Vulnerabilities > CVE-2017-9865 - Out-of-bounds Read vulnerability in multiple products
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
HIGH Summary
The function GfxImageColorMap::getGray in GfxState.cc in Poppler 0.54.0 allows remote attackers to cause a denial of service (stack-based buffer over-read and application crash) via a crafted PDF document, related to missing color-map validation in ImageOutputDev.cc.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 | |
| OS | 2 |
Common Weakness Enumeration (CWE)
Common Attack Pattern Enumeration and Classification (CAPEC)
- Overread Buffers An adversary attacks a target by providing input that causes an application to read beyond the boundary of a defined buffer. This typically occurs when a value influencing where to start or stop reading is set to reflect positions outside of the valid memory location of the buffer. This type of attack may result in exposure of sensitive information, a system crash, or arbitrary code execution.
Nessus
NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-4042-1.NASL description It was discovered that poppler incorrectly handled certain files. If a user or automated system were tricked into opening a crafted PDF file, an attacker could cause a denial of service, or possibly execute arbitrary code. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 126375 published 2019-07-01 reporter Ubuntu Security Notice (C) 2019-2020 Canonical, Inc. / NASL script (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/126375 title Ubuntu 16.04 LTS / 18.04 LTS / 18.10 / 19.04 : poppler vulnerabilities (USN-4042-1) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Ubuntu Security Notice USN-4042-1. The text # itself is copyright (C) Canonical, Inc. See # <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered # trademark of Canonical, Inc. # include("compat.inc"); if (description) { script_id(126375); script_version("1.3"); script_cvs_date("Date: 2020/01/08"); script_cve_id("CVE-2017-9865", "CVE-2018-18897", "CVE-2018-20662", "CVE-2019-10018", "CVE-2019-10019", "CVE-2019-10021", "CVE-2019-10023", "CVE-2019-10872", "CVE-2019-10873", "CVE-2019-12293", "CVE-2019-9200", "CVE-2019-9631", "CVE-2019-9903"); script_xref(name:"USN", value:"4042-1"); script_name(english:"Ubuntu 16.04 LTS / 18.04 LTS / 18.10 / 19.04 : poppler vulnerabilities (USN-4042-1)"); script_summary(english:"Checks dpkg output for updated packages."); script_set_attribute( attribute:"synopsis", value: "The remote Ubuntu host is missing one or more security-related patches." ); script_set_attribute( attribute:"description", value: "It was discovered that poppler incorrectly handled certain files. If a user or automated system were tricked into opening a crafted PDF file, an attacker could cause a denial of service, or possibly execute arbitrary code. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://usn.ubuntu.com/4042-1/" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libpoppler58"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libpoppler73"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libpoppler79"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libpoppler85"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:poppler-utils"); script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:16.04"); script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:18.04:-:lts"); script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:18.10"); script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:19.04"); script_set_attribute(attribute:"vuln_publication_date", value:"2017/06/25"); script_set_attribute(attribute:"patch_publication_date", value:"2019/06/27"); script_set_attribute(attribute:"plugin_publication_date", value:"2019/07/01"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"Ubuntu Security Notice (C) 2019-2020 Canonical, Inc. / NASL script (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Ubuntu Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l"); exit(0); } include("audit.inc"); include("ubuntu.inc"); include("misc_func.inc"); if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/Ubuntu/release"); if ( isnull(release) ) audit(AUDIT_OS_NOT, "Ubuntu"); release = chomp(release); if (! preg(pattern:"^(16\.04|18\.04|18\.10|19\.04)$", string:release)) audit(AUDIT_OS_NOT, "Ubuntu 16.04 / 18.04 / 18.10 / 19.04", "Ubuntu " + release); if ( ! get_kb_item("Host/Debian/dpkg-l") ) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Ubuntu", cpu); flag = 0; if (ubuntu_check(osver:"16.04", pkgname:"libpoppler58", pkgver:"0.41.0-0ubuntu1.14")) flag++; if (ubuntu_check(osver:"16.04", pkgname:"poppler-utils", pkgver:"0.41.0-0ubuntu1.14")) flag++; if (ubuntu_check(osver:"18.04", pkgname:"libpoppler73", pkgver:"0.62.0-2ubuntu2.9")) flag++; if (ubuntu_check(osver:"18.04", pkgname:"poppler-utils", pkgver:"0.62.0-2ubuntu2.9")) flag++; if (ubuntu_check(osver:"18.10", pkgname:"libpoppler79", pkgver:"0.68.0-0ubuntu1.7")) flag++; if (ubuntu_check(osver:"18.10", pkgname:"poppler-utils", pkgver:"0.68.0-0ubuntu1.7")) flag++; if (ubuntu_check(osver:"19.04", pkgname:"libpoppler85", pkgver:"0.74.0-0ubuntu1.2")) flag++; if (ubuntu_check(osver:"19.04", pkgname:"poppler-utils", pkgver:"0.74.0-0ubuntu1.2")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : ubuntu_report_get() ); exit(0); } else { tested = ubuntu_pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libpoppler58 / libpoppler73 / libpoppler79 / libpoppler85 / etc"); }NASL family Debian Local Security Checks NASL id DEBIAN_DLA-1074.NASL description Several buffer and integer overflow issues were discovered in Poppler, a PDF library, that could lead to application crash or possibly other unspecified impact via maliciously crafted files. For Debian 7 last seen 2020-03-17 modified 2017-08-30 plugin id 102823 published 2017-08-30 reporter This script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/102823 title Debian DLA-1074-1 : poppler security update code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Debian Security Advisory DLA-1074-1. The text # itself is copyright (C) Software in the Public Interest, Inc. # include("compat.inc"); if (description) { script_id(102823); script_version("3.7"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/12"); script_cve_id("CVE-2013-4473", "CVE-2013-4474", "CVE-2017-9775", "CVE-2017-9776", "CVE-2017-9865"); script_bugtraq_id(63368, 63374); script_name(english:"Debian DLA-1074-1 : poppler security update"); script_summary(english:"Checks dpkg output for the updated packages."); script_set_attribute( attribute:"synopsis", value:"The remote Debian host is missing a security update." ); script_set_attribute( attribute:"description", value: "Several buffer and integer overflow issues were discovered in Poppler, a PDF library, that could lead to application crash or possibly other unspecified impact via maliciously crafted files. For Debian 7 'Wheezy', these problems have been fixed in version 0.18.4-6+deb7u2. We recommend that you upgrade your poppler packages. NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://lists.debian.org/debian-lts-announce/2017/08/msg00025.html" ); script_set_attribute( attribute:"see_also", value:"https://packages.debian.org/source/wheezy/poppler" ); script_set_attribute(attribute:"solution", value:"Upgrade the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:gir1.2-poppler-0.18"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libpoppler-cpp-dev"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libpoppler-cpp0"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libpoppler-dev"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libpoppler-glib-dev"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libpoppler-glib8"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libpoppler-private-dev"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libpoppler-qt4-3"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libpoppler-qt4-dev"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libpoppler19"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:poppler-dbg"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:poppler-utils"); script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:7.0"); script_set_attribute(attribute:"patch_publication_date", value:"2017/08/29"); script_set_attribute(attribute:"plugin_publication_date", value:"2017/08/30"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Debian Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l"); exit(0); } include("audit.inc"); include("debian_package.