Lucene search

[email protected]CVE-2013-1790

HistoryApr 09, 2013 - 8:55 p.m.

CVE-2013-1790

2013-04-0920:55:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2013-1790

poppler

stream.cc

context-dependent attackers

uninitialized memory

nvd

vulnerability

7.2 High

AI Score

Confidence

High

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.014 Low

EPSS

Percentile

86.1%

JSON

poppler/Stream.cc in poppler before 0.22.1 allows context-dependent attackers to have an unspecified impact via vectors that trigger a read of uninitialized memory by the CCITTFaxStream::lookChar function.

CPENameOperatorVersion
freedesktop:popplerfreedesktop popplerle0.22.0

CPE	Name	Operator	Version
freedesktop:poppler	freedesktop poppler	le	0.22.0

References

cgit.freedesktop.org/poppler/poppler/commit/?h=poppler-0.22&id=b1026b5978c385328f2a15a2185c599a563edf91

j00ru.vexillium.org/?p=1507

lists.fedoraproject.org/pipermail/package-announce/2013-March/100081.html

lists.fedoraproject.org/pipermail/package-announce/2013-March/100090.html

secunia.com/advisories/52846

ubuntu.com/usn/usn-1785-1

www.debian.org/security/2013/dsa-2719

www.mandriva.com/security/advisories?name=MDVSA-2013:143

www.openwall.com/lists/oss-security/2013/02/28/4

www.openwall.com/lists/oss-security/2013/02/28/8

bugzilla.redhat.com/show_bug.cgi?id=917111

7.2 High

AI Score

Confidence

High

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.014 Low

EPSS

Percentile

86.1%

JSON

Related for CVE-2013-1790

prion1 debiancve1 ubuntucve1 openvas15 osv1 nessus9 debian1 ubuntu1 securityvulns2 fedora4 gentoo1