In Poppler 0.59.0, a NULL Pointer Dereference exists in the XRef::parseEntry() function in XRef.cc via a crafted PDF document. (CVE-2017-14517) In Poppler 0.59.0, memory corruption occurs in a call to Object::streamGetChar in Object.h after a repeating series of Gfx::display, Gfx::go, Gfx::execOp, Gfx::opShowText, and Gfx::doShowText calls (aka a Gfx.cc infinite loop). (CVE-2017-14519) In Poppler 0.59.0, a floating point exception occurs in Splash::scaleImageYuXd() in Splash.cc, which may lead to a potential attack when handling malicious PDF files. (CVE-2017-14520)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Mageia | 5 | noarch | poppler | <Â 0.26.5-2.4 | poppler-0.26.5-2.4.mga5 |
Mageia | 6 | noarch | poppler | <Â 0.52.0-3.2 | poppler-0.52.0-3.2.mga6 |