Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.OPENSUSE-2018-648.NASL
HistoryJun 18, 2018 - 12:00 a.m.

openSUSE Security Update : poppler (openSUSE-2018-648)

2018-06-1800:00:00
This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
11
JSON

This update for poppler fixes the following issues :

These security issues were fixed :

  • CVE-2017-14517: Prevent NULL pointer dereference in the XRef::parseEntry() function via a crafted PDF document (bsc#1059066).

  • CVE-2017-9865: Fixed a stack-based buffer overflow vulnerability in GfxState.cc that would have allowed attackers to facilitate a denial-of-service attack via specially crafted PDF documents. (bsc#1045939)

  • CVE-2017-14518: Remedy a floating point exception in isImageInterpolationRequired() that could have been exploited using a specially crafted PDF document.
    (bsc#1059101)

  • CVE-2017-14520: Remedy a floating point exception in Splash::scaleImageYuXd() that could have been exploited using a specially crafted PDF document. (bsc#1059155)

  • CVE-2017-14617: Fixed a floating point exception in Stream.cc, which may lead to a potential attack when handling malicious PDF files. (bsc#1060220)

  • CVE-2017-14928: Fixed a NULL pointer dereference in AnnotRichMedia::Configuration::Configuration() in Annot.cc, which may lead to a potential attack when handling malicious PDF files. (bsc#1061092)

  • CVE-2017-14975: Fixed a NULL pointer dereference vulnerability, that existed because a data structure in FoFiType1C.cc was not initialized, which allowed an attacker to launch a denial of service attack.
    (bsc#1061263)

  • CVE-2017-14976: Fixed a heap-based buffer over-read vulnerability in FoFiType1C.cc that occurred when an out-of-bounds font dictionary index was encountered, which allowed an attacker to launch a denial of service attack. (bsc#1061264)

  • CVE-2017-14977: Fixed a NULL pointer dereference vulnerability in the FoFiTrueType::getCFFBlock() function in FoFiTrueType.cc that occurred due to lack of validation of a table pointer, which allows an attacker to launch a denial of service attack. (bsc#1061265)

  • CVE-2017-15565: Prevent NULL pointer dereference in the GfxImageColorMap::getGrayLine() function via a crafted PDF document (bsc#1064593).

  • CVE-2017-1000456: Validate boundaries in TextPool::addWord to prevent overflows in subsequent calculations (bsc#1074453).

This update was imported from the SUSE:SLE-12-SP2:Update update project.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from openSUSE Security Update openSUSE-2018-648.
#
# The text description of this plugin is (C) SUSE LLC.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(110592);
  script_version("1.4");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/19");

  script_cve_id("CVE-2017-1000456", "CVE-2017-14517", "CVE-2017-14518", "CVE-2017-14520", "CVE-2017-14617", "CVE-2017-14928", "CVE-2017-14975", "CVE-2017-14976", "CVE-2017-14977", "CVE-2017-15565", "CVE-2017-9865");

  script_name(english:"openSUSE Security Update : poppler (openSUSE-2018-648)");
  script_summary(english:"Check for the openSUSE-2018-648 patch");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote openSUSE host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"This update for poppler fixes the following issues :

These security issues were fixed :

  - CVE-2017-14517: Prevent NULL pointer dereference in the
    XRef::parseEntry() function via a crafted PDF document
    (bsc#1059066).

  - CVE-2017-9865: Fixed a stack-based buffer overflow
    vulnerability in GfxState.cc that would have allowed
    attackers to facilitate a denial-of-service attack via
    specially crafted PDF documents. (bsc#1045939)

  - CVE-2017-14518: Remedy a floating point exception in
    isImageInterpolationRequired() that could have been
    exploited using a specially crafted PDF document.
    (bsc#1059101)

  - CVE-2017-14520: Remedy a floating point exception in
    Splash::scaleImageYuXd() that could have been exploited
    using a specially crafted PDF document. (bsc#1059155)

  - CVE-2017-14617: Fixed a floating point exception in
    Stream.cc, which may lead to a potential attack when
    handling malicious PDF files. (bsc#1060220)

  - CVE-2017-14928: Fixed a NULL pointer dereference in
    AnnotRichMedia::Configuration::Configuration() in
    Annot.cc, which may lead to a potential attack when
    handling malicious PDF files. (bsc#1061092)

  - CVE-2017-14975: Fixed a NULL pointer dereference
    vulnerability, that existed because a data structure in
    FoFiType1C.cc was not initialized, which allowed an
    attacker to launch a denial of service attack.
    (bsc#1061263)

  - CVE-2017-14976: Fixed a heap-based buffer over-read
    vulnerability in FoFiType1C.cc that occurred when an
    out-of-bounds font dictionary index was encountered,
    which allowed an attacker to launch a denial of service
    attack. (bsc#1061264)

  - CVE-2017-14977: Fixed a NULL pointer dereference
    vulnerability in the FoFiTrueType::getCFFBlock()
    function in FoFiTrueType.cc that occurred due to lack of
    validation of a table pointer, which allows an attacker
    to launch a denial of service attack. (bsc#1061265)

  - CVE-2017-15565: Prevent NULL pointer dereference in the
    GfxImageColorMap::getGrayLine() function via a crafted
    PDF document (bsc#1064593).

  - CVE-2017-1000456: Validate boundaries in
    TextPool::addWord to prevent overflows in subsequent
    calculations (bsc#1074453).

This update was imported from the SUSE:SLE-12-SP2:Update update
project."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1045939"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1059066"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1059101"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1059155"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1060220"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1061092"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1061263"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1061264"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1061265"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1064593"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1074453"
  );
  script_set_attribute(
    attribute:"solution", 
    value:"Update the affected poppler packages."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libpoppler-cpp0");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libpoppler-cpp0-32bit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libpoppler-cpp0-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libpoppler-cpp0-debuginfo-32bit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libpoppler-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libpoppler-glib-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libpoppler-glib8");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libpoppler-glib8-32bit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libpoppler-glib8-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libpoppler-glib8-debuginfo-32bit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libpoppler-qt4-4");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libpoppler-qt4-4-32bit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libpoppler-qt4-4-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libpoppler-qt4-4-debuginfo-32bit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libpoppler-qt4-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libpoppler-qt5-1");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libpoppler-qt5-1-32bit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libpoppler-qt5-1-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libpoppler-qt5-1-debuginfo-32bit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libpoppler-qt5-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libpoppler60");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libpoppler60-32bit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libpoppler60-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libpoppler60-debuginfo-32bit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:poppler-debugsource");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:poppler-qt-debugsource");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:poppler-qt5-debugsource");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:poppler-tools");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:poppler-tools-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:typelib-1_0-Poppler-0_18");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:42.3");

  script_set_attribute(attribute:"vuln_publication_date", value:"2017/06/25");
  script_set_attribute(attribute:"patch_publication_date", value:"2018/06/16");
  script_set_attribute(attribute:"plugin_publication_date", value:"2018/06/18");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"SuSE Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
if (release !~ "^(SUSE42\.3)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "42.3", release);
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

ourarch = get_kb_item("Host/cpu");
if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);

flag = 0;

if ( rpm_check(release:"SUSE42.3", reference:"libpoppler-cpp0-0.43.0-8.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"libpoppler-cpp0-debuginfo-0.43.0-8.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"libpoppler-devel-0.43.0-8.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"libpoppler-glib-devel-0.43.0-8.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"libpoppler-glib8-0.43.0-8.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"libpoppler-glib8-debuginfo-0.43.0-8.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"libpoppler-qt4-4-0.43.0-8.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"libpoppler-qt4-4-debuginfo-0.43.0-8.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"libpoppler-qt4-devel-0.43.0-8.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"libpoppler-qt5-1-0.43.0-8.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"libpoppler-qt5-1-debuginfo-0.43.0-8.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"libpoppler-qt5-devel-0.43.0-8.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"libpoppler60-0.43.0-8.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"libpoppler60-debuginfo-0.43.0-8.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"poppler-debugsource-0.43.0-8.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"poppler-qt-debugsource-0.43.0-8.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"poppler-qt5-debugsource-0.43.0-8.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"poppler-tools-0.43.0-8.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"poppler-tools-debuginfo-0.43.0-8.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"typelib-1_0-Poppler-0_18-0.43.0-8.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"libpoppler-cpp0-32bit-0.43.0-8.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"libpoppler-cpp0-debuginfo-32bit-0.43.0-8.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"libpoppler-glib8-32bit-0.43.0-8.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"libpoppler-glib8-debuginfo-32bit-0.43.0-8.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"libpoppler-qt4-4-32bit-0.43.0-8.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"libpoppler-qt4-4-debuginfo-32bit-0.43.0-8.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"libpoppler-qt5-1-32bit-0.43.0-8.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"libpoppler-qt5-1-debuginfo-32bit-0.43.0-8.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"libpoppler60-32bit-0.43.0-8.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"libpoppler60-debuginfo-32bit-0.43.0-8.1") ) flag++;

