Home

CVE-2019-9200

Description

A heap-based buffer underwrite exists in ImageStream::getLine() located at Stream.cc in Poppler 0.74.0 that can (for example) be triggered by sending a crafted PDF file to the pdfimages binary. It allows an attacker to cause Denial of Service (Segmentation fault) or possibly have unspecified other impact.

Risk Information

Base Score
8.8
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
5.298

Associated Vulnerability

VulnerabilityOS Platform
(RHSA-2019:2713) poppler security update poppler-0.66.0-11.el8_0.12.i686.rpmLinux
(RHSA-2019:2713) poppler security update poppler-0.66.0-11.el8_0.12.x86_64.rpmLinux
(RHSA-2019:2713) poppler security update poppler-debugsource-0.66.0-11.el8_0.12.i686.rpmLinux
(RHSA-2019:2713) poppler security update poppler-debugsource-0.66.0-11.el8_0.12.x86_64.rpmLinux
(RHSA-2019:2713) poppler security update poppler-glib-0.66.0-11.el8_0.12.i686.rpmLinux
(RHSA-2019:2713) poppler security update poppler-glib-0.66.0-11.el8_0.12.x86_64.rpmLinux
(RHSA-2019:2713) poppler security update poppler-utils-0.66.0-11.el8_0.12.x86_64.rpmLinux
(RHSA-2019:2022) poppler security, bug fix, and enhancement update evince-3.28.2-8.el7.x86_64.rpmLinux
(RHSA-2019:2022) poppler security, bug fix, and enhancement update evince-browser-plugin-3.28.2-8.el7.x86_64.rpmLinux
(RHSA-2019:2022) poppler security, bug fix, and enhancement update evince-devel-3.28.2-8.el7.i686.rpmLinux
(RHSA-2019:2022) poppler security, bug fix, and enhancement update evince-devel-3.28.2-8.el7.x86_64.rpmLinux
(RHSA-2019:2022) poppler security, bug fix, and enhancement update evince-dvi-3.28.2-8.el7.x86_64.rpmLinux
(RHSA-2019:2022) poppler security, bug fix, and enhancement update evince-libs-3.28.2-8.el7.i686.rpmLinux
(RHSA-2019:2022) poppler security, bug fix, and enhancement update evince-libs-3.28.2-8.el7.x86_64.rpmLinux
(RHSA-2019:2022) poppler security, bug fix, and enhancement update evince-nautilus-3.28.2-8.el7.x86_64.rpmLinux
(RHSA-2019:2022) poppler security, bug fix, and enhancement update okular-4.10.5-7.el7.x86_64.rpmLinux
(RHSA-2019:2022) poppler security, bug fix, and enhancement update okular-devel-4.10.5-7.el7.i686.rpmLinux
(RHSA-2019:2022) poppler security, bug fix, and enhancement update okular-devel-4.10.5-7.el7.x86_64.rpmLinux
(RHSA-2019:2022) poppler security, bug fix, and enhancement update okular-libs-4.10.5-7.el7.i686.rpmLinux
(RHSA-2019:2022) poppler security, bug fix, and enhancement update okular-libs-4.10.5-7.el7.x86_64.rpmLinux
(RHSA-2019:2022) poppler security, bug fix, and enhancement update okular-part-4.10.5-7.el7.x86_64.rpmLinux
(RHSA-2019:2022) poppler security, bug fix, and enhancement update poppler-0.26.5-38.el7.i686.rpmLinux
(RHSA-2019:2022) poppler security, bug fix, and enhancement update poppler-0.26.5-38.el7.x86_64.rpmLinux
(RHSA-2019:2022) poppler security, bug fix, and enhancement update poppler-cpp-0.26.5-38.el7.i686.rpmLinux
(RHSA-2019:2022) poppler security, bug fix, and enhancement update poppler-cpp-0.26.5-38.el7.x86_64.rpmLinux
(RHSA-2019:2022) poppler security, bug fix, and enhancement update poppler-cpp-devel-0.26.5-38.el7.i686.rpmLinux
(RHSA-2019:2022) poppler security, bug fix, and enhancement update poppler-cpp-devel-0.26.5-38.el7.x86_64.rpmLinux
(RHSA-2019:2022) poppler security, bug fix, and enhancement update poppler-demos-0.26.5-38.el7.x86_64.rpmLinux
(RHSA-2019:2022) poppler security, bug fix, and enhancement update poppler-devel-0.26.5-38.el7.i686.rpmLinux
(RHSA-2019:2022) poppler security, bug fix, and enhancement update poppler-devel-0.26.5-38.el7.x86_64.rpmLinux
(RHSA-2019:2022) poppler security, bug fix, and enhancement update poppler-glib-0.26.5-38.el7.i686.rpmLinux
(RHSA-2019:2022) poppler security, bug fix, and enhancement update poppler-glib-0.26.5-38.el7.x86_64.rpmLinux
(RHSA-2019:2022) poppler security, bug fix, and enhancement update poppler-glib-devel-0.26.5-38.el7.i686.rpmLinux
(RHSA-2019:2022) poppler security, bug fix, and enhancement update poppler-glib-devel-0.26.5-38.el7.x86_64.rpmLinux
(RHSA-2019:2022) poppler security, bug fix, and enhancement update poppler-qt-0.26.5-38.el7.i686.rpmLinux
(RHSA-2019:2022) poppler security, bug fix, and enhancement update poppler-qt-0.26.5-38.el7.x86_64.rpmLinux
(RHSA-2019:2022) poppler security, bug fix, and enhancement update poppler-qt-devel-0.26.5-38.el7.i686.rpmLinux
(RHSA-2019:2022) poppler security, bug fix, and enhancement update poppler-qt-devel-0.26.5-38.el7.x86_64.rpmLinux
(RHSA-2019:2022) poppler security, bug fix, and enhancement update poppler-utils-0.26.5-38.el7.x86_64.rpmLinux

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234