CVE-2018-20481
CVE-2018-20481
XRef::getEntry in XRef.cc in Poppler 0.72.0 mishandles unallocated XRef entries, which allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted PDF document, when XRefEntry::setFlag in XRef.h is called from Parser::makeStream in Parser.cc.
Produtos afetados
n/a · n/aQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
https://access.redhat.com/errata/RHSA-2019:2022https://access.redhat.com/errata/RHSA-2019:2713https://gitlab.freedesktop.org/poppler/poppler/issues/692https://gitlab.freedesktop.org/poppler/poppler/merge_requests/143https://lists.debian.org/debian-lts-announce/2019/03/msg00008.htmlhttps://lists.debian.org/debian-lts-announce/2020/07/msg00018.htmlhttps://usn.ubuntu.com/3865-1/http://www.securityfocus.com/bid/106321