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian"); if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (deb_check(release:"7.0", prefix:"gir1.2-poppler-0.18", reference:"0.18.4-6+deb7u2")) flag++; if (deb_check(release:"7.0", prefix:"libpoppler-cpp-dev", reference:"0.18.4-6+deb7u2")) flag++; if (deb_check(release:"7.0", prefix:"libpoppler-cpp0", reference:"0.18.4-6+deb7u2")) flag++; if (deb_check(release:"7.0", prefix:"libpoppler-dev", reference:"0.18.4-6+deb7u2")) flag++; if (deb_check(release:"7.0", prefix:"libpoppler-glib-dev", reference:"0.18.4-6+deb7u2")) flag++; if (deb_check(release:"7.0", prefix:"libpoppler-glib8", reference:"0.18.4-6+deb7u2")) flag++; if (deb_check(release:"7.0", prefix:"libpoppler-private-dev", reference:"0.18.4-6+deb7u2")) flag++; if (deb_check(release:"7.0", prefix:"libpoppler-qt4-3", reference:"0.18.4-6+deb7u2")) flag++; if (deb_check(release:"7.0", prefix:"libpoppler-qt4-dev", reference:"0.18.4-6+deb7u2")) flag++; if (deb_check(release:"7.0", prefix:"libpoppler19", reference:"0.18.4-6+deb7u2")) flag++; if (deb_check(release:"7.0", prefix:"poppler-dbg", reference:"0.18.4-6+deb7u2")) flag++; if (deb_check(release:"7.0", prefix:"poppler-utils", reference:"0.18.4-6+deb7u2")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get()); else security_hole(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-201801-17.NASL description The remote host is affected by the vulnerability described in GLSA-201801-17 (Poppler: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in Poppler. Please review the CVE identifiers referenced below for details. Impact : A remote attacker, by enticing a user to open a specially crafted PDF, could execute arbitrary code or cause a Denial of Service condition. Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 106116 published 2018-01-18 reporter This script is Copyright (C) 2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/106116 title GLSA-201801-17 : Poppler: Multiple vulnerabilities code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Gentoo Linux Security Advisory GLSA 201801-17. # # The advisory text is Copyright (C) 2001-2018 Gentoo Foundation, Inc. # and licensed under the Creative Commons - Attribution / Share Alike # license. See http://creativecommons.org/licenses/by-sa/3.0/ # include("compat.inc"); if (description) { script_id(106116); script_version("3.3"); script_cvs_date("Date: 2018/06/07 13:15:38"); script_cve_id("CVE-2017-2820", "CVE-2017-7511", "CVE-2017-9083", "CVE-2017-9406", "CVE-2017-9408", "CVE-2017-9865"); script_xref(name:"GLSA", value:"201801-17"); script_name(english:"GLSA-201801-17 : Poppler: Multiple vulnerabilities"); script_summary(english:"Checks for updated package(s) in /var/db/pkg"); script_set_attribute( attribute:"synopsis", value: "The remote Gentoo host is missing one or more security-related patches." ); script_set_attribute( attribute:"description", value: "The remote host is affected by the vulnerability described in GLSA-201801-17 (Poppler: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in Poppler. Please review the CVE identifiers referenced below for details. Impact : A remote attacker, by enticing a user to open a specially crafted PDF, could execute arbitrary code or cause a Denial of Service condition. Workaround : There is no known workaround at this time." ); script_set_attribute( attribute:"see_also", value:"https://security.gentoo.org/glsa/201801-17" ); script_set_attribute( attribute:"solution", value: "All Poppler users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=app-text/poppler-0.57.0-r1'" ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:poppler"); script_set_attribute(attribute:"cpe", value:"cpe:/o:gentoo:linux"); script_set_attribute(attribute:"patch_publication_date", value:"2018/01/17"); script_set_attribute(attribute:"plugin_publication_date", value:"2018/01/18"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2018 Tenable Network Security, Inc."); script_family(english:"Gentoo Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("qpkg.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Gentoo/release")) audit(AUDIT_OS_NOT, "Gentoo"); if (!get_kb_item("Host/Gentoo/qpkg-list")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (qpkg_check(package:"app-text/poppler", unaffected:make_list("ge 0.57.0-r1"), vulnerable:make_list("lt 0.57.0-r1"))) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get()); else security_warning(0); exit(0); } else { tested = qpkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "Poppler"); }NASL family Debian Local Security Checks NASL id DEBIAN_DSA-4079.NASL description Multiple vulnerabilities were discovered in the poppler PDF rendering library, which could result in denial of service or the execution of arbitrary code if a malformed PDF file is processed. last seen 2020-06-01 modified 2020-06-02 plugin id 105623 published 2018-01-08 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/105623 title Debian DSA-4079-1 : poppler - security update code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Debian Security Advisory DSA-4079. The text # itself is copyright (C) Software in the Public Interest, Inc. # include("compat.inc"); if (description) { script_id(105623); script_version("3.8"); script_cvs_date("Date: 2019/03/15 10:28:27"); script_cve_id("CVE-2017-14517", "CVE-2017-14518", "CVE-2017-14519", "CVE-2017-14520", "CVE-2017-14975", "CVE-2017-14976", "CVE-2017-14977", "CVE-2017-15565", "CVE-2017-9406", "CVE-2017-9408", "CVE-2017-9775", "CVE-2017-9776", "CVE-2017-9865"); script_xref(name:"DSA", value:"4079"); script_name(english:"Debian DSA-4079-1 : poppler - security update"); script_summary(english:"Checks dpkg output for the updated package"); script_set_attribute( attribute:"synopsis", value:"The remote Debian host is missing a security-related update." ); script_set_attribute( attribute:"description", value: "Multiple vulnerabilities were discovered in the poppler PDF rendering library, which could result in denial of service or the execution of arbitrary code if a malformed PDF file is processed." ); script_set_attribute( attribute:"see_also", value:"https://security-tracker.debian.org/tracker/source-package/poppler" ); script_set_attribute( attribute:"see_also", value:"https://packages.debian.org/source/jessie/poppler" ); script_set_attribute( attribute:"see_also", value:"https://packages.debian.org/source/stretch/poppler" ); script_set_attribute( attribute:"see_also", value:"https://www.debian.org/security/2018/dsa-4079" ); script_set_attribute( attribute:"solution", value: "Upgrade the poppler packages. For the oldstable distribution (jessie), these problems have been fixed in version 0.26.5-2+deb8u2. For the stable distribution (stretch), these problems have been fixed in version 0.48.0-2+deb9u1." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:poppler"); script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:8.0"); script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:9.0"); script_set_attribute(attribute:"vuln_publication_date", value:"2017/06/02"); script_set_attribute(attribute:"patch_publication_date", value:"2018/01/07"); script_set_attribute(attribute:"plugin_publication_date", value:"2018/01/08"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Debian Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l"); exit(0); } include("audit.inc"); include("debian_package.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian"); if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (deb_check(release:"8.0", prefix:"gir1.2-poppler-0.18", reference:"0.26.5-2+deb8u2")) flag++; if (deb_check(release:"8.0", prefix:"libpoppler-cpp-dev", reference:"0.26.5-2+deb8u2")) flag++; if (deb_check(release:"8.0", prefix:"libpoppler-cpp0", reference:"0.26.5-2+deb8u2")) flag++; if (deb_check(release:"8.0", prefix:"libpoppler-dev", reference:"0.26.5-2+deb8u2")) flag++; if (deb_check(release:"8.0", prefix:"libpoppler-glib-dev", reference:"0.26.5-2+deb8u2")) flag++; if (deb_check(release:"8.0", prefix:"libpoppler-glib-doc", reference:"0.26.5-2+deb8u2")) flag++; if (deb_check(release:"8.0", prefix:"libpoppler-glib8", reference:"0.26.5-2+deb8u2")) flag++; if (deb_check(release:"8.0", prefix:"libpoppler-private-dev", reference:"0.26.5-2+deb8u2")) flag++; if (deb_check(release:"8.0", prefix:"libpoppler-qt4-4", reference:"0.26.5-2+deb8u2")) flag++; if (deb_check(release:"8.0", prefix:"libpoppler-qt4-dev", reference:"0.26.5-2+deb8u2")) flag++; if (deb_check(release:"8.0", prefix:"libpoppler-qt5-1", reference:"0.26.5-2+deb8u2")) flag++; if (deb_check(release:"8.0", prefix:"libpoppler-qt5-dev", reference:"0.26.5-2+deb8u2")) flag++; if (deb_check(release:"8.0", prefix:"libpoppler46", reference:"0.26.5-2+deb8u2")) flag++; if (deb_check(release:"8.0", prefix:"poppler-dbg", reference:"0.26.5-2+deb8u2")) flag++; if (deb_check(release:"8.0", prefix:"poppler-utils", reference:"0.26.5-2+deb8u2")) flag++; if (deb_check(release:"9.0", prefix:"gir1.2-poppler-0.18", reference:"0.48.0-2+deb9u1")) flag++; if (deb_check(release:"9.0", prefix:"libpoppler-cpp-dev", reference:"0.48.0-2+deb9u1")) flag++; if (deb_check(release:"9.0", prefix:"libpoppler-cpp0v5", reference:"0.48.0-2+deb9u1")) flag++; if (deb_check(release:"9.0", prefix:"libpoppler-dev", reference:"0.48.0-2+deb9u1")) flag++; if (deb_check(release:"9.0", prefix:"libpoppler-glib-dev", reference:"0.48.0-2+deb9u1")) flag++; if (deb_check(release:"9.0", prefix:"libpoppler-glib-doc", reference:"0.48.0-2+deb9u1")) flag++; if (deb_check(release:"9.0", prefix:"libpoppler-glib8", reference:"0.48.0-2+deb9u1")) flag++; if (deb_check(release:"9.0", prefix:"libpoppler-private-dev", reference:"0.48.0-2+deb9u1")) flag++; if (deb_check(release:"9.0", prefix:"libpoppler-qt4-4", reference:"0.48.0-2+deb9u1")) flag++; if (deb_check(release:"9.0", prefix:"libpoppler-qt4-dev", reference:"0.48.0-2+deb9u1")) flag++; if (deb_check(release:"9.0", prefix:"libpoppler-qt5-1", reference:"0.48.0-2+deb9u1")) flag++; if (deb_check(release:"9.0", prefix:"libpoppler-qt5-dev", reference:"0.48.0-2+deb9u1")) flag++; if (deb_check(release:"9.0", prefix:"libpoppler64", reference:"0.48.0-2+deb9u1")) flag++; if (deb_check(release:"9.0", prefix:"poppler-dbg", reference:"0.48.0-2+deb9u1")) flag++; if (deb_check(release:"9.0", prefix:"poppler-utils", reference:"0.48.0-2+deb9u1")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get()); else security_warning(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");NASL family Fedora Local Security Checks NASL id FEDORA_2017-93868169A0.NASL description This update fixes multiple security vulnerabilities (CVE-2017-7515, CVE-2017-9775, CVE-2017-9776, CVE-2017-9865). Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-05 modified 2017-08-11 plugin id 102397 published 2017-08-11 reporter This script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/102397 title Fedora 24 : mingw-poppler (2017-93868169a0) NASL family SuSE Local Security Checks NASL id OPENSUSE-2018-648.NASL description This update for poppler fixes the following issues : These security issues were fixed : - CVE-2017-14517: Prevent NULL pointer dereference in the XRef::parseEntry() function via a crafted PDF document (bsc#1059066). - CVE-2017-9865: Fixed a stack-based buffer overflow vulnerability in GfxState.cc that would have allowed attackers to facilitate a denial-of-service attack via specially crafted PDF documents. (bsc#1045939) - CVE-2017-14518: Remedy a floating point exception in isImageInterpolationRequired() that could have been exploited using a specially crafted PDF document. (bsc#1059101) - CVE-2017-14520: Remedy a floating point exception in Splash::scaleImageYuXd() that could have been exploited using a specially crafted PDF document. (bsc#1059155) - CVE-2017-14617: Fixed a floating point exception in Stream.cc, which may lead to a potential attack when handling malicious PDF files. (bsc#1060220) - CVE-2017-14928: Fixed a NULL pointer dereference in AnnotRichMedia::Configuration::Configuration() in Annot.cc, which may lead to a potential attack when handling malicious PDF files. (bsc#1061092) - CVE-2017-14975: Fixed a NULL pointer dereference vulnerability, that existed because a data structure in FoFiType1C.cc was not initialized, which allowed an attacker to launch a denial of service attack. (bsc#1061263) - CVE-2017-14976: Fixed a heap-based buffer over-read vulnerability in FoFiType1C.cc that occurred when an out-of-bounds font dictionary index was encountered, which allowed an attacker to launch a denial of service attack. (bsc#1061264) - CVE-2017-14977: Fixed a NULL pointer dereference vulnerability in the FoFiTrueType::getCFFBlock() function in FoFiTrueType.cc that occurred due to lack of validation of a table pointer, which allows an attacker to launch a denial of service attack. (bsc#1061265) - CVE-2017-15565: Prevent NULL pointer dereference in the GfxImageColorMap::getGrayLine() function via a crafted PDF document (bsc#1064593). - CVE-2017-1000456: Validate boundaries in TextPool::addWord to prevent overflows in subsequent calculations (bsc#1074453). This update was imported from the SUSE:SLE-12-SP2:Update update project. last seen 2020-06-05 modified 2018-06-18 plugin id 110592 published 2018-06-18 reporter This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/110592 title openSUSE Security Update : poppler (openSUSE-2018-648) NASL family Fedora Local Security Checks NASL id FEDORA_2017-5112220E59.NASL description - various flaws: CVE-2017-7515 CVE-2017-9775 CVE-2017-9776 CVE-2017-9865 ---- - CVE-2017-9406 CVE-2017-9408 various memory leak flaws Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-05 modified 2017-07-17 plugin id 101633 published 2017-07-17 reporter This script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/101633 title Fedora 26 : poppler (2017-5112220e59) NASL family Fedora Local Security Checks NASL id FEDORA_2017-9FA2CEFA7A.NASL description This update fixes multiple security vulnerabilities (CVE-2017-7515, CVE-2017-9775, CVE-2017-9776, CVE-2017-9865). Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-05 modified 2017-07-28 plugin id 102028 published 2017-07-28 reporter This script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/102028 title Fedora 25 : mingw-poppler (2017-9fa2cefa7a) NASL family Fedora Local Security Checks NASL id FEDORA_2017-BBB664E0A0.NASL description This update fixes multiple security vulnerabilities (CVE-2017-7515, CVE-2017-9775, CVE-2017-9776, CVE-2017-9865). Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-05 modified 2017-07-28 plugin id 102029 published 2017-07-28 reporter This script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/102029 title Fedora 26 : mingw-poppler (2017-bbb664e0a0) NASL family Fedora Local Security Checks NASL id FEDORA_2017-7EAEC3353D.NASL description - various flaws: CVE-2017-7515 CVE-2017-9775 CVE-2017-9776 CVE-2017-9865 ---- - CVE-2017-9406 CVE-2017-9408 various memory leak flaws Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-05 modified 2017-07-19 plugin id 101796 published 2017-07-19 reporter This script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/101796 title Fedora 25 : poppler (2017-7eaec3353d) NASL family FreeBSD Local Security Checks NASL id FREEBSD_PKG_ECA2D86176F442ED89D223A2CB396C87.NASL description Poppler developers report : Poppler is prone to a stack-based buffer-overflow vulnerability. Successful exploits may allow attackers to crash the affected application, resulting in denial-of-service condition. Due to the nature of this issue, arbitrary code execution may be possible but this has not been confirmed. last seen 2020-06-01 modified 2020-06-02 plugin id 102725 published 2017-08-24 reporter This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/102725 title FreeBSD : poppler -- multiple denial of service issues (eca2d861-76f4-42ed-89d2-23a2cb396c87) NASL family SuSE Local Security Checks NASL id SUSE_SU-2018-1662-1.NASL description This update for poppler fixes the following issues: These security issues were fixed : - CVE-2017-14517: Prevent NULL pointer dereference in the XRef::parseEntry() function via a crafted PDF document (bsc#1059066). - CVE-2017-9865: Fixed a stack-based buffer overflow vulnerability in GfxState.cc that would have allowed attackers to facilitate a denial-of-service attack via specially crafted PDF documents. (bsc#1045939) - CVE-2017-14518: Remedy a floating point exception in isImageInterpolationRequired() that could have been exploited using a specially crafted PDF document. (bsc#1059101) - CVE-2017-14520: Remedy a floating point exception in Splash::scaleImageYuXd() that could have been exploited using a specially crafted PDF document. (bsc#1059155) - CVE-2017-14617: Fixed a floating point exception in Stream.cc, which may lead to a potential attack when handling malicious PDF files. (bsc#1060220) - CVE-2017-14928: Fixed a NULL pointer dereference in AnnotRichMedia::Configuration::Configuration() in Annot.cc, which may lead to a potential attack when handling malicious PDF files. (bsc#1061092) - CVE-2017-14975: Fixed a NULL pointer dereference vulnerability, that existed because a data structure in FoFiType1C.cc was not initialized, which allowed an attacker to launch a denial of service attack. (bsc#1061263) - CVE-2017-14976: Fixed a heap-based buffer over-read vulnerability in FoFiType1C.cc that occurred when an out-of-bounds font dictionary index was encountered, which allowed an attacker to launch a denial of service attack. (bsc#1061264) - CVE-2017-14977: Fixed a NULL pointer dereference vulnerability in the FoFiTrueType::getCFFBlock() function in FoFiTrueType.cc that occurred due to lack of validation of a table pointer, which allows an attacker to launch a denial of service attack. (bsc#1061265) - CVE-2017-15565: Prevent NULL pointer dereference in the GfxImageColorMap::getGrayLine() function via a crafted PDF document (bsc#1064593). - CVE-2017-1000456: Validate boundaries in TextPool::addWord to prevent overflows in subsequent calculations (bsc#1074453). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 110512 published 2018-06-13 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/110512 title SUSE SLED12 / SLES12 Security Update : poppler (SUSE-SU-2018:1662-1)