Vulnerabilities > CVE-2012-2142

047910
CVSS 7.8 - HIGH
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
local
low complexity
freedesktop
xpdfreader
redhat
opensuse
nessus
NVD
Published: 2020-01-09
Updated: 2020-01-15

Summary

The error function in Error.cc in poppler before 0.21.4 allows remote attackers to execute arbitrary commands via a PDF containing an escape sequence for a terminal emulator.

Vulnerable Configurations

Part Description Count
Application
Freedesktop
108
Application
Xpdfreader
1
OS
Redhat
2
OS
Opensuse
1

Nessus

  • NASL familySlackware Local Security Checks
    NASL idSLACKWARE_SSA_2013-233-02.NASL
    descriptionNew xpdf packages are available for Slackware 12.1, 12.2, 13.0, 13.1, 13.37, 14.0, and -current to fix a security issue.
    last seen2020-06-01
    modified2020-06-02
    plugin id69432
    published2013-08-22
    reporterThis script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/69432
    titleSlackware 12.1 / 12.2 / 13.0 / 13.1 / 13.37 / 14.0 / current : xpdf (SSA:2013-233-02)
    code
    #
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Slackware Security Advisory 2013-233-02. The text 
# itself is copyright (C) Slackware Linux, Inc.
#

include("compat.inc");

if (description)
{
  script_id(69432);
  script_version("1.2");
  script_cvs_date("Date: 2020/01/16");

  script_cve_id("CVE-2012-2142");
  script_xref(name:"SSA", value:"2013-233-02");

  script_name(english:"Slackware 12.1 / 12.2 / 13.0 / 13.1 / 13.37 / 14.0 / current : xpdf (SSA:2013-233-02)");
  script_summary(english:"Checks for updated package in /var/log/packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Slackware host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"New xpdf packages are available for Slackware 12.1, 12.2, 13.0, 13.1,
13.37, 14.0, and -current to fix a security issue."
  );
  # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2013&m=slackware-security.496284
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?aaf817e0"
  );
  script_set_attribute(attribute:"solution", value:"Update the affected xpdf package.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
  script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:slackware:slackware_linux:xpdf");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux:12.1");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux:12.2");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux:13.0");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux:13.1");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux:13.37");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux:14.0");

  script_set_attribute(attribute:"vuln_publication_date", value:"2020/01/09");
  script_set_attribute(attribute:"patch_publication_date", value:"2013/08/21");
  script_set_attribute(attribute:"plugin_publication_date", value:"2013/08/22");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Slackware Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/Slackware/release", "Host/Slackware/packages");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("slackware.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Slackware/release")) audit(AUDIT_OS_NOT, "Slackware");
if (!get_kb_item("Host/Slackware/packages")) audit(AUDIT_PACKAGE_LIST_MISSING);


cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Slackware", cpu);


flag = 0;
if (slackware_check(osver:"12.1", pkgname:"xpdf", pkgver:"3.03", pkgarch:"i486", pkgnum:"1_slack12.1")) flag++;

if (slackware_check(osver:"12.2", pkgname:"xpdf", pkgver:"3.03", pkgarch:"i486", pkgnum:"1_slack12.2")) flag++;

if (slackware_check(osver:"13.0", pkgname:"xpdf", pkgver:"3.03", pkgarch:"i486", pkgnum:"1_slack13.0")) flag++;
if (slackware_check(osver:"13.0", arch:"x86_64", pkgname:"xpdf", pkgver:"3.03", pkgarch:"x86_64", pkgnum:"1_slack13.0")) flag++;

if (slackware_check(osver:"13.1", pkgname:"xpdf", pkgver:"3.03", pkgarch:"i486", pkgnum:"1_slack13.1")) flag++;
if (slackware_check(osver:"13.1", arch:"x86_64", pkgname:"xpdf", pkgver:"3.03", pkgarch:"x86_64", pkgnum:"1_slack13.1")) flag++;

if (slackware_check(osver:"13.37", pkgname:"xpdf", pkgver:"3.03", pkgarch:"i486", pkgnum:"1_slack13.37")) flag++;
if (slackware_check(osver:"13.37", arch:"x86_64", pkgname:"xpdf", pkgver:"3.03", pkgarch:"x86_64", pkgnum:"1_slack13.37")) flag++;

if (slackware_check(osver:"14.0", pkgname:"xpdf", pkgver:"3.03", pkgarch:"i486", pkgnum:"1_slack14.0")) flag++;
if (slackware_check(osver:"14.0", arch:"x86_64", pkgname:"xpdf", pkgver:"3.03", pkgarch:"x86_64", pkgnum:"1_slack14.0")) flag++;

