Back to search
CVE-2018-20662
Published: Jan 3, 2019
Modified: Aug 5, 2024
PUBLISHED
Description
In Poppler 0.72.0, PDFDoc::setup in PDFDoc.cc allows attackers to cause a denial-of-service (application crash caused by Object.h SIGABRT, because of a wrong return value from PDFDoc::setup) by crafting a PDF file in which an xref data structure is mishandled during extractPDFSubtype processing.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
https://gitlab.freedesktop.org/poppler/poppler/issues/706
x_refsource_MISC
[debian-lts-announce] 20190308 [SECURITY] [DLA 1706-1] poppler security update
mailing-list
x_refsource_MLIST
FEDORA-2019-8b5e704a73
vendor-advisory
x_refsource_FEDORA
FEDORA-2019-14040bfa27
vendor-advisory
x_refsource_FEDORA
FEDORA-2019-13ba3be562
vendor-advisory
x_refsource_FEDORA
FEDORA-2019-d04944813d
vendor-advisory
x_refsource_FEDORA
USN-4042-1
vendor-advisory
x_refsource_UBUNTU
RHSA-2019:2022
vendor-advisory
x_refsource_REDHAT
RHSA-2019:2713
vendor-advisory
x_refsource_REDHAT
[debian-lts-announce] 20201108 [SECURITY] [DLA 2440-1] poppler security update
mailing-list
x_refsource_MLIST
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now