Show filters
4 Total Results
Displaying 1-4 of 4
Sort by:
Attacker Value
Unknown

CVE-2018-19059

Disclosure Date: November 07, 2018 (last updated November 27, 2024)
An issue was discovered in Poppler 0.71.0. There is a out-of-bounds read in EmbFile::save2 in FileSpec.cc, will lead to denial of service, as demonstrated by utils/pdfdetach.cc not validating embedded files before save attempts.
0
0
Attacker Value
Unknown

CVE-2018-19060

Disclosure Date: November 07, 2018 (last updated November 27, 2024)
An issue was discovered in Poppler 0.71.0. There is a NULL pointer dereference in goo/GooString.h, will lead to denial of service, as demonstrated by utils/pdfdetach.cc not validating a filename of an embedded file before constructing a save path.
0
0
Attacker Value
Unknown

CVE-2018-19058

Disclosure Date: November 07, 2018 (last updated November 27, 2024)
An issue was discovered in Poppler 0.71.0. There is a reachable abort in Object.h, will lead to denial of service because EmbFile::save2 in FileSpec.cc lacks a stream check before saving an embedded file.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2018-18897

Disclosure Date: November 02, 2018 (last updated November 27, 2024)
An issue was discovered in Poppler 0.71.0. There is a memory leak in GfxColorSpace::setDisplayProfile in GfxState.cc, as demonstrated by pdftocairo.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0