Astra Linux - уязвимость в poppler

An issue was discovered in Poppler 0.71.0. There is a memory leak in GfxColorSpace::setDisplayProfile in GfxState.cc, as demonstrated by pdftocairo...

EUVD-2018-10607

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2019-9959

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The JPXStream::init function in Poppler 0.78.0 and earlier doesn't check for negative values of stream length, leading to an Integer Overflow, thereby making it...

Reachable Assertion

Overview Affected versions of this package are vulnerable to Reachable Assertion due to unscaled-face == NULL assertion failure for cairoftunscaledfontfini in cairo-ft-font.c. An attacker with local access could crash the system by processing a specially crafted PDF file with pdftocairo...

SUSE CVE-2017-9775

Stack buffer overflow in GfxState.cc in pdftocairo in Poppler before 0.56 allows remote attackers to cause a denial of service application crash via a crafted PDF document...

SUSE CVE-2017-9776

Integer overflow leading to Heap buffer overflow in JBIG2Stream.cc in pdftocairo in Poppler before 0.56 allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted PDF document...

SUSE CVE-2018-18897

An issue was discovered in Poppler 0.71.0. There is a memory leak in GfxColorSpace::setDisplayProfile in GfxState.cc, as demonstrated by pdftocairo...

SUSE CVE-2019-7310

In Poppler 0.73.0, a heap-based buffer over-read due to an integer signedness error in the XRef::getEntry function in XRef.cc allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted PDF document, as demonstrated by pdftocairo...

Mageia: Security Advisory (MGASA-2017-0329)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Updated poppler packages fix security vulnerabilities

The updated packages fix security vulnerabilities: The JPXStream::init function in Poppler 0.78.0 and earlier doesn't check for negative values of stream length, leading to an Integer Overflow, thereby making it possible to allocate a large memory chunk on the heap, with a size controlled by an...

poppler: integer overflow in JPXStream::init function leading to memory consumption

The JPXStream::init function in Poppler 0.78.0 and earlier doesn't check for negative values of stream length, leading to an Integer Overflow, thereby making it possible to allocate a large memory chunk on the heap, with a size controlled by an attacker, as demonstrated by pdftocairo...

poppler: memory leak in GfxColorSpace::setDisplayProfile in GfxState.cc

An issue was discovered in Poppler 0.71.0. There is a memory leak in GfxColorSpace::setDisplayProfile in GfxState.cc, as demonstrated by pdftocairo...

poppler: memory leak in GfxColorSpace::setDisplayProfile in GfxState.cc

An issue was discovered in Poppler 0.71.0. There is a memory leak in GfxColorSpace::setDisplayProfile in GfxState.cc, as demonstrated by pdftocairo...

CVE-2019-9959

The JPXStream::init function in Poppler 0.78.0 and earlier doesn't check for negative values of stream length, leading to an Integer Overflow, thereby making it possible to allocate a large memory chunk on the heap, with a size controlled by an attacker, as demonstrated by pdftocairo...

Integer overflow

The JPXStream::init function in Poppler 0.78.0 and earlier doesn't check for negative values of stream length, leading to an Integer Overflow, thereby making it possible to allocate a large memory chunk on the heap, with a size controlled by an attacker, as demonstrated by pdftocairo...

CVE-2019-9959

The JPXStream::init function in Poppler 0.78.0 and earlier doesn't check for negative values of stream length, leading to an Integer Overflow, thereby making it possible to allocate a large memory chunk on the heap, with a size controlled by an attacker, as demonstrated by pdftocairo...

UBUNTU-CVE-2019-9959

The JPXStream::init function in Poppler 0.78.0 and earlier doesn't check for negative values of stream length, leading to an Integer Overflow, thereby making it possible to allocate a large memory chunk on the heap, with a size controlled by an attacker, as demonstrated by pdftocairo...

CVE-2019-9959

The JPXStream::init function in Poppler 0.78.0 and earlier doesn't check for negative values of stream length, leading to an Integer Overflow, thereby making it possible to allocate a large memory chunk on the heap, with a size controlled by an attacker, as demonstrated by pdftocairo...

Denial Of Service

libpoppler.so is susceptible to denial of service DoS. The lack of proper memory handling for negative XRef indices in the function XRef::getEntry in XRef.cc leads to huge integer overflow, allowing an attacker to crash the process using a malicious PDF input to pdftocairo...

Heap overflow

In Poppler 0.73.0, a heap-based buffer over-read due to an integer signedness error in the XRef::getEntry function in XRef.cc allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted PDF document, as demonstrated by pdftocairo...