CVE-2012-4914

critical

Published 2013-01-26 · Modified 2026-04-29

CVSS v3

—

CVSS v2

9.3

VIR risk

9.3

Description

Stack-based buffer overflow in the reader in CoolPDF 3.0.2.256 allows remote attackers to execute arbitrary code via a PDF document with a crafted stream.

Predictions

Exploit likelihood

20%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: PSIRT-CNA@flexerasoftware.com — http://secunia.com/advisories/51602

Application impact

Vendor	Product	Versions	Fixed
coolpdf	coolpdf	`3.0.2.256`

References

http://secunia.com/advisories/51602
http://www.protekresearchlab.com/index.php?option=com_content&view=article&id=70&Itemid=70
http://secunia.com/advisories/51602
http://www.protekresearchlab.com/index.php?option=com_content&view=article&id=70&Itemid=70

CWEs

CWE-119

Verify integrity in audit chain (admin only). AS-IS.