ID CVE-2019-9631
Summary Poppler 0.74.0 has a heap-based buffer over-read in the CairoRescaleBox.cc downsample_row_box_filter function.
References
Vulnerable Configurations
  • cpe:2.3:a:freedesktop:poppler:0.74.0:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.74.0:*:*:*:*:*:*:*
  • cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*
    cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*
  • cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*
    cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*
  • cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
    cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
  • cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
    cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
CVSS
Base: 7.5 (as of 23-07-2020 - 12:15)
Impact:
Exploitability:
CWE CWE-125
CAPEC
  • Infiltration of Hardware Development Environment
    An attacker, leveraging the ability to manipulate components of primary support systems and tools within the development and production environments, inserts malicious software within the hardware and/or firmware development environment. The infiltration purpose is to alter developed hardware components in a system destined for deployment at the victim's organization, for the purpose of disruption or further compromise.
  • Overread Buffers
    An adversary attacks a target by providing input that causes an application to read beyond the boundary of a defined buffer. This typically occurs when a value influencing where to start or stop reading is set to reflect positions outside of the valid memory location of the buffer. This type of attack may result in exposure of sensitive information, a system crash, or arbitrary code execution.
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:P/A:P
redhat via4
advisories
  • bugzilla
    id 1686802
    title CVE-2019-9631 poppler: heap-based buffer over-read in function downsample_row_box_filter in CairoRescaleBox.cc
    oval
    OR
    • comment Red Hat Enterprise Linux must be installed
      oval oval:com.redhat.rhba:tst:20070304026
    • AND
      • comment Red Hat Enterprise Linux 7 is installed
        oval oval:com.redhat.rhba:tst:20150364027
      • OR
        • AND
          • comment poppler is earlier than 0:0.26.5-38.el7
            oval oval:com.redhat.rhsa:tst:20192022001
          • comment poppler is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20100859002
        • AND
          • comment poppler-cpp is earlier than 0:0.26.5-38.el7
            oval oval:com.redhat.rhsa:tst:20192022003
          • comment poppler-cpp is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20162580004
        • AND
          • comment poppler-cpp-devel is earlier than 0:0.26.5-38.el7
            oval oval:com.redhat.rhsa:tst:20192022005
          • comment poppler-cpp-devel is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20162580006
        • AND
          • comment poppler-demos is earlier than 0:0.26.5-38.el7
            oval oval:com.redhat.rhsa:tst:20192022007
          • comment poppler-demos is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20162580008
        • AND
          • comment poppler-devel is earlier than 0:0.26.5-38.el7
            oval oval:com.redhat.rhsa:tst:20192022009
          • comment poppler-devel is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20100859004
        • AND
          • comment poppler-glib is earlier than 0:0.26.5-38.el7
            oval oval:com.redhat.rhsa:tst:20192022011
          • comment poppler-glib is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20100859006
        • AND
          • comment poppler-glib-devel is earlier than 0:0.26.5-38.el7
            oval oval:com.redhat.rhsa:tst:20192022013
          • comment poppler-glib-devel is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20100859008
        • AND
          • comment poppler-qt is earlier than 0:0.26.5-38.el7
            oval oval:com.redhat.rhsa:tst:20192022015
          • comment poppler-qt is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20100859010
        • AND
          • comment poppler-qt-devel is earlier than 0:0.26.5-38.el7
            oval oval:com.redhat.rhsa:tst:20192022017
          • comment poppler-qt-devel is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20100859012
        • AND
          • comment poppler-utils is earlier than 0:0.26.5-38.el7
            oval oval:com.redhat.rhsa:tst:20192022019
