Описание
The FoFiType1C::cvtGlyph function in fofi/FoFiType1C.cc in Poppler through 0.64.0 allows remote attackers to cause a denial of service (infinite recursion) via a crafted PDF file, as demonstrated by pdftops.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | released | 0.57.0-2ubuntu4.3 |
| bionic | released | 0.62.0-2ubuntu2.1 |
| devel | released | 0.62.0-2ubuntu3 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was released [0.24.5-2ubuntu4.11]] |
| esm-infra/bionic | released | 0.62.0-2ubuntu2.1 |
| esm-infra/xenial | released | 0.41.0-0ubuntu1.7 |
| precise/esm | DNE | |
| trusty | released | 0.24.5-2ubuntu4.11 |
| trusty/esm | DNE | trusty was released [0.24.5-2ubuntu4.11] |
| upstream | needs-triage |
Показывать по
EPSS
4.3 Medium
CVSS2
5.5 Medium
CVSS3
Связанные уязвимости
The FoFiType1C::cvtGlyph function in fofi/FoFiType1C.cc in Poppler through 0.64.0 allows remote attackers to cause a denial of service (infinite recursion) via a crafted PDF file, as demonstrated by pdftops.
The FoFiType1C::cvtGlyph function in fofi/FoFiType1C.cc in Poppler through 0.64.0 allows remote attackers to cause a denial of service (infinite recursion) via a crafted PDF file, as demonstrated by pdftops.
The FoFiType1C::cvtGlyph function in fofi/FoFiType1C.cc in Poppler thr ...
The FoFiType1C::cvtGlyph function in fofi/FoFiType1C.cc in Poppler through 0.64.0 allows remote attackers to cause a denial of service (infinite recursion) via a crafted PDF file, as demonstrated by pdftops.
Уязвимость функции FoFiType1C::cvtGlyph библиотеки для рендеринга PDF-файлов Poppler, связанная с бесконечной работой цикла, позволяющая нарушителю вызвать отказ в обслуживании
EPSS
4.3 Medium
CVSS2
5.5 Medium
CVSS3