Back to search
CVE-2019-9200
Published: Feb 26, 2019
Modified: Aug 4, 2024
PUBLISHED
Description
A heap-based buffer underwrite exists in ImageStream::getLine() located at Stream.cc in Poppler 0.74.0 that can (for example) be triggered by sending a crafted PDF file to the pdfimages binary. It allows an attacker to cause Denial of Service (Segmentation fault) or possibly have unspecified other impact.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
https://gitlab.freedesktop.org/poppler/poppler/issues/728
x_refsource_MISC
107172
vdb-entry
x_refsource_BID
USN-3905-1
vendor-advisory
x_refsource_UBUNTU
[debian-lts-announce] 20190308 [SECURITY] [DLA 1706-1] poppler security update
mailing-list
x_refsource_MLIST
FEDORA-2019-14040bfa27
vendor-advisory
x_refsource_FEDORA
FEDORA-2019-13ba3be562
vendor-advisory
x_refsource_FEDORA
FEDORA-2019-d04944813d
vendor-advisory
x_refsource_FEDORA
USN-4042-1
vendor-advisory
x_refsource_UBUNTU
RHSA-2019:2022
vendor-advisory
x_refsource_REDHAT
RHSA-2019:2713
vendor-advisory
x_refsource_REDHAT
[debian-lts-announce] 20200723 [SECURITY] [DLA 2287-1] poppler security update
mailing-list
x_refsource_MLIST
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now