CVE-2015-9252

Опубликовано: 13 фев. 2018

Источник: debian

Описание

An issue was discovered in QPDF before 7.0.0. Endless recursion causes stack exhaustion in QPDFTokenizer::resolveLiteral() in QPDFTokenizer.cc, related to the QPDF::resolve function in QPDF.cc.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
qpdf	fixed	7.0.0-1		package
qpdf	no-dsa		stretch	package
qpdf	no-dsa		jessie	package
qpdf	no-dsa		wheezy	package

Примечания

https://github.com/qpdf/qpdf/commit/701b518d5c56a1449825a3a37a716c58e05e1c3e
https://github.com/qpdf/qpdf/issues/51

Связанные уязвимости

CVE-2015-9252

CVSS3: 5.5

ubuntu

почти 8 лет назад

An issue was discovered in QPDF before 7.0.0. Endless recursion causes stack exhaustion in QPDFTokenizer::resolveLiteral() in QPDFTokenizer.cc, related to the QPDF::resolve function in QPDF.cc.

CVE-2015-9252

CVSS3: 3.3

redhat

больше 10 лет назад

An issue was discovered in QPDF before 7.0.0. Endless recursion causes stack exhaustion in QPDFTokenizer::resolveLiteral() in QPDFTokenizer.cc, related to the QPDF::resolve function in QPDF.cc.

CVE-2015-9252

CVSS3: 5.5

nvd

почти 8 лет назад

An issue was discovered in QPDF before 7.0.0. Endless recursion causes stack exhaustion in QPDFTokenizer::resolveLiteral() in QPDFTokenizer.cc, related to the QPDF::resolve function in QPDF.cc.

GHSA-8xcr-vf9j-wxvr

CVSS3: 5.5

github

больше 3 лет назад

An issue was discovered in QPDF before 7.0.0. Endless recursion causes stack exhaustion in QPDFTokenizer::resolveLiteral() in QPDFTokenizer.cc, related to the QPDF::resolve function in QPDF.cc.