4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
0.006 Low
EPSS
Percentile
79.2%
splash/Splash.cc in poppler before 0.22.1 allows context-dependent
attackers to cause a denial of service (NULL pointer dereference and crash)
via vectors related to the (1) Splash::arbitraryTransformMask, (2)
Splash::blitMask, and (3) Splash::scaleMaskYuXu functions.
Author | Note |
---|---|
mdeslaur | reproducers: 1031.pdf.asan.48.15, 1007.pdf.asan.48.4 |
j00ru.vexillium.org/?p=1507
www.openwall.com/lists/oss-security/2013/02/28/4
www.openwall.com/lists/oss-security/2013/02/28/8
launchpad.net/bugs/cve/CVE-2013-1789
nvd.nist.gov/vuln/detail/CVE-2013-1789
security-tracker.debian.org/tracker/CVE-2013-1789
ubuntu.com/security/notices/USN-1785-1
www.cve.org/CVERecord?id=CVE-2013-1789