ID CVE-2018-20751
Summary An issue was discovered in crop_page in PoDoFo 0.9.6. For a crafted PDF document, pPage->GetObject()->GetDictionary().AddKey(PdfName("MediaBox"),var) can be problematic due to the function GetObject() being called for the pPage NULL pointer object. The value of pPage at this point is 0x0, which causes a NULL pointer dereference.
References
Vulnerable Configurations
  • cpe:2.3:a:podofo_project:podofo:0.9.6
    cpe:2.3:a:podofo_project:podofo:0.9.6
CVSS
Base: 6.8
Impact:
Exploitability:
CWE CWE-476
CAPEC
nessus via4
NASL family Fedora Local Security Checks
NASL id FEDORA_2019-6CC827B7A1.NASL
description This update backports a fix for CVE-2018-20751. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen 2019-02-21
modified 2019-02-19
plugin id 122280
published 2019-02-19
reporter Tenable
source https://www.tenable.com/plugins/index.php?view=single&id=122280
title Fedora 29 : mingw-podofo / podofo (2019-6cc827b7a1)
refmap via4
misc
Last major update 04-02-2019 - 14:29
Published 04-02-2019 - 14:29
Last modified 08-02-2019 - 16:45
Back to Top