Published: 02/06/2017 Updated: 03/10/2019

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

In Poppler 0.54.0, a memory leak vulnerability was found in the function gmalloc in gmem.cc, which allows malicious users to cause a denial of service via a crafted file.

Vulnerable Product	Search on Vulmon	Subscribe to Product
freedesktop poppler 0.54.0
debian debian linux 9.0
debian debian linux 8.0

poppler could be made to crash or run programs as your login if it opened a specially crafted file ...

Multiple vulnerabilities were discovered in the poppler PDF rendering library, which could result in denial of service or the execution of arbitrary code if a malformed PDF file is processed For the oldstable distribution (jessie), these problems have been fixed in version 0265-2+deb8u2 For the stable distribution (stretch), these problems have ...

Debian Bug report logs - #865679 poppler: CVE-2017-9776: integer overflow leading to heap buffer overflow in JBIG2Streamcc via a crafted PDF document Package: src:poppler; Maintainer for src:poppler is Debian freedesktoporg maintainers <pkg-freedesktop-maintainers@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso ...

Debian Bug report logs - #863759 poppler: CVE-2017-7511 Package: src:poppler; Maintainer for src:poppler is Debian freedesktoporg maintainers <pkg-freedesktop-maintainers@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Wed, 31 May 2017 06:09:02 UTC Severity: normal Tags: fixed-u ...

Debian Bug report logs - #867477 poppler: CVE-2017-9865 stack-based overflow leading to denial-of-service Package: poppler; Maintainer for poppler is Debian freedesktoporg maintainers <pkg-freedesktop-maintainers@listsaliothdebianorg>; Reported by: Antoine Beaupre <anarcat@orangeseedsorg> Date: Thu, 6 Jul 2017 1 ...

Debian Bug report logs - #865680 poppler: CVE-2017-9775: stack buffer overflow in GfxStatecc Package: src:poppler; Maintainer for src:poppler is Debian freedesktoporg maintainers <pkg-freedesktop-maintainers@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Fri, 23 Jun 2017 17:27: ...

Debian Bug report logs - #864009 poppler: CVE-2017-9408: memory leak in Object::initArray Package: src:poppler; Maintainer for src:poppler is Debian freedesktoporg maintainers <pkg-freedesktop-maintainers@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sat, 3 Jun 2017 03:09:01 U ...

Debian Bug report logs - #864010 poppler: CVE-2017-9406: memory leak parsing XRef entries Package: src:poppler; Maintainer for src:poppler is Debian freedesktoporg maintainers <pkg-freedesktop-maintainers@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sat, 3 Jun 2017 03:15:02 U ...

In Poppler 0540, a memory leak vulnerability was found in the function gmalloc in gmemcc, which allows attackers to cause a denial of service via a crafted file ...

CWE-772 https://bugs.freedesktop.org/show_bug.cgi?id=100775 https://www.debian.org/security/2018/dsa-4079 https://security.gentoo.org/glsa/201801-17 https://usn.ubuntu.com/3350-1/https://nvd.nist.gov

Get Started

CVE-2017-9406

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect