Описание
An exploitable integer overflow vulnerability exists in the JPEG 2000 image parsing functionality of freedesktop.org Poppler 0.53.0. A specially crafted PDF file can lead to an integer overflow causing out of bounds memory overwrite on the heap resulting in potential arbitrary code execution. To trigger this vulnerability, a victim must open the malicious PDF in an application using this library.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 0.48.0-2ubuntu3 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was released [0.24.5-2ubuntu4.5]] |
| esm-infra/xenial | released | 0.41.0-0ubuntu1.2 |
| precise/esm | DNE | |
| trusty | released | 0.24.5-2ubuntu4.5 |
| trusty/esm | DNE | trusty was released [0.24.5-2ubuntu4.5] |
| upstream | needs-triage | |
| vivid/ubuntu-core | DNE | |
| xenial | released | 0.41.0-0ubuntu1.2 |
| yakkety | released | 0.44.0-3ubuntu2.1 |
Показывать по
EPSS
6.8 Medium
CVSS2
8.8 High
CVSS3
Связанные уязвимости
An exploitable integer overflow vulnerability exists in the JPEG 2000 image parsing functionality of freedesktop.org Poppler 0.53.0. A specially crafted PDF file can lead to an integer overflow causing out of bounds memory overwrite on the heap resulting in potential arbitrary code execution. To trigger this vulnerability, a victim must open the malicious PDF in an application using this library.
An exploitable integer overflow vulnerability exists in the JPEG 2000 image parsing functionality of freedesktop.org Poppler 0.53.0. A specially crafted PDF file can lead to an integer overflow causing out of bounds memory overwrite on the heap resulting in potential arbitrary code execution. To trigger this vulnerability, a victim must open the malicious PDF in an application using this library.
An exploitable integer overflow vulnerability exists in the JPEG 2000 ...
An exploitable integer overflow vulnerability exists in the JPEG 2000 image parsing functionality of freedesktop.org Poppler 0.53.0. A specially crafted PDF file can lead to an integer overflow causing out of bounds memory overwrite on the heap resulting in potential arbitrary code execution. To trigger this vulnerability, a victim must open the malicious PDF in an application using this library.
EPSS
6.8 Medium
CVSS2
8.8 High
CVSS3