20 matches found
Oracle Linux 7 : GNOME (ELSA-2018-3140)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2018-3140 advisory. - Backport upstream patch for CVE-2018-12910 - Crash in soupcookiejar.c: getcookies on empty hostnames - Security fix for CVE-2018-15120 - Fix crash wh...
Mageia: Security Advisory (MGASA-2018-0290)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Amazon Linux 2 : poppler (ALAS-2019-1217)
There is a NULL pointer dereference in the AnnotPath::getCoordsLength function in Annot.h. A crafted input will lead to a remote denial of service attack. Poppler versions later than 0.41.0 are not affected.CVE-2018-10768 The FoFiType1C::cvtGlyph function in fofi/FoFiType1C.cc in Poppler allows...
CentOS Update for gdm CESA-2018:3140 centos7
The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Amazon Linux AMI : poppler (ALAS-2018-1110)
There is a NULL pointer dereference in the AnnotPath::getCoordsLength function in Annot.h. A crafted input will lead to a remote denial of service attack.CVE-2018-10768 The FoFiType1C::cvtGlyph function in fofi/FoFiType1C.cc in Poppler allows remote attackers to cause a denial of service infinite...
Low: poppler
Issue Overview: There is a NULL pointer dereference in the AnnotPath::getCoordsLength function in Annot.h. A crafted input will lead to a remote denial of service attack.CVE-2018-10768 The FoFiType1C::cvtGlyph function in fofi/FoFiType1C.cc in Poppler allows remote attackers to cause a denial of...
Scientific Linux Security Update : GNOME on SL7.x x86_64 (20181030)
Security Fixes : - libsoup: Crash in soupcookiejar.c:getcookies on empty hostnames CVE-2018-12910 - poppler: Infinite recursion in fofi/FoFiType1C.cc:FoFiType1C::cvtGlyph function allows denial of service CVE-2017-18267 - libgxps: heap based buffer over read in ftfontfacehash function of...
CentOS 7 : PackageKit / accountsservice / adwaita-icon-theme / appstream-data / at-spi2-atk / etc (CESA-2018:3140)
An update is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links ...
PackageKit, accountsservice, adwaita, appstream, at, atk, baobab, bolt, brasero, cairo, cheese, clutter, compat, control, dconf, devhelp, ekiga, empathy, eog, evince, evolution, file, flatpak, folks, fontconfig, freetype, fribidi, fwupd, fwupdate, gcr, gdk, gdm, gedit, geoclue2, geocode, gjs, glade, glib, glib2, glibmm24, gnome, gnote, gobject, gom, google, grilo, gsettings, gspell, gssdp, gstreamer1, gtk, gtk3, gtksourceview3, gucharmap, gupnp, gvfs, harfbuzz, json, libappstream, libchamplain, libcroco, libgdata, libgee, libgepub, libgexiv2, libgnomekbd, libgovirt, libgtop2, libgweather, libgxps, libical, libmediaart, libosinfo, libpeas, librsvg2, libsecret, libsoup, libwayland, libwnck3, mozjs52, mutter, nautilus, openchange, osinfo, pango, poppler, python2, rest, rhythmbox, seahorse, shotwell, sushi, totem, upower, vala, valadoc, vino, vte, vte291, wayland, webkitgtk4, xdg, yelp, zenity security update
CentOS Errata and Security Advisory CESA-2018:3140 An update is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
Debian: Security Advisory (DLA-1562-2)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 1562-1] poppler security update
Package : poppler Version : 0.26.5-2+deb8u5 CVE ID : CVE-2017-18267 CVE-2018-10768 CVE-2018-13988 CVE-2018-16646 Debian Bug : 898357 909802 Various security issues were discovered in the poppler PDF rendering shared library. CVE-2017-18267 The FoFiType1C::cvtGlyph function in fofi/FoFiType1C.cc i...
EulerOS 2.0 SP3 : poppler (EulerOS-SA-2018-1226)
According to the version of the poppler packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - There is a NULL pointer dereference in the AnnotPath::getCoordsLength function in Annot.h in an Ubuntu package for Poppler 0.24.5. A crafted input...
Updated poppler packages fix security vulnerability
The updated packages fix security vulnerabilities: The FoFiType1C::cvtGlyph function in fofi/FoFiType1C.cc in Poppler through 0.64.0 allows remote attackers to cause a denial of service infinite recursion via a crafted PDF file, as demonstrated by pdftops. CVE-2017-18267 There is a NULL pointer...
Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : poppler vulnerabilities (USN-3647-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3647-1 advisory. It was discovered that poppler incorrectly handled certain PDF files. An attacker could possibly use this to cause a denial of...
USN-3647-1 poppler vulnerabilities
It was discovered that poppler incorrectly handled certain PDF files. An attacker could possibly use this to cause a denial of service. CVE-2017-18267 It was discovered that poppler incorrectly handled certain PDF files. An attacker could possibly use this to cause a denial of service. This issue...
USN-3647-1: poppler vulnerabilities
It was discovered that poppler incorrectly handled certain PDF files. An attacker could possibly use this to cause a denial of service. CVE-2017-18267 It was discovered that poppler incorrectly handled certain PDF files. An attacker could possibly use this to cause a denial of service. This issue...
CVE-2018-10768
There is a NULL pointer dereference in the AnnotPath::getCoordsLength function in Annot.h in an Ubuntu package for Poppler 0.24.5. A crafted input will lead to a remote denial of service attack. Later Ubuntu packages such as for Poppler 0.41.0 are not affected...
CVE-2018-10768
There is a NULL pointer dereference in the AnnotPath::getCoordsLength function in Annot.h in an Ubuntu package for Poppler 0.24.5. A crafted input will lead to a remote denial of service attack. Later Ubuntu packages such as for Poppler 0.41.0 are not affected...
CVE-2018-10768
CVE-2018-10768 describes a NULL pointer dereference in Poppler’s AnnotPath::getCoordsLength (Annot.h) affecting Ubuntu’s Poppler 0.24.5. A crafted input can cause a remote denial of service. Multiple connected advisories note that later Poppler versions (e.g., 0.41.0) are not affected. Related do...
CVE-2018-10768
There is a NULL pointer dereference in the AnnotPath::getCoordsLength function in Annot.h in an Ubuntu package for Poppler 0.24.5. A crafted input will lead to a remote denial of service attack. Later Ubuntu packages such as for Poppler 0.41.0 are not affected...