if (slackware_check(osver:"current", pkgname:"xpdf", pkgver:"3.03", pkgarch:"i486", pkgnum:"3")) flag++;
if (slackware_check(osver:"current", arch:"x86_64", pkgname:"xpdf", pkgver:"3.03", pkgarch:"x86_64", pkgnum:"3")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_warning(port:0, extra:slackware_report_get());
  else security_warning(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-201310-03.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-201310-03 (Poppler: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in Poppler. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could entice a user to open a specially crafted PDF file, possibly resulting in execution of arbitrary code with the privileges of the process or a Denial of Service condition. Workaround : There is no known workaround at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id70309
    published2013-10-07
    reporterThis script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/70309
    titleGLSA-201310-03 : Poppler: Multiple vulnerabilities
  • NASL familySlackware Local Security Checks
    NASL idSLACKWARE_SSA_2013-233-03.NASL
    descriptionNew poppler packages are available for Slackware 14.0, and -current to fix a security issue.
    last seen2020-06-01
    modified2020-06-02
    plugin id69433
    published2013-08-22
    reporterThis script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/69433
    titleSlackware 14.0 / current : poppler (SSA:2013-233-03)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2013-17398.NASL
    descriptionFix icon issue in desktop file. Resolve CVE-2012-2142 poppler, xpdf: Insufficient sanitization of escape sequences in the error messages Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-03-17
    modified2013-10-01
    plugin id70238
    published2013-10-01
    reporterThis script is Copyright (C) 2013-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/70238
    titleFedora 20 : xpdf-3.03-8.fc20 (2013-17398)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2013-17375.NASL
    descriptionFix icon issue in desktop file. Resolve CVE-2012-2142 poppler, xpdf: Insufficient sanitization of escape sequences in the error messages Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-03-17
    modified2013-10-01
    plugin id70236
    published2013-10-01
    reporterThis script is Copyright (C) 2013-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/70236
    titleFedora 18 : xpdf-3.03-8.fc18 (2013-17375)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2013-662.NASL
    descriptionpoppler was updated to fix a security problem. PDF files could emit messages with terminal escape sequences which could be used to inject shell code if the user ran a PDF viewer from a terminal shell (CVE-2012-2142). Also a bug was fixed to avoid division by zero when using origpagesizes option (bnc#795582)
    last seen2020-06-05
    modified2014-06-13
    plugin id75126
    published2014-06-13
    reporterThis script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/75126
    titleopenSUSE Security Update : poppler (openSUSE-SU-2013:1371-1)
  • NASL familyMisc.
    NASL idCITRIX_NETSCALER_ADC_MULTIPLE.NASL
    descriptionThe remote Citrix NetScaler version is affected by multiple vulnerabilities : - A denial of service vulnerability in the VM Virtual Machine Daemon. Please note that this particular vulnerability does not apply to Citrix NetScaler 10.1. (CVE-2013-6938) - A denial of service vulnerability in the Application Delivery Controller RADIUS authentication. (CVE-2013-6939) - An authenticated denial of service in the SNMP daemon. (CVE-2012-2142) - An unspecified authentication disclosure in the Application Delivery Controller. (CVE-2013-6940) - An unspecified shell breakout in the Application Delivery Controller firmware. (CVE-2013-6941) - An unspecified LDAP username injection vulnerability in the Application Delivery Controller. (CVE-2013-6943) - A cross-site scripting vulnerability in the AAA TM vServer user interface. (CVE-2013-6944)
    last seen2020-06-01
    modified2020-06-02
    plugin id73205
    published2014-03-26
    reporterThis script is Copyright (C) 2014-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/73205
    titleCitrix NetScaler Application Delivery Controller Multiple Vulnerabilities
  • NASL familySolaris Local Security Checks
    NASL idSOLARIS11_XPDF_20141120.NASL
    descriptionThe remote Solaris system is missing necessary patches to address security updates.
    last seen2020-06-01
    modified2020-06-02
    plugin id80824
    published2015-01-19
    reporterThis script is Copyright (C) 2015-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/80824
    titleOracle Solaris Third-Party Patch Update : xpdf (cve_2012_2142_arbitrary_code)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2013-17397.NASL
    descriptionFix icon issue in desktop file. Resolve CVE-2012-2142 poppler, xpdf: Insufficient sanitization of escape sequences in the error messages Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-03-17
    modified2013-10-01
    plugin id70237
    published2013-10-01
    reporterThis script is Copyright (C) 2013-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/70237
    titleFedora 19 : xpdf-3.03-8.fc19 (2013-17397)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2013-15013.NASL
    descriptionThis update fixes a problem with escaping of error messages (CVE-2012-2142). Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-03-17
    modified2013-09-04
    plugin id69772
    published2013-09-04
    reporterThis script is Copyright (C) 2013-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/69772
    titleFedora 18 : poppler-0.20.2-16.fc18 (2013-15013)

References