CVE-2019-9589

Опубликовано: 06 мар. 2019

Источник: ubuntu

Приоритет: low

EPSS Низкий

CVSS2: 6.8

CVSS3: 7.8

Описание

There is a NULL pointer dereference vulnerability in PSOutputDev::setupResources() located in PSOutputDev.cc in Xpdf 4.01. It can be triggered by sending a crafted pdf file to (for example) the pdftops binary. It allows an attacker to cause Denial of Service (Segmentation fault) or possibly have unspecified other impact.

Релиз	Статус	Примечание
bionic	not-affected	code not present
cosmic	ignored	end of life
devel	not-affected	code not present
disco	not-affected	code not present
eoan	not-affected	code not present
esm-apps/bionic	not-affected	code not present
esm-apps/focal	not-affected	code not present
esm-apps/jammy	not-affected	code not present
esm-apps/xenial	not-affected	code not present
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was needs-triage]

Показывать по

Релиз	Статус	Примечание
bionic	not-affected	code not present
cosmic	ignored	end of life
devel	not-affected	code not present
disco	not-affected	code not present
eoan	not-affected	code not present
esm-apps/bionic	not-affected	code not present
esm-apps/focal	not-affected	code not present
esm-apps/jammy	not-affected	code not present
esm-apps/xenial	not-affected	code not present
esm-infra-legacy/trusty	not-affected	code not present

Показывать по

Релиз	Статус	Примечание
bionic	not-affected	0.62.0-2ubuntu2.8
cosmic	not-affected	0.68.0-0ubuntu1.6
devel	not-affected	0.76.1-0ubuntu3
disco	not-affected	0.74.0-0ubuntu1.1
eoan	not-affected	0.76.1-0ubuntu3
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was needs-triage]
esm-infra/bionic	not-affected	0.62.0-2ubuntu2.8
esm-infra/focal	not-affected	0.76.1-0ubuntu3
esm-infra/xenial	not-affected	0.41.0-0ubuntu1.13
focal	not-affected	0.76.1-0ubuntu3

Показывать по

Релиз	Статус	Примечание
bionic	not-affected	code not present
cosmic	not-affected	2018.20180824.48463-1ubuntu0.1
devel	not-affected	2018.20181218.49446-2
disco	not-affected	2018.20181218.49446-2
eoan	not-affected	2018.20181218.49446-2
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was needs-triage]
esm-infra/bionic	not-affected	code not present
esm-infra/focal	not-affected	2018.20181218.49446-2
esm-infra/xenial	not-affected	code not present
focal	not-affected	2018.20181218.49446-2

Показывать по

Релиз	Статус	Примечание
bionic	DNE
cosmic	DNE
devel	DNE
disco	DNE
eoan	DNE
esm-infra-legacy/trusty	DNE
esm-infra/focal	DNE
focal	DNE
groovy	DNE
hirsute	DNE

Показывать по

Релиз	Статус	Примечание
bionic	not-affected	code not present
cosmic	ignored	end of life
devel	not-affected	code not present
disco	ignored	end of life
eoan	ignored	end of life
esm-apps/bionic	not-affected	code not present
esm-apps/jammy	not-affected	code not present
esm-apps/xenial	not-affected	code not present
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was needs-triage]
esm-infra/focal	DNE

Показывать по

Ссылки на источники

EPSS

Процентиль: 48%

0.00248

Низкий

6.8 Medium

CVSS2

7.8 High

CVSS3

Связанные уязвимости

CVE-2019-9589

CVSS3: 7.8

nvd

почти 7 лет назад

CVE-2019-9589

CVSS3: 7.8

debian

почти 7 лет назад

There is a NULL pointer dereference vulnerability in PSOutputDev::setu ...

GHSA-rqjc-3v8q-4cw6

CVSS3: 7.8

github

больше 3 лет назад

EPSS

Процентиль: 48%

0.00248

Низкий

6.8 Medium

CVSS2

7.8 High

CVSS3

CVE-2019-9589

Описание

Пакет ipe

Пакет libextractor

Пакет poppler

Пакет texlive-bin

Пакет utopia-documents

Пакет xpdf

Ссылки на источники

Связанные уязвимости