CNNVD-202508-100 Information

Aug 01, 2025 cve

CNNVD ID

CNNVD-202508-100

CVE-2013-10057

CNNVD Published: 2025-08-01

Description (Chinese)

Synactis PDF In-The-Box是法国Synactis公司的一个PDF的生成与操作组件。 Synactis PDF In-The-Box存在安全漏洞，该漏洞源于ConnectToSynactis方法存在缓冲区溢出，可能导致远程代码执行。

Description (English)

Synfactis PDF In-The-Box is a PDF generation and operation component of the French company Synfactis. Synactis PDF In-The-Box has a security loophole, which stems from a buffer zone spill over the ConnectToSynactis method, which may lead to remote code implementation.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Synactis

Published

2025-08-01

Last Modified

2026-02-24

References

https://www.vulncheck.com/advisories/synactis-pdf-in-the-box-connectosynactic-stack-based-buffer-overflow https://www.fortiguard.com/encyclopedia/ips/35840/synactis-pdf-in-the-box-connecttosynactic-buffer-overflow https://www.exploit-db.com/exploits/25835 https://www.synactis.com/pdf-in-the-box.htm https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/browser/synactis_connecttosynactis_bof.rb https://access.redhat.com/security/cve/cve-2013-10057

Share on: