The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3120 advisory.

  - An issue was discovered in Poppler 0.71.0. There is a memory leak in GfxColorSpace::setDisplayProfile in     GfxState.cc, as demonstrated by pdftocairo. (CVE-2018-18897)

  - An issue was discovered in Poppler 0.71.0. There is a reachable abort in Object.h, will lead to denial of     service because EmbFile::save2 in FileSpec.cc lacks a stream check before saving an embedded file.
    (CVE-2018-19058)

  - A reachable Object::dictLookup assertion in Poppler 0.72.0 allows attackers to cause a denial of service     due to the lack of a check for the dict data type, as demonstrated by use of the FileSpec class (in     FileSpec.cc) in pdfdetach. (CVE-2018-20650)

  - An issue was discovered in Poppler through 0.78.0. There is a divide-by-zero error in the function     SplashOutputDev::tilingPatternFill at SplashOutputDev.cc. (CVE-2019-14494)

  - PDFDoc::markObject in PDFDoc.cc in Poppler 0.74.0 mishandles dict marking, leading to stack consumption in     the function Dict::find() located at Dict.cc, which can (for example) be triggered by passing a crafted     pdf file to the pdfunite binary. (CVE-2019-9903)

  - The JPXStream::init function in Poppler 0.78.0 and earlier doesn't check for negative values of stream     length, leading to an Integer Overflow, thereby making it possible to allocate a large memory chunk on the     heap, with a size controlled by an attacker, as demonstrated by pdftocairo. (CVE-2019-9959)

  - A flaw was found in Poppler in the way certain PDF files were converted into HTML. A remote attacker could     exploit this flaw by providing a malicious PDF file that, when processed by the 'pdftohtml' program, would     crash the application causing a denial of service. (CVE-2020-27778)

  - A logic error in the Hints::Hints function of Poppler v22.03.0 allows attackers to cause a Denial of     Service (DoS) via a crafted PDF file. (CVE-2022-27337)

  - Poppler prior to and including 22.08.0 contains an integer overflow in the JBIG2 decoder     (JBIG2Stream::readTextRegionSeg() in JBIGStream.cc). Processing a specially crafted PDF file or JBIG2     image could lead to a crash or the execution of arbitrary code. This is similar to the vulnerability     described by CVE-2022-38171 in Xpdf. (CVE-2022-38784)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Detections

Analytics

Debian DLA-3120-1 : poppler - LTS security update

high Nessus Plugin ID 165449

Version 1.7

Version 1.6

Version 1.5

Version 1.4

Version 1.3

Version 1.7 Oct 10, 2023, 4:16 PM CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:POC/RL:OF/RC:C". "CVSSv3 temporal vector" set to "CVSS:3.0/E:P/RL:O/RC:C") Exploit attributes ("Exploit available" set to "True". "Exploitability ease" changed from "No known exploits are available" to "Exploits are available") Plugin Feed: 202310101616
Version 1.6 Oct 6, 2023, 10:25 AM IAVM reference Plugin Feed: 202310061025
Version 1.5 Nov 21, 2022, 8:42 PM IAVM reference Plugin Feed: 202211212042
Version 1.4 Nov 21, 2022, 6:04 PM IAVM reference Plugin Feed: 202211211804
Version 1.3 Oct 14, 2022, 9:50 AM STIG Severity IAVM reference Plugin Feed: 202210140950