Skip to main content

Poppler CVE-2017-7511

MEDIUM
NULL Pointer Dereference (CWE-476)
2017-05-30 secalert@redhat.com
5.5
CVSS 3.0 · NVD
Share

Severity by source

NVD PRIMARY
5.5 MEDIUM
AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

1
CVE Published
May 30, 2017 - 18:29 cve.org
MEDIUM 5.5

DescriptionCVE.org

poppler since version 0.17.3 has been vulnerable to NULL pointer dereference in pdfunite triggered by specially crafted documents.

AnalysisAI

poppler since version 0.17.3 has been vulnerable to NULL pointer dereference in pdfunite triggered by specially crafted documents. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Technical ContextAI

This vulnerability is classified as NULL Pointer Dereference (CWE-476), which allows attackers to crash the application by dereferencing a null pointer. poppler since version 0.17.3 has been vulnerable to NULL pointer dereference in pdfunite triggered by specially crafted documents. Affected products include: Freedesktop Poppler. Version information: version 0.17.3.

RemediationAI

A vendor patch is available. Apply the latest security update as soon as possible. Check pointers before dereferencing. Use static analysis tools to detect null pointer paths.

CVE-2013-4474 MEDIUM POC
5.0 Nov 23

Format string vulnerability in the extractPages function in utils/pdfseparate.cc in poppler before 0.24.3 allows remote

CVE-2017-2820 HIGH POC
8.8 Jul 12

An exploitable integer overflow vulnerability exists in the JPEG 2000 image parsing functionality of freedesktop.org Pop

CVE-2017-15565 HIGH POC
8.8 Oct 17

In Poppler 0.59.0, a NULL Pointer Dereference exists in the GfxImageColorMap::getGrayLine() function in GfxState.cc via

CVE-2019-12293 HIGH POC
8.8 May 23

In Poppler through 0.76.1, there is a heap-based buffer over-read in JPXStream::init in JPEG2000Stream.cc via data with

CVE-2019-10872 HIGH POC
8.8 Apr 05

An issue was discovered in Poppler 0.74.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, n

CVE-2019-9545 HIGH POC
8.8 Mar 01

An issue was discovered in Poppler 0.74.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, n

CVE-2019-9543 HIGH POC
8.8 Mar 01

An issue was discovered in Poppler 0.74.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, n

CVE-2019-9200 HIGH POC
8.8 Feb 26

A heap-based buffer underwrite exists in ImageStream::getLine() located at Stream.cc in Poppler 0.74.0 that can (for exa

CVE-2013-4473 HIGH POC
7.5 Nov 23

Stack-based buffer overflow in the extractPages function in utils/pdfseparate.cc in poppler before 0.24.2 allows remote

CVE-2017-14518 HIGH POC
7.8 Sep 17

In Poppler 0.59.0, a floating point exception exists in the isImageInterpolationRequired() function in Splash.cc via a c

CVE-2017-14520 HIGH POC
7.8 Sep 17

In Poppler 0.59.0, a floating point exception occurs in Splash::scaleImageYuXd() in Splash.cc, which may lead to a poten

CVE-2022-38784 HIGH POC
7.8 Aug 30

Poppler prior to and including 22.08.0 contains an integer overflow in the JBIG2 decoder (JBIG2Stream::readTextRegionSeg

Share

CVE-2017-7511 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy