Описание
Integer overflow in the ObjectStream::ObjectStream function in XRef.cc in Xpdf 3.x before 3.02pl4 and Poppler before 0.12.1, as used in GPdf, kdegraphics KPDF, CUPS pdftops, and teTeX, might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | DNE | |
| bionic | DNE | |
| cosmic | DNE | |
| dapper | ignored | end of life |
| devel | DNE | |
| disco | DNE | |
| eoan | DNE | |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/focal | DNE | |
| focal | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | ignored | end of life |
| bionic | ignored | end of standard support, was needs-triage |
| cosmic | ignored | end of life |
| dapper | ignored | end of life |
| devel | needs-triage | |
| disco | ignored | end of life |
| eoan | ignored | end of life |
| esm-apps/bionic | needs-triage | |
| esm-apps/focal | needs-triage | |
| esm-apps/jammy | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | DNE | |
| bionic | DNE | |
| cosmic | DNE | |
| dapper | not-affected | linked to poppler |
| devel | DNE | |
| disco | DNE | |
| eoan | DNE | |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/focal | DNE | |
| focal | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | DNE | |
| bionic | DNE | |
| cosmic | DNE | |
| dapper | ignored | end of life |
| devel | DNE | |
| disco | DNE | |
| eoan | DNE | |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/focal | DNE | |
| focal | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | ignored | end of life |
| bionic | not-affected | does not use xpdf anymore |
| cosmic | ignored | end of life |
| dapper | ignored | end of life |
| devel | not-affected | does not use xpdf anymore |
| disco | ignored | end of life |
| eoan | ignored | end of life |
| esm-apps/bionic | not-affected | does not use xpdf anymore |
| esm-apps/focal | not-affected | does not use xpdf anymore |
| esm-apps/jammy | not-affected | does not use xpdf anymore |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | DNE | |
| bionic | DNE | |
| cosmic | DNE | |
| dapper | ignored | end of life |
| devel | DNE | |
| disco | DNE | |
| eoan | DNE | |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/focal | DNE | |
| focal | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | DNE | |
| bionic | DNE | |
| cosmic | DNE | |
| dapper | ignored | end of life |
| devel | DNE | |
| disco | DNE | |
| eoan | DNE | |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/focal | DNE | |
| focal | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | released | 0.12.2-2.1ubuntu1 |
| bionic | released | 0.12.2-2.1ubuntu1 |
| cosmic | released | 0.12.2-2.1ubuntu1 |
| dapper | released | 0.5.1-0ubuntu7.6 |
| devel | released | 0.12.2-2.1ubuntu1 |
| disco | released | 0.12.2-2.1ubuntu1 |
| eoan | released | 0.12.2-2.1ubuntu1 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was released [0.12.2-2.1ubuntu1]] |
| esm-infra/bionic | not-affected | 0.12.2-2.1ubuntu1 |
| esm-infra/focal | not-affected | 0.12.2-2.1ubuntu1 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | DNE | |
| bionic | DNE | |
| cosmic | DNE | |
| dapper | not-affected | linked to poppler |
| devel | DNE | |
| disco | DNE | |
| eoan | DNE | |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/focal | DNE | |
| focal | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | not-affected | linked to poppler |
| bionic | not-affected | linked to poppler |
| cosmic | not-affected | linked to poppler |
| dapper | DNE | |
| devel | not-affected | linked to poppler |
| disco | not-affected | linked to poppler |
| eoan | not-affected | linked to poppler |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was not-affected [linked to poppler]] |
| esm-infra/bionic | not-affected | linked to poppler |
| esm-infra/focal | not-affected | linked to poppler |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | not-affected | 3.02-2 |
| bionic | not-affected | 3.02-2 |
| cosmic | not-affected | 3.02-2 |
| dapper | ignored | end of life |
| devel | not-affected | |
| disco | not-affected | 3.02-2 |
| eoan | not-affected | 3.02-2 |
| esm-apps/bionic | not-affected | 3.02-2 |
| esm-apps/jammy | not-affected | |
| esm-apps/noble | not-affected |
Показывать по
EPSS
9.3 Critical
CVSS2
Связанные уязвимости
Integer overflow in the ObjectStream::ObjectStream function in XRef.cc in Xpdf 3.x before 3.02pl4 and Poppler before 0.12.1, as used in GPdf, kdegraphics KPDF, CUPS pdftops, and teTeX, might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow.
Integer overflow in the ObjectStream::ObjectStream function in XRef.cc in Xpdf 3.x before 3.02pl4 and Poppler before 0.12.1, as used in GPdf, kdegraphics KPDF, CUPS pdftops, and teTeX, might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow.
Integer overflow in the ObjectStream::ObjectStream function in XRef.cc ...
Integer overflow in the ObjectStream::ObjectStream function in XRef.cc in Xpdf 3.x before 3.02pl4 and Poppler before 0.12.1, as used in GPdf, kdegraphics KPDF, CUPS pdftops, and teTeX, might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow.
EPSS
9.3 Critical
CVSS2