CVSS: 8.8EPSS: 0%CPEs: 16EXPL: 0CVE-2017-9776 – poppler: Integer overflow in JBIG2Stream.cc
https://notcve.org/view.php?id=CVE-2017-9776
22 Jun 2017 — Integer overflow leading to Heap buffer overflow in JBIG2Stream.cc in pdftocairo in Poppler before 0.56 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted PDF document. Un desbordamiento de enteros que conduce a un desbordamiento de búfer basado en memoria dinámica (heap) en JBIG2Stream.cc en pdftocairo en Poppler en versiones anteriores a la 0.56 permite que atacantes remotos provoquen una denegación de servicio (cierre inesperad... • http://www.securityfocus.com/bid/99240 • CWE-190: Integer Overflow or Wraparound •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2017-7515 – Ubuntu Security Notice USN-3350-1
https://notcve.org/view.php?id=CVE-2017-7515
06 Jun 2017 — poppler through version 0.55.0 is vulnerable to an uncontrolled recursion in pdfunite resulting into potential denial-of-service. poppler hasta versión 0.55.0, es vulnerable a una recursión no controlada en pdfunite resultando en una potencial denegación de servicio. Aleksandar Nikolic discovered that poppler incorrectly handled JPEG 2000 images. If a user or automated system were tricked into opening a crafted PDF file, an attacker could cause a denial of service or possibly execute arbitrary code with pri... • https://bugs.freedesktop.org/show_bug.cgi?id=101208 • CWE-674: Uncontrolled Recursion •
CVSS: 5.5EPSS: 0%CPEs: 79EXPL: 0CVE-2017-7511 – Ubuntu Security Notice USN-3350-1
https://notcve.org/view.php?id=CVE-2017-7511
30 May 2017 — poppler since version 0.17.3 has been vulnerable to NULL pointer dereference in pdfunite triggered by specially crafted documents. poppler desde versión 0.17.3, ha sido vulnerable a una desreferencia del puntero NULL en pdfunite desencadenada por documentos especialmente diseñados. Aleksandar Nikolic discovered that poppler incorrectly handled JPEG 2000 images. If a user or automated system were tricked into opening a crafted PDF file, an attacker could cause a denial of service or possibly execute arbitrar... • https://cgit.freedesktop.org/poppler/poppler/commit/?id=5c9b08a875b07853be6c44e43ff5f7f059df666a • CWE-476: NULL Pointer Dereference •