Download
| Alert*
|
oval:org.secpod.oval:def:2102912
poppler since version 0.17.3 has been vulnerable to NULL pointer dereference in pdfunite triggered by specially crafted documents. oval:org.secpod.oval:def:89044959 This update for poppler fixes the following issues: - CVE-2017-9406: Fixed a memory leak that occurred while parsing invalid XRef attributes . - CVE-2017-9083: Fixed a memory leak that occurred when the parser tried to recover from a broken input file oval:org.secpod.oval:def:51840 poppler: PDF rendering library poppler could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:2001091 poppler 0.54.0, as used in Evince and other products, has a NULL pointer dereference in the JPXStream::readUByte function in JPXStream.cc. For example, the perf_test utility will crash when parsing an invalid PDF file. oval:org.secpod.oval:def:703694 poppler: PDF rendering library poppler could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:112460 MinGW Windows Poppler library. oval:org.secpod.oval:def:112462 MinGW Windows Poppler library. |
