Описание
An exploitable heap overflow vulnerability exists in the image rendering functionality of Poppler 0.53.0. A specifically crafted PDF can cause an overly large number of color components during image rendering, resulting in heap corruption. An attacker controlled PDF file can be used to trigger this vulnerability.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | uses system libjpeg |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was not-affected [uses system libjpeg]] |
| esm-infra/xenial | not-affected | uses system libjpeg |
| precise/esm | DNE | |
| trusty | not-affected | uses system libjpeg |
| trusty/esm | DNE | trusty was not-affected [uses system libjpeg] |
| upstream | needs-triage | |
| vivid/ubuntu-core | DNE | |
| xenial | not-affected | uses system libjpeg |
| yakkety | not-affected | uses system libjpeg |
Показывать по
EPSS
6.8 Medium
CVSS2
7.5 High
CVSS3
Связанные уязвимости
An exploitable heap overflow vulnerability exists in the image rendering functionality of Poppler 0.53.0. A specifically crafted PDF can cause an overly large number of color components during image rendering, resulting in heap corruption. An attacker controlled PDF file can be used to trigger this vulnerability.
An exploitable heap overflow vulnerability exists in the image rendering functionality of Poppler 0.53.0. A specifically crafted PDF can cause an overly large number of color components during image rendering, resulting in heap corruption. An attacker controlled PDF file can be used to trigger this vulnerability.
An exploitable heap overflow vulnerability exists in the image renderi ...
An exploitable heap overflow vulnerability exists in the image rendering functionality of Poppler 0.53.0. A specifically crafted PDF can cause an overly large number of color components during image rendering, resulting in heap corruption. An attacker controlled PDF file can be used to trigger this vulnerability.
EPSS
6.8 Medium
CVSS2
7.5 High
CVSS3