CVSS Base Vector:
The remote host is missing an update for the 'poppler'
Linux Distribution Package(s) announced via the DSA-1963-1 advisory.
Checks if a vulnerable Linux Distribution Package version is present on the target host.
Two buffer allocation issues were identified in poppler.
An unexpected negative length value can cause an integer
overflow, which in turn making it possible to allocate a large
memory chunk on the heap with size controlled by an attacker.
The RGB data are considered CMYK data and hence it reads 4 bytes
instead of 3 bytes at the end of the image. The fixed version
defines SPLASH_CMYK which is the upstream recommended solution.
'poppler' Linux Distribution Package(s) on Debian Linux.
For Debian 8 'Jessie', these problems have been fixed in version
We recommend that you upgrade your poppler Linux Distribution Packages.
Linux Distribution Package
Debian Local Security Checks
Find and Fix this Vulnerability:
Mageni can help you to find out if you have this or more vulnerabilities exposing you to hackers, ransomware and malware: Download Mageni's Free Edition
NVD CVE ID: