PT-2013-3394 · Poppler+1 · Poppler+1

Vincent Danen

·

Publicado

2013-04-02

·

Atualizado

2024-06-15

·

CVE-2013-1788

CVSS v2.0

6.8

Média

VetorAV:N/AC:M/Au:N/C:P/I:P/A:P
Name of the Vulnerable Software and Affected Versions poppler versions prior to 0.22.1
Description The issue allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via certain vectors that trigger an "invalid memory access" in files such as splash/Splash.cc, poppler/Function.cc, and poppler/Stream.cc.
Recommendations For versions prior to 0.22.1, update to version 0.22.1 or later to resolve the issue.

Exploit

Correção

DoS

Buffer Overflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-119

Identificadores relacionados

CVE-2013-1788
DSA-2719-1
OPENSUSE-SU-2024:10360-1
SUSE-SU-2013_0595-1
SUSE-SU-2013_0596-1

Produtos afetados

Suse
Poppler