Description
The JPXStream::readTilePart function in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a specific pdf file, as demonstrated by pdftohtml.
Affected Package
Related
{"id": "DEBIANCVE:CVE-2018-8100", "vendorId": null, "type": "debiancve", "bulletinFamily": "info", "title": "CVE-2018-8100", "description": "The JPXStream::readTilePart function in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a specific pdf file, as demonstrated by pdftohtml.", "published": "2018-03-14T03:29:00", "modified": "2018-03-14T03:29:00", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "accessVector": "NETWORK", "accessComplexity": "MEDIUM", "authentication": "NONE", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "baseScore": 6.8}, "severity": "MEDIUM", "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}, "cvss3": {"cvssV3": {"version": "3.0", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH"}, "exploitabilityScore": 1.8, "impactScore": 5.9}, "href": "https://security-tracker.debian.org/tracker/CVE-2018-8100", "reporter": "Debian Security Bug Tracker", "references": [], "cvelist": ["CVE-2018-8100"], "immutableFields": [], "lastseen": "2022-06-23T06:03:15", "viewCount": 3, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2018-8100"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2018-8100"]}], "rev": 4}, "score": {"value": 5.3, "vector": "NONE"}, "backreferences": {"references": [{"type": "cve", "idList": ["CVE-2018-8100"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2018-8100"]}]}, "exploitation": null, "vulnersScore": 5.3}, "_state": {"dependencies": 0}, "_internal": {}, "affectedPackage": [{"OS": "Debian", "OSVersion": "12", "arch": "all", "packageFilename": "xpdf_3.04+git20220601-1_all.deb", "packageVersion": "3.04+git20220601-1", "operator": "le", "status": "open", "packageName": "xpdf"}, {"OS": "Debian", "OSVersion": "11", "arch": "all", "packageFilename": "xpdf_3.04+git20210103-3_all.deb", "packageVersion": "3.04+git20210103-3", "operator": "le", "status": "open", "packageName": "xpdf"}, {"OS": "Debian", "OSVersion": "10", "arch": "all", "packageFilename": "xpdf_3.04-13_all.deb", "packageVersion": "3.04-13", "operator": "le", "status": "open", "packageName": "xpdf"}, {"OS": "Debian", "OSVersion": "999", "arch": "all", "packageFilename": "xpdf_3.04+git20220601-1_all.deb", "packageVersion": "3.04+git20220601-1", "operator": "le", "status": "open", "packageName": "xpdf"}, {"OS": "Debian", "OSVersion": "9", "arch": "all", "packageFilename": "xpdf_3.04-4_all.deb", "packageVersion": "3.04-4", "operator": "le", "status": "open", "packageName": "xpdf"}]}
{"ubuntucve": [{"lastseen": "2022-01-21T20:41:38", "description": "The JPXStream::readTilePart function in JPXStream.cc in xpdf 4.00 allows\nattackers to launch denial of service (heap-based buffer overflow and\napplication crash) or possibly have unspecified other impact via a specific\npdf file, as demonstrated by pdftohtml.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[jdstrand](<https://launchpad.net/~jdstrand>) | xpdf in koffice is 2.0 \n[mdeslaur](<https://launchpad.net/~mdeslaur>) | code is different in poppler, doesn't look vulnerable\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-03-14T00:00:00", "type": "ubuntucve", "title": "CVE-2018-8100", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-8100"], "modified": "2018-03-14T00:00:00", "id": "UB:CVE-2018-8100", "href": "https://ubuntu.com/security/CVE-2018-8100", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "cve": [{"lastseen": "2022-03-23T18:43:05", "description": "The JPXStream::readTilePart function in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a specific pdf file, as demonstrated by pdftohtml.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2018-03-14T03:29:00", "type": "cve", "title": "CVE-2018-8100", "cwe": ["CWE-787"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-8100"], "modified": "2020-08-24T17:37:00", "cpe": ["cpe:/a:xpdfreader:xpdf:4.00"], "id": "CVE-2018-8100", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-8100", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:xpdfreader:xpdf:4.00:*:*:*:*:*:*:*"]}], "redhatcve": [{"lastseen": "2022-05-21T01:23:25", "description": "The JBIG2Stream::readGenericBitmap function in JBIG2Stream.cc in xpdf 4.00 allows attackers to launch denial of service (heap-based buffer over-read and application crash) via a specific pdf file, as demonstrated by pdftohtml.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-05-21T00:20:50", "type": "redhatcve", "title": "CVE-2018-8103", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-8100", "CVE-2018-8101", "CVE-2018-8102", "CVE-2018-8103", "CVE-2018-8104", "CVE-2018-8105", "CVE-2018-8106", "CVE-2018-8107"], "modified": "2022-05-21T00:20:50", "id": "RH:CVE-2018-8103", "href": "https://access.redhat.com/security/cve/cve-2018-8103", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}]}
CVE-2018-8100
