There is a NULL pointer dereference in the AnnotPath::getCoordsLength function in Annot.h in an Ubuntu package for Poppler 0.24.5. A crafted input will lead to a remote denial of service attack. Later Ubuntu packages such as for Poppler 0.41.0 are not affected.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
freedesktop poppler |
||
canonical ubuntu linux 14.04 |
||
debian debian linux 8.0 |
||
redhat ansible tower 3.3 |
||
redhat enterprise linux desktop 7.0 |
||
redhat enterprise linux server 7.0 |
||
redhat enterprise linux workstation 7.0 |