CVE-2019-9903

Published: Mar 21, 2019

Modified: Aug 4, 2024

PUBLISHED

Description

PDFDoc::markObject in PDFDoc.cc in Poppler 0.74.0 mishandles dict marking, leading to stack consumption in the function Dict::find() located at Dict.cc, which can (for example) be triggered by passing a crafted pdf file to the pdfunite binary.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://gitlab.freedesktop.org/poppler/poppler/issues/741

x_refsource_MISC

https://research.loginsoft.com/bugs/stack-based-buffer-overflows-in-dictfind-poppler-0-74-0/

x_refsource_MISC

107560

vdb-entry

x_refsource_BID

FEDORA-2019-14040bfa27

vendor-advisory

x_refsource_FEDORA

FEDORA-2019-95eb49ef49

vendor-advisory

x_refsource_FEDORA

FEDORA-2019-3193a75b06

vendor-advisory

x_refsource_FEDORA

USN-4042-1

vendor-advisory

x_refsource_UBUNTU

RHSA-2019:2713

vendor-advisory

x_refsource_REDHAT

[debian-lts-announce] 20220925 [SECURITY] [DLA 3120-1] poppler security update

mailing-list

x_refsource_MLIST

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2019-9903

Description

Affected Products

References