          • comment poppler-utils is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20100859018
        • AND
          • comment okular is earlier than 0:4.10.5-7.el7
            oval oval:com.redhat.rhsa:tst:20192022021
          • comment okular is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20192022022
        • AND
          • comment okular-devel is earlier than 0:4.10.5-7.el7
            oval oval:com.redhat.rhsa:tst:20192022023
          • comment okular-devel is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20192022024
        • AND
          • comment okular-libs is earlier than 0:4.10.5-7.el7
            oval oval:com.redhat.rhsa:tst:20192022025
          • comment okular-libs is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20192022026
        • AND
          • comment okular-part is earlier than 0:4.10.5-7.el7
            oval oval:com.redhat.rhsa:tst:20192022027
          • comment okular-part is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20192022028
        • AND
          • comment evince is earlier than 0:3.28.2-8.el7
            oval oval:com.redhat.rhsa:tst:20192022029
          • comment evince is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20110009002
        • AND
          • comment evince-browser-plugin is earlier than 0:3.28.2-8.el7
            oval oval:com.redhat.rhsa:tst:20192022031
          • comment evince-browser-plugin is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20172388004
        • AND
          • comment evince-devel is earlier than 0:3.28.2-8.el7
            oval oval:com.redhat.rhsa:tst:20192022033
          • comment evince-devel is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20110009004
        • AND
          • comment evince-dvi is earlier than 0:3.28.2-8.el7
            oval oval:com.redhat.rhsa:tst:20192022035
          • comment evince-dvi is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20110009006
        • AND
          • comment evince-libs is earlier than 0:3.28.2-8.el7
            oval oval:com.redhat.rhsa:tst:20192022037
          • comment evince-libs is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20110009008
        • AND
          • comment evince-nautilus is earlier than 0:3.28.2-8.el7
            oval oval:com.redhat.rhsa:tst:20192022039
          • comment evince-nautilus is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20172388012
    rhsa
    id RHSA-2019:2022
    released 2019-08-06
    severity Moderate
    title RHSA-2019:2022: poppler security, bug fix, and enhancement update (Moderate)
  • rhsa
    id RHSA-2019:2713
rpms
  • evince-0:3.28.2-8.el7
  • evince-browser-plugin-0:3.28.2-8.el7
  • evince-debuginfo-0:3.28.2-8.el7
  • evince-devel-0:3.28.2-8.el7
  • evince-dvi-0:3.28.2-8.el7
  • evince-libs-0:3.28.2-8.el7
  • evince-nautilus-0:3.28.2-8.el7
  • okular-0:4.10.5-7.el7
  • okular-debuginfo-0:4.10.5-7.el7
  • okular-devel-0:4.10.5-7.el7
  • okular-libs-0:4.10.5-7.el7
  • okular-part-0:4.10.5-7.el7
  • poppler-0:0.26.5-38.el7
  • poppler-cpp-0:0.26.5-38.el7
  • poppler-cpp-devel-0:0.26.5-38.el7
  • poppler-debuginfo-0:0.26.5-38.el7
  • poppler-demos-0:0.26.5-38.el7
  • poppler-devel-0:0.26.5-38.el7
  • poppler-glib-0:0.26.5-38.el7
  • poppler-glib-devel-0:0.26.5-38.el7
  • poppler-qt-0:0.26.5-38.el7
  • poppler-qt-devel-0:0.26.5-38.el7
  • poppler-utils-0:0.26.5-38.el7
  • poppler-0:0.66.0-11.el8_0.12
  • poppler-cpp-0:0.66.0-11.el8_0.12
  • poppler-cpp-debuginfo-0:0.66.0-11.el8_0.12
  • poppler-cpp-devel-0:0.66.0-11.el8_0.12
  • poppler-debuginfo-0:0.66.0-11.el8_0.12
  • poppler-debugsource-0:0.66.0-11.el8_0.12
  • poppler-devel-0:0.66.0-11.el8_0.12
  • poppler-glib-0:0.66.0-11.el8_0.12
  • poppler-glib-debuginfo-0:0.66.0-11.el8_0.12
  • poppler-glib-devel-0:0.66.0-11.el8_0.12
  • poppler-qt5-0:0.66.0-11.el8_0.12
  • poppler-qt5-debuginfo-0:0.66.0-11.el8_0.12
  • poppler-qt5-devel-0:0.66.0-11.el8_0.12
  • poppler-utils-0:0.66.0-11.el8_0.12
  • poppler-utils-debuginfo-0:0.66.0-11.el8_0.12
refmap via4
fedora
  • FEDORA-2019-13ba3be562
  • FEDORA-2019-14040bfa27
  • FEDORA-2019-d04944813d
misc https://gitlab.freedesktop.org/poppler/poppler/issues/736
mlist
  • [debian-lts-announce] 20190408 [SECURITY] [DLA 1752-1] poppler security update
  • [debian-lts-announce] 20200723 [SECURITY] [DLA 2287-1] poppler security update
ubuntu USN-4042-1
Last major update 23-07-2020 - 12:15
Published 08-03-2019 - 05:29
Last modified 23-07-2020 - 12:15
Back to Top