Format string

2013-11-2311:55:00

PRIOn knowledge base

www.prio-n.com

6.9 Medium

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.303 Low

EPSS

Percentile

96.8%

JSON

Format string vulnerability in the extractPages function in utils/pdfseparate.cc in poppler before 0.24.3 allows remote attackers to cause a denial of service (crash) via format string specifiers in a destination filename.

CPENameOperatorVersion
ubuntu_linuxeq12.04
ubuntu_linuxeq15.10
ubuntu_linuxeq14.04
popplereq0.16.4
popplereq0.12.1
popplereq0.14.3
popplereq0.11.0
popplereq0.16.7
popplereq0.23.1
popplereq0.10.2

Name	Operator	Version
ubuntu_linux	eq	12.04
ubuntu_linux	eq	15.10
ubuntu_linux	eq	14.04
poppler	eq	0.16.4
poppler	eq	0.12.1
poppler	eq	0.14.3
poppler	eq	0.11.0
poppler	eq	0.16.7
poppler	eq	0.23.1
poppler	eq	0.10.2