CVE-2017-1000456

Опубликовано: 05 окт. 2017

Источник: redhat

CVSS3: 7.3

Описание

freedesktop.org libpoppler 0.60.1 fails to validate boundaries in TextPool::addWord, leading to overflow in subsequent calculations.

Платформа	Пакет	Состояние
Red Hat Enterprise Linux 5	poppler	Will not fix
Red Hat Enterprise Linux 6	poppler	Will not fix
Red Hat Enterprise Linux 7	poppler	Will not fix
Red Hat Enterprise Linux 8	poppler	Not affected

Показывать по

Статус:

Moderate

Дефект:

CWE-682->CWE-125

https://bugzilla.redhat.com/show_bug.cgi?id=1531382poppler: Invalid read in TextPool::addWord() causes crash and can lead to overflow in subsequent calculations

7.3 High

CVSS3

CVE-2017-1000456

CVSS3: 8.8

ubuntu

около 8 лет назад

freedesktop.org libpoppler 0.60.1 fails to validate boundaries in TextPool::addWord, leading to overflow in subsequent calculations.

CVE-2017-1000456

CVSS3: 8.8

nvd

около 8 лет назад

freedesktop.org libpoppler 0.60.1 fails to validate boundaries in TextPool::addWord, leading to overflow in subsequent calculations.

CVE-2017-1000456

CVSS3: 8.8

debian

около 8 лет назад

freedesktop.org libpoppler 0.60.1 fails to validate boundaries in Text ...

GHSA-54wv-g6q8-8695

CVSS3: 8.8

github

больше 3 лет назад

freedesktop.org libpoppler 0.60.1 fails to validate boundaries in TextPool::addWord, leading to overflow in subsequent calculations.

SUSE-SU-2018:1691-1

suse-cvrf

больше 7 лет назад

Security update for poppler

7.3 High

CVSS3