First published: Fri Apr 05 2019(Updated: )
An issue was discovered in Poppler 0.74.0. There is a heap-based buffer over-read in the function PSOutputDev::checkPageSlice at PSOutputDev.cc.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
freedesktop poppler | =0.74.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2019-10871 is a vulnerability in Poppler 0.74.0 that allows for a heap-based buffer over-read.
The severity of CVE-2019-10871 is medium, with a severity value of 6.5.
CVE-2019-10871 affects Poppler 0.74.0, specifically in the function PSOutputDev::checkPageSlice at PSOutputDev.cc.
To fix CVE-2019-10871, update to a version of Poppler that is not affected by this vulnerability.
More information about CVE-2019-10871 can be found at the following references: http://www.securityfocus.com/bid/107862, https://access.redhat.com/errata/RHSA-2019:2713, https://gitlab.freedesktop.org/poppler/poppler/issues/751.