CVE-2013-5447
50Vexday Risk Score
Patch soon. It has a working public exploit.
ssvc Attendepss 34%
from disclosure to weapon28 days
Published on NVDDec 10
1st PoC+28d
metasploitDec 5
exploitation probability
34%top 2% of all CVEs
observed exploitation
nono source reports it
3 public exploit(s)
Stack-based buffer overflow in IBM Forms Viewer 4.x before 4.0.0.3 and 8.x before 8.0.1.1 allows remote attackers to execute arbitrary code via an XFDL form with a long fontname value.
Affected products
n/a · n/apublic PoCs found — 3
cve_referencepacketstormsecurity.com/files/124658unverifiedcve_referencewww.exploit-db.com/exploits/30789unverifiedexploitdbwww.exploit-db.com/exploits/30789unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
References
http://packetstormsecurity.com/files/124658https://exchange.xforce.ibmcloud.com/vulnerabilities/87911http://www-01.ibm.com/support/docview.wss?uid=swg1LO78184http://www-01.ibm.com/support/docview.wss?uid=swg21657500http://www.exploit-db.com/exploits/30789http://www.zerodayinitiative.com/advisories/ZDI-13-274/