CVE-2018-20662
03.01.2019, 13:29
In Poppler 0.72.0, PDFDoc::setup in PDFDoc.cc allows attackers to cause a denial-of-service (application crash caused by Object.h SIGABRT, because of a wrong return value from PDFDoc::setup) by crafting a PDF file in which an xref data structure is mishandled during extractPDFSubtype processing.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| freedesktop | poppler | 0.72.0 |
| debian | debian_linux | 8.0 |
| debian | debian_linux | 9.0 |
| canonical | ubuntu_linux | 16.04 |
| canonical | ubuntu_linux | 18.04 |
| canonical | ubuntu_linux | 18.10 |
| canonical | ubuntu_linux | 19.04 |
| redhat | enterprise_linux | 8.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_eus | 8.1 |
| redhat | enterprise_linux_eus | 8.2 |
| redhat | enterprise_linux_eus | 8.4 |
| redhat | enterprise_linux_eus | 8.6 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_server_aus | 8.2 |
| redhat | enterprise_linux_server_aus | 8.4 |
| redhat | enterprise_linux_server_aus | 8.6 |
| redhat | enterprise_linux_server_tus | 8.2 |
| redhat | enterprise_linux_server_tus | 8.4 |
| redhat | enterprise_linux_server_tus | 8.6 |
| redhat | enterprise_linux_workstation | 7.0 |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
openSUSE / SLES Releases
openSUSE Product | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| libpoppler-cpp0 |
| ||||||||||||||
| libpoppler-devel |
| ||||||||||||||
| libpoppler-glib-devel |
| ||||||||||||||
| libpoppler-glib8 |
| ||||||||||||||
| libpoppler-qt4-4 |
| ||||||||||||||
| libpoppler60 |
| ||||||||||||||
| libpoppler73 |
| ||||||||||||||
| poppler-tools |
| ||||||||||||||
| typelib-1_0-Poppler-0_18 |
|
Red Hat Enterprise Linux Releases
Red Hat Product | |||||||
|---|---|---|---|---|---|---|---|
| evince |
| ||||||
| evince-browser-plugin |
| ||||||
| evince-devel |
| ||||||
| evince-dvi |
| ||||||
| evince-libs |
| ||||||
| evince-nautilus |
| ||||||
| okular |
| ||||||
| okular-devel |
| ||||||
| okular-libs |
| ||||||
| okular-part |
| ||||||
| poppler |
| ||||||
| poppler-cpp |
| ||||||
| poppler-cpp-devel |
| ||||||
| poppler-demos |
| ||||||
| poppler-devel |
| ||||||
| poppler-glib |
| ||||||
| poppler-glib-devel |
| ||||||
| poppler-qt |
| ||||||
| poppler-qt-devel |
| ||||||
| poppler-qt5 |
| ||||||
| poppler-qt5-devel |
| ||||||
| poppler-utils |
|
Common Weakness Enumeration
References