Описание
There is a NULL pointer dereference in the AnnotPath::getCoordsLength function in Annot.h in an Ubuntu package for Poppler 0.24.5. A crafted input will lead to a remote denial of service attack. Later Ubuntu packages such as for Poppler 0.41.0 are not affected.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | not-affected | |
| bionic | not-affected | |
| devel | not-affected | |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was released [0.24.5-2ubuntu4.11]] |
| esm-infra/bionic | not-affected | |
| esm-infra/xenial | not-affected | |
| precise/esm | DNE | |
| trusty | released | 0.24.5-2ubuntu4.11 |
| trusty/esm | DNE | trusty was released [0.24.5-2ubuntu4.11] |
| upstream | needs-triage |
Показывать по
4.3 Medium
CVSS2
6.5 Medium
CVSS3
Связанные уязвимости
There is a NULL pointer dereference in the AnnotPath::getCoordsLength function in Annot.h in an Ubuntu package for Poppler 0.24.5. A crafted input will lead to a remote denial of service attack. Later Ubuntu packages such as for Poppler 0.41.0 are not affected.
There is a NULL pointer dereference in the AnnotPath::getCoordsLength function in Annot.h in an Ubuntu package for Poppler 0.24.5. A crafted input will lead to a remote denial of service attack. Later Ubuntu packages such as for Poppler 0.41.0 are not affected.
There is a NULL pointer dereference in the AnnotPath::getCoordsLength ...
There is a NULL pointer dereference in the AnnotPath::getCoordsLength function in Annot.h in an Ubuntu package for Poppler 0.24.5. A crafted input will lead to a remote denial of service attack. Later Ubuntu packages such as for Poppler 0.41.0 are not affected.
Уязвимость функции Annot.h:AnnotPath::getCoordsLength() библиотеки для отображения PDF-файлов Poppler, позволяющая нарушителю вызвать отказ в обслуживании
4.3 Medium
CVSS2
6.5 Medium
CVSS3