CVE-2019-7310 - In Poppler 0.73.0, a heap-based buffer over-read (due to an integer signedness error in the XRef::ge

CVE-2019-7310

Summary

In Poppler 0.73.0, a heap-based buffer over-read (due to an integer signedness error in the XRef::getEntry function in XRef.cc) allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted PDF document, as demonstrated by pdftocairo.

References

Vulnerable Configurations

cpe:2.3:a:freedesktop:poppler:0.73.0:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:poppler:0.73.0:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*

CVSS

Base:	6.8 (as of 03-05-2022 - 14:49)
Impact:
Exploitability:

CWE

CWE-681

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:N/AC:M/Au:N/C:P/I:P/A:P

redhat via4

advisories

rhsa
id RHSA-2019:2022
rhsa
id RHSA-2019:2713

rpms

evince-0:3.28.2-8.el7
evince-browser-plugin-0:3.28.2-8.el7
evince-debuginfo-0:3.28.2-8.el7
evince-devel-0:3.28.2-8.el7
evince-dvi-0:3.28.2-8.el7
evince-libs-0:3.28.2-8.el7
evince-nautilus-0:3.28.2-8.el7
okular-0:4.10.5-7.el7
okular-debuginfo-0:4.10.5-7.el7
okular-devel-0:4.10.5-7.el7
okular-libs-0:4.10.5-7.el7
okular-part-0:4.10.5-7.el7
poppler-0:0.26.5-38.el7
poppler-cpp-0:0.26.5-38.el7
poppler-cpp-devel-0:0.26.5-38.el7
poppler-debuginfo-0:0.26.5-38.el7
poppler-demos-0:0.26.5-38.el7
poppler-devel-0:0.26.5-38.el7
poppler-glib-0:0.26.5-38.el7
poppler-glib-devel-0:0.26.5-38.el7
poppler-qt-0:0.26.5-38.el7
poppler-qt-devel-0:0.26.5-38.el7
poppler-utils-0:0.26.5-38.el7
poppler-0:0.66.0-11.el8_0.12
poppler-cpp-0:0.66.0-11.el8_0.12
poppler-cpp-debuginfo-0:0.66.0-11.el8_0.12
poppler-cpp-devel-0:0.66.0-11.el8_0.12
poppler-debuginfo-0:0.66.0-11.el8_0.12
poppler-debugsource-0:0.66.0-11.el8_0.12
poppler-devel-0:0.66.0-11.el8_0.12
poppler-glib-0:0.66.0-11.el8_0.12
poppler-glib-debuginfo-0:0.66.0-11.el8_0.12
poppler-glib-devel-0:0.66.0-11.el8_0.12
poppler-qt5-0:0.66.0-11.el8_0.12
poppler-qt5-debuginfo-0:0.66.0-11.el8_0.12
poppler-qt5-devel-0:0.66.0-11.el8_0.12
poppler-utils-0:0.66.0-11.el8_0.12
poppler-utils-debuginfo-0:0.66.0-11.el8_0.12

refmap via4

bid	106829
fedora	FEDORA-2019-8b5e704a73
misc	https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12797 https://gitlab.freedesktop.org/poppler/poppler/issues/717
mlist	[debian-lts-announce] 20190308 [SECURITY] [DLA 1706-1] poppler security update [debian-lts-announce] 20201108 [SECURITY] [DLA 2440-1] poppler security update
ubuntu	USN-3886-1

Last major update

03-05-2022 - 14:49

Published

03-02-2019 - 03:29

Last modified

03-05-2022 - 14:49