Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2018-10768

Опубликовано: 05 мая 2018
Источник: redhat
CVSS3: 3.3
EPSS Низкий

Описание

There is a NULL pointer dereference in the AnnotPath::getCoordsLength function in Annot.h in an Ubuntu package for Poppler 0.24.5. A crafted input will lead to a remote denial of service attack. Later Ubuntu packages such as for Poppler 0.41.0 are not affected.

Отчет

Red Hat Product Security has rated this issue as having low security impact and a future update may address this flaw.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5popplerNot affected
Red Hat Enterprise Linux 6popplerNot affected
Red Hat Enterprise Linux 8popplerNot affected
Red Hat Enterprise Linux 7accountsserviceFixedRHSA-2018:314030.10.2018
Red Hat Enterprise Linux 7adwaita-icon-themeFixedRHSA-2018:314030.10.2018
Red Hat Enterprise Linux 7appstream-dataFixedRHSA-2018:314030.10.2018
Red Hat Enterprise Linux 7atkFixedRHSA-2018:314030.10.2018
Red Hat Enterprise Linux 7at-spi2-atkFixedRHSA-2018:314030.10.2018
Red Hat Enterprise Linux 7at-spi2-coreFixedRHSA-2018:314030.10.2018
Red Hat Enterprise Linux 7baobabFixedRHSA-2018:314030.10.2018

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low
Дефект:
CWE-476
https://bugzilla.redhat.com/show_bug.cgi?id=1576169poppler: NULL pointer dereference in Annot.h:AnnotPath::getCoordsLength() allows for denial of service via crafted PDF

EPSS

Процентиль: 82%
0.01853
Низкий

3.3 Low

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2018-10768

CVSS3: 6.5
ubuntu
больше 7 лет назад

There is a NULL pointer dereference in the AnnotPath::getCoordsLength function in Annot.h in an Ubuntu package for Poppler 0.24.5. A crafted input will lead to a remote denial of service attack. Later Ubuntu packages such as for Poppler 0.41.0 are not affected.

nvd логотип

CVE-2018-10768

CVSS3: 6.5
nvd
больше 7 лет назад

There is a NULL pointer dereference in the AnnotPath::getCoordsLength function in Annot.h in an Ubuntu package for Poppler 0.24.5. A crafted input will lead to a remote denial of service attack. Later Ubuntu packages such as for Poppler 0.41.0 are not affected.

debian логотип

CVE-2018-10768

CVSS3: 6.5
debian
больше 7 лет назад

There is a NULL pointer dereference in the AnnotPath::getCoordsLength ...

github логотип

GHSA-vj6w-p4m3-pj3w

CVSS3: 6.5
github
больше 3 лет назад

There is a NULL pointer dereference in the AnnotPath::getCoordsLength function in Annot.h in an Ubuntu package for Poppler 0.24.5. A crafted input will lead to a remote denial of service attack. Later Ubuntu packages such as for Poppler 0.41.0 are not affected.

fstec логотип

BDU:2022-05816

CVSS3: 6.5
fstec
больше 7 лет назад

Уязвимость функции Annot.h:AnnotPath::getCoordsLength() библиотеки для отображения PDF-файлов Poppler, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 82%
0.01853
Низкий

3.3 Low

CVSS3