CVE-2018-19149 – poppler: NULL pointer dereference in _poppler_attachment_new
https://notcve.org/view.php?id=CVE-2018-19149
Poppler before 0.70.0 has a NULL pointer dereference in _poppler_attachment_new when called from poppler_annot_file_attachment_get_attachment. Poppler en versiones anteriores a 0.70.0 tiene una desreferencia de puntero NULL en _poppler_attachment_new cuando se llama desde poppler_annot_fichero_attachment_attachment_get_attachment. • http://www.securityfocus.com/bid/106031 https://access.redhat.com/errata/RHSA-2019:2022 https://gitlab.freedesktop.org/poppler/poppler/issues/664 https://security.gentoo.org/glsa/201904-04 https://usn.ubuntu.com/3837-1 https://usn.ubuntu.com/3837-2 https://access.redhat.com/security/cve/CVE-2018-19149 https://bugzilla.redhat.com/show_bug.cgi?id=1649457 • CWE-476: NULL Pointer Dereference •
CVE-2018-13988 – poppler: out of bounds read in pdfunite
https://notcve.org/view.php?id=CVE-2018-13988
Poppler through 0.62 contains an out of bounds read vulnerability due to an incorrect memory access that is not mapped in its memory space, as demonstrated by pdfunite. This can result in memory corruption and denial of service. This may be exploitable when a victim opens a specially crafted PDF file. Poppler hasta la versión 0.62 contiene una vulnerabilidad de lectura fuera de límites debido a un acceso incorrecto a la memoria que no se mapea en su espacio de memoria, tal y como queda demostrado con pdfunite. Esto puede resultar en la corrupción de memoria y una denegación de servicio (DoS). • http://packetstormsecurity.com/files/148661/PDFunite-0.62.0-Buffer-Overflow.html https://access.redhat.com/errata/RHBA-2019:0327 https://access.redhat.com/errata/RHSA-2018:3140 https://access.redhat.com/errata/RHSA-2018:3505 https://bugzilla.novell.com/show_bug.cgi?id=CVE-2018-13988 https://bugzilla.redhat.com/show_bug.cgi?id=1602838 https://cgit.freedesktop.org/poppler/poppler/commit/?id=004e3c10df0abda214f0c293f9e269fdd979c5ee https://lists.debian.org/debian-lts-announce/2018/10/msg00024.ht • CWE-125: Out-of-bounds Read •
CVE-2017-18267 – poppler: Infinite recursion in fofi/FoFiType1C.cc:FoFiType1C::cvtGlyph() function allows denial of service
https://notcve.org/view.php?id=CVE-2017-18267
The FoFiType1C::cvtGlyph function in fofi/FoFiType1C.cc in Poppler through 0.64.0 allows remote attackers to cause a denial of service (infinite recursion) via a crafted PDF file, as demonstrated by pdftops. La función FoFiType1C::cvtGlyph en fofi/FoFiType1C.cc en Poppler 0.64.0 permite que atacantes remotos provoquen una denegación de servicio (recursión infinita) mediante un archivo PDF manipulado, tal y como demuestra pdftops. • https://access.redhat.com/errata/RHBA-2019:0327 https://access.redhat.com/errata/RHSA-2018:3140 https://access.redhat.com/errata/RHSA-2018:3505 https://bugzilla.freedesktop.org/show_bug.cgi?id=103238 https://lists.debian.org/debian-lts-announce/2018/10/msg00024.html https://lists.debian.org/debian-lts-announce/2020/07/msg00018.html https://usn.ubuntu.com/3647-1 https://access.redhat.com/security/cve/CVE-2017-18267 https://bugzilla.redhat.com/show_bug.cgi?id=1578777 • CWE-674: Uncontrolled Recursion CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVE-2017-2814
https://notcve.org/view.php?id=CVE-2017-2814
An exploitable heap overflow vulnerability exists in the image rendering functionality of Poppler 0.53.0. A specifically crafted pdf can cause an image resizing after allocation has already occurred, resulting in heap corruption which can lead to code execution. An attacker controlled PDF file can be used to trigger this vulnerability. Se presenta una vulnerabilidad de desbordamiento de pila explotable en la funcionalidad de renderizado de imágenes de Poppler versión 0.53.0. Un pdf específicamente creado puede causar un cambio de tamaño de la imagen después de que la asignación ya haya ocurrido, resultando en una corrupción de la pila lo que puede conllevar a la ejecución de código. • http://www.securityfocus.com/bid/99497 https://talosintelligence.com/vulnerability_reports/TALOS-2017-0311 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2017-2818
https://notcve.org/view.php?id=CVE-2017-2818
An exploitable heap overflow vulnerability exists in the image rendering functionality of Poppler 0.53.0. A specifically crafted PDF can cause an overly large number of color components during image rendering, resulting in heap corruption. An attacker controlled PDF file can be used to trigger this vulnerability. Se presenta una vulnerabilidad de desbordamiento de pila explotable en la funcionalidad de renderizado de imágenes de Poppler versión 0.53.0. Un PDF específicamente creado puede causar un número excesivamente grande de componentes de color durante el renderizado de imágenes, resultando en una corrupción de la pila. • http://www.securityfocus.com/bid/99497 https://talosintelligence.com/vulnerability_reports/TALOS-2017-0319 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •