Published: 09/01/2020 Updated: 15/01/2020

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8

VMScore: 605

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

The error function in Error.cc in poppler prior to 0.21.4 allows remote malicious users to execute arbitrary commands via a PDF containing an escape sequence for a terminal emulator.

Vulnerable Product	Search on Vulmon	Subscribe to Product
freedesktop poppler
xpdfreader xpdf 3.02
redhat enterprise linux 5.0
redhat enterprise linux 6.0
opensuse opensuse 12.2

Debian Bug report logs - #487773 poppler: un-sanitized error messages (CVE-2012-2142) Package: src:poppler; Maintainer for src:poppler is Debian freedesktoporg maintainers <pkg-freedesktop-maintainers@listsaliothdebianorg>; Reported by: Daniel Kahn Gillmor <dkg@fifthhorsemannet> Date: Tue, 24 Jun 2008 01:12:01 UT ...

NVD-CWE-Other http://www.openwall.com/lists/oss-security/2013/08/09/5 https://bugzilla.redhat.com/show_bug.cgi?id=789936 http://www.openwall.com/lists/oss-security/2013/08/09/6 http://cgit.freedesktop.org/poppler/poppler/commit/?id=71bad47ed6a36d825b0d08992c8db56845c71e40 http://cgit.freedesktop.org/poppler/poppler/commit/NEWS?id=2bc48d5369f1dbecfc4db2878f33bdeb80d8d90f http://lists.opensuse.org/opensuse-updates/2013-08/msg00049.html https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=487773 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2012-2142

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect