activePDF Server < 3.8.6 Packet Handling Remote Overflow (credentialed check)
Critical Nessus Plugin ID 31350
SynopsisThe remote Windows host contains a program that is affected by a buffer overflow vulnerability.
DescriptionactivePDF Server is installed on the remote host. It is used to provide PDF generation and conversion from within enterprise and web applications.
The version of activePDF Server installed on the remote host contains a heap-based buffer overflow that can be triggered by sending a packet specifying a size smaller than the actual size of the following data.
An unauthenticated, remote attacker may be able to leverage this issue to crash the affected service or execute arbitrary code.
Note that the service runs with SYSTEM privileges, so successful exploitation could lead to a complete compromise of the affected host.
SolutionUpgrade to activePDF version 3.8.6 or later and make sure the file version for the affected file is 126.96.36.199 or later.