CVE-2017-9775 – poppler: Stack-buffer overflow in GfxState.cc
https://notcve.org/view.php?id=CVE-2017-9775
Stack buffer overflow in GfxState.cc in pdftocairo in Poppler before 0.56 allows remote attackers to cause a denial of service (application crash) via a crafted PDF document. Un desbordamiento de búfer basado en pila en JBIG2Stream.cc en pdftocairo en Poppler en versiones anteriores a la 0.56 permite que atacantes remotos provoquen una denegación de servicio (cierre inesperado de la aplicación) mediante un documento PDF modificado. A stack-based buffer overflow was found in the poppler library. An attacker could create a malicious PDF file that would cause applications that use poppler (such as Evince) to crash, or potentially execute arbitrary code when opened. • http://www.securityfocus.com/bid/99241 https://access.redhat.com/errata/RHSA-2017:2551 https://bugs.freedesktop.org/show_bug.cgi?id=101540 https://www.debian.org/security/2018/dsa-4079 https://access.redhat.com/security/cve/CVE-2017-9775 https://bugzilla.redhat.com/show_bug.cgi?id=1466442 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-121: Stack-based Buffer Overflow •
CVE-2017-7515
https://notcve.org/view.php?id=CVE-2017-7515
poppler through version 0.55.0 is vulnerable to an uncontrolled recursion in pdfunite resulting into potential denial-of-service. poppler hasta versión 0.55.0, es vulnerable a una recursión no controlada en pdfunite resultando en una potencial denegación de servicio. • https://bugs.freedesktop.org/show_bug.cgi?id=101208 • CWE-674: Uncontrolled Recursion •
CVE-2017-7511
https://notcve.org/view.php?id=CVE-2017-7511
poppler since version 0.17.3 has been vulnerable to NULL pointer dereference in pdfunite triggered by specially crafted documents. poppler desde versión 0.17.3, ha sido vulnerable a una desreferencia del puntero NULL en pdfunite desencadenada por documentos especialmente diseñados. • https://cgit.freedesktop.org/poppler/poppler/commit/?id=5c9b08a875b07853be6c44e43ff5f7f059df666a https://security.gentoo.org/glsa/201801-17 • CWE-476: NULL Pointer Dereference •
CVE-2013-4472
https://notcve.org/view.php?id=CVE-2013-4472
The openTempFile function in goo/gfile.cc in Xpdf and Poppler 0.24.3 and earlier, when running on a system other than Unix, allows local users to overwrite arbitrary files via a symlink attack on temporary files with predictable names. La función openTempFile en goo/gfile.cc en Xpdf y Poppler 0.24.3 y anteriores, cuando funciona en un sistema diferente a Unix, permite a usuarios locales sobrescribir archivos arbitrarios a través de un ataque symlink sobre archivos temporales con nombres previsibles. • http://osvdb.org/99064 http://poppler.freedesktop.org/releases.html http://seclists.org/oss-sec/2013/q4/181 http://seclists.org/oss-sec/2013/q4/183 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVE-2013-7296
https://notcve.org/view.php?id=CVE-2013-7296
The JBIG2Stream::readSegments method in JBIG2Stream.cc in Poppler before 0.24.5 does not use the correct specifier within a format string, which allows context-dependent attackers to cause a denial of service (segmentation fault and application crash) via a crafted PDF file. El método JBIG2Stream :: readSegments en JBIG2Stream.cc en Poppler antes de 0.24.5 no utiliza el especificador correcto dentro de una cadena de formato, que permite a atacantes dependientes de contexto provocar una denegación de servicio (fallo de segmentación y caída de aplicación) a través de un archivo PDF manipulado. • http://cgit.freedesktop.org/poppler/poppler/commit/?id=58e04a08afee39370283c494ee2e4e392fd3b684 http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125710.html http://seclists.org/oss-sec/2014/q1/105 http://seclists.org/oss-sec/2014/q1/97 http://secunia.com/advisories/56567 http://secunia.com/advisories/56776 http://security.gentoo.org/glsa/glsa-201401-21.xml https://bugzilla.redhat.com/show_bug.cgi?id=1048199 https://exchange.xforce.ibmcloud.com/vulnerabilities/90552 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •