CVE-2018-13988

Опубликовано: 23 июл. 2018

Источник: redhat

CVSS3: 5.3

EPSS Низкий

Описание

Poppler through 0.62 contains an out of bounds read vulnerability due to an incorrect memory access that is not mapped in its memory space, as demonstrated by pdfunite. This can result in memory corruption and denial of service. This may be exploitable when a victim opens a specially crafted PDF file.

Отчет

Red Hat Product Security has rated this issue as having a security impact of Low, and a future update may address this flaw.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat Enterprise Linux 5	poppler	Will not fix
Red Hat Enterprise Linux 6	poppler	Will not fix
Red Hat Enterprise Linux 8	poppler	Not affected
Red Hat Enterprise Linux 7	accountsservice	Fixed	RHSA-2018:3140	30.10.2018
Red Hat Enterprise Linux 7	adwaita-icon-theme	Fixed	RHSA-2018:3140	30.10.2018
Red Hat Enterprise Linux 7	appstream-data	Fixed	RHSA-2018:3140	30.10.2018
Red Hat Enterprise Linux 7	atk	Fixed	RHSA-2018:3140	30.10.2018
Red Hat Enterprise Linux 7	at-spi2-atk	Fixed	RHSA-2018:3140	30.10.2018
Red Hat Enterprise Linux 7	at-spi2-core	Fixed	RHSA-2018:3140	30.10.2018
Red Hat Enterprise Linux 7	baobab	Fixed	RHSA-2018:3140	30.10.2018

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low

Дефект:

CWE-125

https://bugzilla.redhat.com/show_bug.cgi?id=1602838poppler: out of bounds read in pdfunite

EPSS

Процентиль: 74%

0.00841

Низкий

5.3 Medium

CVSS3

Связанные уязвимости

CVE-2018-13988

CVSS3: 6.5

ubuntu

больше 7 лет назад

CVE-2018-13988

CVSS3: 6.5

nvd

больше 7 лет назад

CVE-2018-13988

CVSS3: 6.5

debian

больше 7 лет назад

Poppler through 0.62 contains an out of bounds read vulnerability due ...

GHSA-hj59-vghc-34x7

CVSS3: 6.5

github

больше 3 лет назад

ELSA-2018-3140

oracle-oval

около 7 лет назад

ELSA-2018-3140: GNOME security, bug fix, and enhancement update (MODERATE)

EPSS

Процентиль: 74%

0.00841

Низкий

5.3 Medium

CVSS3