A heap-based buffer underwrite exists in ImageStream::getLine() located at Stream.cc in Poppler 0.74.0 that can (for example) be triggered by sending a crafted PDF file to the pdfimages binary. It allows an attacker to cause Denial of Service (Segmentation fault) or possibly have unspecified other impact.

  • Published Date: Tuesday 26th of February 2019 06:29:00 PM
  • Modified Date: Saturday 6th of April 2019 06:29:00 PM
  • Download Mageni's Vulnerability Scanning Platform.

    No credit card is required to download the Free Edition. Register now.