PT-2018-14836 · Poppler+4 · Poppler+4

Publicado

2018-11-10

Atualizado

2023-07-20

CVE-2018-19149

CVSS v3.1

6.5

Média

Vetor

AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Poppler versions prior to 0.70.0

Description The issue is related to a NULL pointer dereference in the poppler attachment new function when called from poppler annot file attachment get attachment.

Recommendations For versions prior to 0.70.0, update to version 0.70.0 or later to resolve the issue.

Exploit

Correção

NULL Pointer Dereference

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-476

Identificadores relacionados

CESA-2019_2022

CVE-2018-19149

MGASA-2018-0498

OPENSUSE-SU-2021:3854-1

OPENSUSE-SU-2021_3854-1

RHSA-2019:2022

RHSA-2019_2022

SUSE-SU-2021:3854-1

SUSE-SU-2023:2906-1

SUSE-SU-2023:2907-1

USN-3837-1

USN-3837-2

Produtos afetados

Centos

Poppler

Red Hat

Suse

Ubuntu

PT-2018-14836 · Poppler+4 · Poppler+4

CVE-2018-19149

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 171