CVE-2017-18184

Опубликовано: 23 авг. 2017

Источник: redhat

CVSS3: 3.3

Описание

An issue was discovered in QPDF before 7.0.0. There is a stack-based out-of-bounds read in the function iterate_rc4 in QPDF_encryption.cc.

A stack-based out-of-bounds read flaw was found in the way QPDF parsed PDF files. An attacker could potentially use this flaw to crash QPDF, under certain conditions, by tricking it into processing crafted QPDF files.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat Enterprise Linux 7	qpdf	Will not fix
Red Hat Enterprise Linux 8	qpdf	Not affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low

Дефект:

CWE-125

https://bugzilla.redhat.com/show_bug.cgi?id=1545278qpdf: out-of-bounds read in iterate_rc4 in QPDF_encryption.cc

3.3 Low

CVSS3

Связанные уязвимости

CVE-2017-18184

CVSS3: 5.5

ubuntu

почти 8 лет назад

An issue was discovered in QPDF before 7.0.0. There is a stack-based out-of-bounds read in the function iterate_rc4 in QPDF_encryption.cc.

CVE-2017-18184

CVSS3: 5.5

nvd

почти 8 лет назад

An issue was discovered in QPDF before 7.0.0. There is a stack-based out-of-bounds read in the function iterate_rc4 in QPDF_encryption.cc.

CVE-2017-18184

CVSS3: 5.5

debian

почти 8 лет назад

An issue was discovered in QPDF before 7.0.0. There is a stack-based o ...

GHSA-f5x9-mwv6-rmv7

CVSS3: 5.5

github

больше 3 лет назад

An issue was discovered in QPDF before 7.0.0. There is a stack-based out-of-bounds read in the function iterate_rc4 in QPDF_encryption.cc.

3.3 Low

CVSS3