Debian LTS Advisory ([SECURITY] [DLA 1815-1] poppler security update)

Published: 2019-06-07 02:00:09
CVE Author: NIST National Vulnerability Database (NVD)

CVSS Base Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P

Summary:
The remote host is missing an update for the 'poppler' Linux Distribution Package(s) announced via the DSA-1815-1 advisory.

Detection Method:
Checks if a vulnerable Linux Distribution Package version is present on the target host.

Technical Details:
Several vulnerabilities have been found in the poppler PDF rendering library, which could result in denial of service or possibly other unspecified impact when processing malformed or maliciously crafted files.

Affected Versions:
'poppler' Linux Distribution Package(s) on Debian Linux.

Recommendations:
For Debian 8 'Jessie', these problems have been fixed in version 0.26.5-2+deb8u10. We recommend that you upgrade your poppler Linux Distribution Packages.

Solution Type:
Vendor Patch

Detection Type:
Linux Distribution Package

NIST (National Institute of Standards and Technology) NVD (National Vulnerability Database)

https://nvd.nist.gov/vuln/detail/CVE-2019-10872
https://nvd.nist.gov/vuln/detail/CVE-2019-12293
https://nvd.nist.gov/vuln/detail/CVE-2019-12360

References:

https://lists.debian.org/debian-lts-announce/2019/06/msg00002.html
https://security-tracker.debian.org/tracker/DLA-1815-1

Search
Severity
Medium
CVSS Score
6.8

You never have to pay for a vulnerability scanning and management software again.

Tired of paying a subscription 'per asset' or 'per IP'? Well you can officially cancel your current subscription. Mageni provides a free, open source and enterprise-ready vulnerability scanning and management platform which helps you to find, prioritize, remediate and manage your vulnerabilities. It is free and always will be.