if (flag)
{
  if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
  else security_warning(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libpoppler-qt4-4 / libpoppler-qt4-4-32bit / etc");
}
VendorProductVersionCPE
novellopensuselibpoppler-cpp0p-cpe:/a:novell:opensuse:libpoppler-cpp0
novellopensuselibpoppler-cpp0-32bitp-cpe:/a:novell:opensuse:libpoppler-cpp0-32bit
novellopensuselibpoppler-cpp0-debuginfop-cpe:/a:novell:opensuse:libpoppler-cpp0-debuginfo
novellopensuselibpoppler-cpp0-debuginfo-32bitp-cpe:/a:novell:opensuse:libpoppler-cpp0-debuginfo-32bit
novellopensuselibpoppler-develp-cpe:/a:novell:opensuse:libpoppler-devel
novellopensuselibpoppler-glib-develp-cpe:/a:novell:opensuse:libpoppler-glib-devel
novellopensuselibpoppler-glib8p-cpe:/a:novell:opensuse:libpoppler-glib8
novellopensuselibpoppler-glib8-32bitp-cpe:/a:novell:opensuse:libpoppler-glib8-32bit
novellopensuselibpoppler-glib8-debuginfop-cpe:/a:novell:opensuse:libpoppler-glib8-debuginfo
novellopensuselibpoppler-glib8-debuginfo-32bitp-cpe:/a:novell:opensuse:libpoppler-glib8-debuginfo-32bit
Rows per page:
1-10 of 311

References

Related

openvas 44
nessus 41
suse 1
gentoo 1
osv 7
debian 6
fedora 21
ubuntu 4
mageia 6
redhatcve 11
cve 13
debiancve 11
ubuntucve 14
veracode 7
prion 11
freebsd 1
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2018:1662-1)
2021-04-19 00:00:00
openSUSE: Security Advisory for poppler (openSUSE-SU-2018:1721-1)
2018-06-17 00:00:00
Huawei EulerOS: Security Advisory for poppler (EulerOS-SA-2017-1259)
2020-01-23 00:00:00
nessus
nessus
SUSE SLED12 / SLES12 Security Update : poppler (SUSE-SU-2018:1662-1)
2018-06-13 00:00:00
EulerOS 2.0 SP1 : poppler (EulerOS-SA-2017-1259)
2017-11-01 00:00:00
EulerOS 2.0 SP2 : poppler (EulerOS-SA-2017-1260)
2017-11-01 00:00:00
suse
suse
Security update for poppler (moderate)
2018-06-16 15:10:22
gentoo
gentoo
Poppler: Multiple vulnerabilities
2018-04-08 00:00:00
osv
osv
poppler - security update
2017-11-18 00:00:00
poppler - security update
2018-01-07 00:00:00
poppler - security update
2017-09-27 00:00:00
debian
debian
[SECURITY] [DLA 1177-1] poppler security update
2017-11-18 18:27:50
[SECURITY] [DSA 4079-1] poppler security update
2018-01-07 20:52:14
[SECURITY] [DLA 1116-1] poppler security update
2017-09-27 20:57:03
fedora
fedora
[SECURITY] Fedora 26 Update: mingw-poppler-0.52.0-5.fc26
2017-10-25 23:18:04
[SECURITY] Fedora 25 Update: mingw-poppler-0.45.0-5.fc25
2017-10-25 21:23:29
[SECURITY] Fedora 27 Update: poppler-0.57.0-9.fc27
2018-06-01 12:21:33
ubuntu
ubuntu
poppler vulnerabilities
2017-10-06 00:00:00
poppler vulnerabilities
2018-01-08 00:00:00
poppler vulnerability
2017-10-30 00:00:00
mageia
mageia
Updated poppler packages fix security vulnerabilities
2017-10-19 21:14:02
Updated poppler packages fix security vulnerabilities
2017-10-05 23:37:56
Updated poppler packages fix security vulnerabilities
2017-11-06 11:22:52
redhatcve
redhatcve
CVE-2017-14977
2017-10-10 12:49:37
CVE-2017-14976
2017-10-10 12:49:52
CVE-2017-14975
2017-10-10 12:50:06
cve
cve
CVE-2017-14976
2017-10-02 01:29:00
CVE-2017-1000456
2018-01-02 18:29:00
CVE-2017-14518
2017-09-17 23:29:00
debiancve
debiancve
CVE-2017-14975
2017-10-02 01:29:00
CVE-2017-14518
2017-09-17 23:29:00
CVE-2017-14976
2017-10-02 01:29:00
ubuntucve
ubuntucve
CVE-2017-14975
2017-10-01 00:00:00
CVE-2017-14518
2017-09-17 00:00:00
CVE-2017-1000456
2018-01-02 00:00:00
veracode
veracode
Denial Of Service (DoS)
2018-06-08 09:27:29
Denial Of Service (DoS)
2018-06-08 11:21:44
Denial Of Service (DoS)
2018-05-08 08:22:01
prion
prion
Null pointer dereference
2017-09-17 23:29:00
Code injection
2017-09-17 23:29:00
Null pointer dereference
2017-10-02 01:29:00
freebsd
freebsd
poppler -- multiple denial of service issues
2017-06-21 00:00:00
JSON
Related for OPENSUSE-2018-648.NASL
openvas44nessus41suse1gentoo1osv7debian6fedora21ubuntu4mageia6redhatcve11cve13debiancve11ubuntucve14veracode7prion11freebsd1