Poppler < 0.56.0 Multiple Vulnerabilities

high Nessus Plugin ID 101167

Synopsis

A package installed on the remote host is affected by multiple vulnerabilities.

Description

The version of Poppler installed on the remote host is prior to 0.56.0. It is, therefore, affected by multiple vulnerabilities :

- A stack-based overflow condition exists in the getColor() function in GfxState.cc due to improper validation of user-supplied input. An unauthenticated, remote attacker can exploit this, by convincing a user to open a specially crafted PDF document, to crash the process, resulting in a denial of service condition.
(CVE-2017-9775)

- An integer overflow condition exists in the combine() function in JBIG2Stream.cc due to improper validation of user-supplied input. An unauthenticated, remote attacker can exploit this, by convincing a user to open a specially crafted PDF document, to cause a denial of service condition or the execution of arbitrary code.
(CVE-2017-9775)

Solution

Upgrade to Poppler version 0.56.0 or later.

See Also

https://bugs.freedesktop.org/show_bug.cgi?id=101540

https://bugs.freedesktop.org/show_bug.cgi?id=101541

Plugin Details

Severity: High

ID: 101167

File Name: poppler_0_56.nasl

Version: 1.10

Type: local

Agent: unix, macosx

Family: Misc.

Published: 6/30/2017

Updated: 4/21/2020

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Temporal Vector: E:U/RL:OF/RC:C

CVSS Score Source: CVE-2017-9776

CVSS v3

Risk Factor: High

Base Score: 7.8

Temporal Score: 6.8

Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Temporal Vector: E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:freedesktop:poppler

Required KB Items: Host/local_checks_enabled

Exploit Ease: No known exploits are available

Patch Publication Date: 6/22/2017

Vulnerability Publication Date: 6/20/2017

Reference Information

CVE: CVE-2017-9775, CVE-2017-9776

BID: 99240, 99241