Amazon Kindle e-reader prior to and including version 5.13.4 contains an Integer Overflow that leads to a Heap-Based Buffer Overflow in function CJBig2Image::expand() and results in a memory corruption that leads to code execution when parsing a crafted PDF book.
References
Link | Resource |
---|---|
https://research.checkpoint.com/2021/i-can-take-over-your-kindle/ | Exploit Third Party Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Information
Published : 2021-09-01 11:15
Updated : 2021-09-10 07:55
NVD link : CVE-2021-30354
Mitre link : CVE-2021-30354
JSON object : View
CWE
CWE-190
Integer Overflow or Wraparound
Products Affected
amazon
- kindle_firmware
- kindle