Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2019-9200

Опубликовано: 26 фев. 2019
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 6.8
CVSS3: 8.8

Описание

A heap-based buffer underwrite exists in ImageStream::getLine() located at Stream.cc in Poppler 0.74.0 that can (for example) be triggered by sending a crafted PDF file to the pdfimages binary. It allows an attacker to cause Denial of Service (Segmentation fault) or possibly have unspecified other impact.

РелизСтатусПримечание
bionic

released

0.62.0-2ubuntu2.8
cosmic

released

0.68.0-0ubuntu1.6
devel

not-affected

0.76.1-0ubuntu3
disco

released

0.74.0-0ubuntu1.2
esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was released [0.24.5-2ubuntu4.17]]
esm-infra/bionic

not-affected

0.62.0-2ubuntu2.8
esm-infra/xenial

not-affected

0.41.0-0ubuntu1.13
precise/esm

DNE

trusty

released

0.24.5-2ubuntu4.17
trusty/esm

DNE

trusty was released [0.24.5-2ubuntu4.17]

Показывать по

Ссылки на источники

EPSS

Процентиль: 87%
0.03559
Низкий

6.8 Medium

CVSS2

8.8 High

CVSS3

Связанные уязвимости

redhat логотип

CVE-2019-9200

CVSS3: 6.3
redhat
больше 6 лет назад

A heap-based buffer underwrite exists in ImageStream::getLine() located at Stream.cc in Poppler 0.74.0 that can (for example) be triggered by sending a crafted PDF file to the pdfimages binary. It allows an attacker to cause Denial of Service (Segmentation fault) or possibly have unspecified other impact.

nvd логотип

CVE-2019-9200

CVSS3: 8.8
nvd
больше 6 лет назад

A heap-based buffer underwrite exists in ImageStream::getLine() located at Stream.cc in Poppler 0.74.0 that can (for example) be triggered by sending a crafted PDF file to the pdfimages binary. It allows an attacker to cause Denial of Service (Segmentation fault) or possibly have unspecified other impact.

debian логотип

CVE-2019-9200

CVSS3: 8.8
debian
больше 6 лет назад

A heap-based buffer underwrite exists in ImageStream::getLine() locate ...

github логотип

GHSA-g25g-gjmh-hgmj

CVSS3: 8.8
github
около 3 лет назад

A heap-based buffer underwrite exists in ImageStream::getLine() located at Stream.cc in Poppler 0.74.0 that can (for example) be triggered by sending a crafted PDF file to the pdfimages binary. It allows an attacker to cause Denial of Service (Segmentation fault) or possibly have unspecified other impact.

fstec логотип

BDU:2020-01569

CVSS3: 8.8
fstec
больше 6 лет назад

Уязвимость метода ImageStream::getLine из poppler/Stream.cc библиотеки для отображения PDF-файлов Poppler, связанная с записью за границами буфера, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании

EPSS

Процентиль: 87%
0.03559
Низкий

6.8 Medium

CVSS2

8.8 High

CVSS3