CVE-2019-9200 – poppler: heap-based buffer overflow in function ImageStream::getLine() in Stream.cc

https://notcve.org/view.php?id=CVE-2019-9200

26 Feb 2019 — A heap-based buffer underwrite exists in ImageStream::getLine() located at Stream.cc in Poppler 0.74.0 that can (for example) be triggered by sending a crafted PDF file to the pdfimages binary. It allows an attacker to cause Denial of Service (Segmentation fault) or possibly have unspecified other impact. Existe un "infraescritura" de búfer basado en memoria dinámica (heap) en mageStream::getLine() en Stream.cc en la versión 0.74.0 de Poppler que puede, por ejemplo, desencadenarse mediante el envío de un ar... • http://www.securityfocus.com/bid/107172 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •