CVE-2022-24960 - OpenCVE

A use after free vulnerability was discovered in PDFTron SDK version 9.2.0. A crafted PDF can overwrite RIP with data previously allocated on the heap. This issue affects: PDFTron PDFTron SDK 9.2.0 on OSX; 9.2.0 on Linux; 9.2.0 on Windows.

No CVSS v4.0

Attack Vector Local

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact Low

User Interaction Required

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:N/AC:M/Au:N/C:N/I:P/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Apple	Macos
Linux	Linux Kernel
Microsoft	Windows
Pdftron	Pdftron

Configuration 1 [-]

AND

cpe:2.3:a:pdftron:pdftron:9.2.0:*:*:*:*:*:*:*

OR	cpe:2.3:a:linux:linux_kernel:-:::::::*
	cpe:2.3:o:apple:macos:-:::::::*
	cpe:2.3:o:microsoft:windows:-:::::::*

No data.

References

Link	Providers
https://github.com/suletm/security_research/blob/main/CVE/CVE-2022-24960.json
https://www.pdftron.com/nightly/#stable/2022-02-08/9.2/

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2022-03-09T06:20:50.785007Z

Updated: 2024-09-17T01:46:59.769Z

Reserved: 2022-02-11T00:00:00

Link: CVE-2022-24960

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2022-03-10T17:46:58.643

Modified: 2022-03-17T19:33:26.600

Link: CVE-2022-24960

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "credits": [{"lang": "en", "value": "Alex Niu, Tofig Suleymanov"}], "datePublic": "2022-03-08T00:00:00", "descriptions": [{"lang": "en", "value": "A use after free vulnerability was discovered in PDFTron SDK version 9.2.0. A crafted PDF can overwrite RIP with data previously allocated on the heap. This issue affects: PDFTron PDFTron SDK 9.2.0 on OSX; 9.2.0 on Linux; 9.2.0 on Windows."}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:L", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2022-03-09T06:20:50", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.pdftron.com/nightly/#stable/2022-02-08/9.2/"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/suletm/security_research/blob/main/CVE/CVE-2022-24960.json"}], "solutions": [{"lang": "en", "value": "Upgrade to 9.2.0 stable: https://www.pdftron.com/nightly/#stable/2022-02-08/9.2/"}], "source": {"discovery": "EXTERNAL"}, "title": "Use after free vulnerability in PDFTron SDK", "workarounds": [{"lang": "en", "value": "No known workarounds exist."}], "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "DATE_PUBLIC": "2022-03-08T08:30:00.000Z", "ID": "CVE-2022-24960", "STATE": "PUBLIC", "TITLE": "Use after free vulnerability in PDFTron SDK"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "credit": [{"lang": "eng", "value": "Alex Niu, Tofig Suleymanov"}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A use after free vulnerability was discovered in PDFTron SDK version 9.2.0. A crafted PDF can overwrite RIP with data previously allocated on the heap. This issue affects: PDFTron PDFTron SDK 9.2.0 on OSX; 9.2.0 on Linux; 9.2.0 on Windows."}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:L", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://www.pdftron.com/nightly/#stable/2022-02-08/9.2/", "refsource": "MISC", "url": "https://www.pdftron.com/nightly/#stable/2022-02-08/9.2/"}, {"name": "https://github.com/suletm/security_research/blob/main/CVE/CVE-2022-24960.json", "refsource": "MISC", "url": "https://github.com/suletm/security_research/blob/main/CVE/CVE-2022-24960.json"}]}, "solution": [{"lang": "en", "value": "Upgrade to 9.2.0 stable: https://www.pdftron.com/nightly/#stable/2022-02-08/9.2/"}], "source": {"discovery": "EXTERNAL"}, "work_around": [{"lang": "en", "value": "No known workarounds exist."}]}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T04:29:01.654Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.pdftron.com/nightly/#stable/2022-02-08/9.2/"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/suletm/security_research/blob/main/CVE/CVE-2022-24960.json"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2022-24960", "datePublished": "2022-03-09T06:20:50.785007Z", "dateReserved": "2022-02-11T00:00:00", "dateUpdated": "2024-09-17T01:46:59.769Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:pdftron:pdftron:9.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "4EC649FA-0E6D-4015-B5F6-A93BF5AC268F", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:a:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "8BA79AC0-A0CC-4EE6-AEF5-9B8C8EA2C9F1", "vulnerable": false}, {"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E", "vulnerable": false}, {"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A use after free vulnerability was discovered in PDFTron SDK version 9.2.0. A crafted PDF can overwrite RIP with data previously allocated on the heap. This issue affects: PDFTron PDFTron SDK 9.2.0 on OSX; 9.2.0 on Linux; 9.2.0 on Windows."}, {"lang": "es", "value": "Se ha detectado una vulnerabilidad de uso de memoria previamente liberada en PDFTron SDK versi\u00f3n 9.2.0 . Un PDF dise\u00f1ado puede sobrescribir el RIP con datos previamente asignados en la pila. Este problema afecta a: PDFTron PDFTron SDK versiones 9.2.0 en OSX; 9.2.0 en Linux; 9.2.0 en Windows"}], "id": "CVE-2022-24960", "lastModified": "2022-03-17T19:33:26.600", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:L", "version": "3.1"}, "exploitabilityScore": 1.0, "impactScore": 5.5, "source": "cve@mitre.org", "type": "Secondary"}]}, "published": "2022-03-10T17:46:58.643", "references": [{"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://github.com/suletm/security_research/blob/main/CVE/CVE-2022-24960.json"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://www.pdftron.com/nightly/#stable/2022-02-08/9.2/"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-416"}], "source": "nvd@nist.gov", "type": "Primary"}]}