5 matches found
CVE-2018-19060
An issue was discovered in Poppler 0.71.0. There is a NULL pointer dereference in goo/GooString.h, will lead to denial of service, as demonstrated by utils/pdfdetach.cc not validating a filename of an embedded file before constructing a save path...
PT-2018-14774 · Poppler +4 · Poppler +4
Name of the Vulnerable Software and Affected Versions: Poppler version 0.71.0 Description: The issue is related to a NULL pointer dereference in the goo/GooString.h file. This can lead to a denial of service. The problem arises when the filename of an embedded file is not validated before...
PT-2018-14773 · Poppler +4 · Poppler +4
Name of the Vulnerable Software and Affected Versions: Poppler version 0.71.0 Description: The issue is related to an out-of-bounds read in the EmbFile::save2 function in FileSpec.cc. This can lead to a denial of service. The problem is demonstrated by the utils/pdfdetach.cc utility not validatin...
UBUNTU-CVE-2018-19058
An issue was discovered in Poppler 0.71.0. There is a reachable abort in Object.h, will lead to denial of service because EmbFile::save2 in FileSpec.cc lacks a stream check before saving an embedded file...
PT-2018-3707 · Poppler +5 · Poppler +5
Name of the Vulnerable Software and Affected Versions: Poppler version 0.71.0 Description: The issue is related to a reachable abort in Object.h, which can lead to a denial of service. This is because the EmbFile::save2 function in FileSpec.cc lacks a stream check before saving an embedded file...