| Iconcool | Pdfcool Studio | 2.20 | Build110707 |
| Iconcool | Pdfcool Studio | 2.24 | Build1110801 |
| Iconcool | Pdfcool Studio | 2.26 | Build110823 |
| Iconcool | Pdfcool Studio | 2.30 | Build110920 |
| Iconcool | Pdfcool Studio | 2.40 | Build111016 |
| Iconcool | Pdfcool Studio | 3.0 | Build121022 |
References
- http://secunia.com/advisories/55058Vendor Advisory
- http://secunia.com/advisories/55058Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2013-4986?
Stack-based buffer overflow in PDFAX0722_IconCool.dll 7.22.1125.2121 in IconCool PDFCool Studio 3.32 Build 130330 and earlier allows remote attackers to execute arbitrary code via a crafted PDF file.
How severe is CVE-2013-4986?
Severity scoring for CVE-2013-4986 is pending analysis. The EPSS model estimates a 4.08% probability of exploitation in the next 30 days.
How do I fix CVE-2013-4986?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.
Are you affected by CVE-2013-4986?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST