CVE-2008-1693 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	6.8 UNKNOWN	NETWORK	MEDIUM		AV:N/AC:M/Au:N/C:P/I:P/A:P
canonical	CNA	---				---
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 91%

Vendor	Product	Version
poppler	poppler	𝑥 ≤ 0.7.3
poppler	poppler	0.1
poppler	poppler	0.1.1
poppler	poppler	0.1.2
poppler	poppler	0.2.0
poppler	poppler	0.3.0
poppler	poppler	0.3.1
poppler	poppler	0.3.2
poppler	poppler	0.3.3
poppler	poppler	0.4.0
poppler	poppler	0.4.1
poppler	poppler	0.4.2
poppler	poppler	0.4.3
poppler	poppler	0.4.4
poppler	poppler	0.5.0
poppler	poppler	0.5.1
poppler	poppler	0.5.2
poppler	poppler	0.5.3
poppler	poppler	0.5.4
poppler	poppler	0.5.9
poppler	poppler	0.5.91
poppler	poppler	0.6.0
poppler	poppler	0.6.1
poppler	poppler	0.6.2
poppler	poppler	0.6.3
poppler	poppler	0.6.4
poppler	poppler	0.7.0
poppler	poppler	0.7.1
poppler	poppler	0.7.2

𝑥

= Vulnerable software versions

Debian Releases

Debian Product

Codename

poppler

bullseye (security)	20.09.0-3.1+deb11u1 fixed
bullseye	20.09.0-3.1+deb11u1 fixed
bookworm	22.12.0-2 fixed
sid	24.08.0-3 fixed
trixie	24.08.0-3 fixed

texlive-base

bullseye	2020.20210202-3 fixed
bookworm	2022.20230122-3 fixed
trixie	2024.20240829-2 fixed
sid	2024.20241102-1 fixed

texlive-bin

bullseye	2020.20200327.54578-7+deb11u1 fixed
bullseye (security)	2020.20200327.54578-7+deb11u2 fixed
bookworm	2022.20220321.62855-5.1+deb12u1 fixed
trixie	2024.20240313.70630+ds-4 fixed
sid	2024.20240313.70630+ds-5 fixed

xpdf

bullseye	3.04+git20210103-3 fixed
bookworm	3.04+git20220601-1 fixed
sid	3.04+git20240613-1 fixed
trixie	3.04+git20240613-1 fixed

Ubuntu Releases

Ubuntu Product

Codename

gpdf

karmic	dne
jaunty	dne
intrepid	dne
hardy	dne
gutsy	dne
feisty	dne
edgy	ignored
dapper	ignored

ipe

karmic	not-affected
jaunty	not-affected
intrepid	not-affected
hardy	not-affected
gutsy	not-affected
feisty	not-affected
edgy	not-affected
dapper	not-affected

kdegraphics

karmic	not-affected
jaunty	not-affected
intrepid	not-affected
hardy	not-affected
gutsy	not-affected
feisty	not-affected
edgy	not-affected
dapper	not-affected

koffice

karmic	not-affected
jaunty	not-affected
intrepid	not-affected
hardy	Fixed 1:1.6.3-4ubuntu7 released
gutsy	Fixed 1:1.6.3-0ubuntu5.2 released
feisty	Fixed 1:1.6.2-0ubuntu1.3 released
edgy	Fixed 1:1.5.2-0ubuntu2.4 released
dapper	Fixed 1:1.5.0-0ubuntu9.4 released

libextractor

karmic	not-affected
jaunty	not-affected
intrepid	not-affected
hardy	not-affected
gutsy	ignored
feisty	ignored
edgy	ignored
dapper	ignored

pdfkit.framework

karmic	dne
jaunty	dne
intrepid	dne
hardy	dne
gutsy	dne
feisty	ignored
edgy	ignored
dapper	ignored

pdftohtml

karmic	dne
jaunty	dne
intrepid	dne
hardy	dne
gutsy	dne
feisty	ignored
edgy	ignored
dapper	ignored

poppler

karmic	not-affected
jaunty	not-affected
intrepid	not-affected
hardy	Fixed 0.6.4-1ubuntu1 released
gutsy	Fixed 0.6-0ubuntu2.2 released
feisty	Fixed 0.5.4-0ubuntu8.3 released
edgy	Fixed 0.5.4-0ubuntu4.4 released
dapper	Fixed 0.5.1-0ubuntu7.4 released

