VYPR
Unrated severityNVD Advisory· Published Sep 2, 2009· Updated Jun 16, 2026

CVE-2009-3050

CVE-2009-3050

Description

Buffer overflow in the set_page_size function in util.cxx in HTMLDOC 1.8.27 and earlier allows context-dependent attackers to execute arbitrary code via a long MEDIA SIZE comment. NOTE: it was later reported that there were additional vectors in htmllib.cxx and ps-pdf.cxx using an AFM font file with a long glyph name, but these vectors do not cross privilege boundaries.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

6
  • Htmldoc/Htmldoc5 versions
    cpe:2.3:a:htmldoc:htmldoc:*:*:*:*:*:*:*:*+ 4 more
    • cpe:2.3:a:htmldoc:htmldoc:*:*:*:*:*:*:*:*range: <=1.8.27
    • cpe:2.3:a:htmldoc:htmldoc:1.8.24:*:*:*:*:*:*:*
    • cpe:2.3:a:htmldoc:htmldoc:1.8.25:*:*:*:*:*:*:*
    • cpe:2.3:a:htmldoc:htmldoc:1.8.26:*:*:*:*:*:*:*
    • (no CPE)range: <=1.8.27

Patches

Vulnerability mechanics

References

7

News mentions

0

No linked articles in our index yet.