tetex-bin

karmic	dne
jaunty	dne
intrepid	dne
hardy	dne
gutsy	dne
feisty	not-affected
edgy	not-affected
dapper	not-affected

texlive-bin

karmic	not-affected
jaunty	not-affected
intrepid	not-affected
hardy	not-affected
gutsy	not-affected
feisty	not-affected
edgy	not-affected
dapper	dne

xpdf

karmic	not-affected
jaunty	not-affected
intrepid	not-affected
hardy	not-affected
gutsy	ignored
feisty	ignored
edgy	ignored
dapper	ignored

Common Weakness Enumeration

CWE-20 - Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References

http://lists.opensuse.org/opensuse-security-announce/2008-05/msg00000.html

http://secunia.com/advisories/29816

http://secunia.com/advisories/29834

http://secunia.com/advisories/29836

http://secunia.com/advisories/29851

http://secunia.com/advisories/29853

http://secunia.com/advisories/29868

http://secunia.com/advisories/29869

http://secunia.com/advisories/29884

http://secunia.com/advisories/29885

http://secunia.com/advisories/30019

http://secunia.com/advisories/30033

http://secunia.com/advisories/30717

http://secunia.com/advisories/31035

http://security.gentoo.org/glsa/glsa-200804-18.xml

http://securitytracker.com/id?1019893

http://www.debian.org/security/2008/dsa-1548

http://www.debian.org/security/2008/dsa-1606

http://www.mandriva.com/security/advisories?name=MDVSA-2008:089

http://www.mandriva.com/security/advisories?name=MDVSA-2008:173

http://www.mandriva.com/security/advisories?name=MDVSA-2008:197

http://www.novell.com/linux/security/advisories/2008_13_sr.html

http://www.redhat.com/support/errata/RHSA-2008-0238.html

http://www.redhat.com/support/errata/RHSA-2008-0239.html

http://www.redhat.com/support/errata/RHSA-2008-0240.html

http://www.redhat.com/support/errata/RHSA-2008-0262.html

http://www.securityfocus.com/bid/28830

http://www.ubuntu.com/usn/usn-603-1

http://www.ubuntu.com/usn/usn-603-2

http://www.vupen.com/english/advisories/2008/1265/references

http://www.vupen.com/english/advisories/2008/1266/references

https://exchange.xforce.ibmcloud.com/vulnerabilities/41884

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11226

https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00522.html

http://lists.opensuse.org/opensuse-security-announce/2008-05/msg00000.html

http://secunia.com/advisories/29816

http://secunia.com/advisories/29834

http://secunia.com/advisories/29836

http://secunia.com/advisories/29851

http://secunia.com/advisories/29853

http://secunia.com/advisories/29868

http://secunia.com/advisories/29869

http://secunia.com/advisories/29884

http://secunia.com/advisories/29885

http://secunia.com/advisories/30019

http://secunia.com/advisories/30033

http://secunia.com/advisories/30717

http://secunia.com/advisories/31035

http://security.gentoo.org/glsa/glsa-200804-18.xml

http://securitytracker.com/id?1019893

http://www.debian.org/security/2008/dsa-1548

http://www.debian.org/security/2008/dsa-1606

http://www.mandriva.com/security/advisories?name=MDVSA-2008:089

http://www.mandriva.com/security/advisories?name=MDVSA-2008:173

http://www.mandriva.com/security/advisories?name=MDVSA-2008:197

http://www.novell.com/linux/security/advisories/2008_13_sr.html

http://www.redhat.com/support/errata/RHSA-2008-0238.html

http://www.redhat.com/support/errata/RHSA-2008-0239.html

http://www.redhat.com/support/errata/RHSA-2008-0240.html

http://www.redhat.com/support/errata/RHSA-2008-0262.html

http://www.securityfocus.com/bid/28830

http://www.ubuntu.com/usn/usn-603-1

http://www.ubuntu.com/usn/usn-603-2

http://www.vupen.com/english/advisories/2008/1265/references

http://www.vupen.com/english/advisories/2008/1266/references

https://exchange.xforce.ibmcloud.com/vulnerabilities/41884

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11226

https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00522.html