REDHAT-BUG-917108
First published: Fri Mar 01 2013(Updated: )
A number of invalid memory access flaws were reported in poppler (fixed in version 0.22.1): - Fix invalid memory access in 1150.pdf.asan.8.69 [1]. - Fix invalid memory access in 2030.pdf.asan.69.463 [2]. - Fix another invalid memory access in 1091.pdf.asan.72.42 [3]. - Fix invalid memory accesses in 1091.pdf.asan.72.42 [4]. - Fix invalid memory accesses in 1036.pdf.asan.23.17 [5]. [1] <a href="http://cgit.freedesktop.org/poppler/poppler/commit/?h=poppler-0.22&id=8b6dc55e530b2f5ede6b9dfb64aafdd1d5836492">http://cgit.freedesktop.org/poppler/poppler/commit/?h=poppler-0.22&id=8b6dc55e530b2f5ede6b9dfb64aafdd1d5836492</a> [2] <a href="http://cgit.freedesktop.org/poppler/poppler/commit/?h=poppler-0.22&id=e14b6e9c13d35c9bd1e0c50906ace8e707816888">http://cgit.freedesktop.org/poppler/poppler/commit/?h=poppler-0.22&id=e14b6e9c13d35c9bd1e0c50906ace8e707816888</a> [3] <a href="http://cgit.freedesktop.org/poppler/poppler/commit/?h=poppler-0.22&id=0388837f01bc467045164f9ddaff787000a8caaa">http://cgit.freedesktop.org/poppler/poppler/commit/?h=poppler-0.22&id=0388837f01bc467045164f9ddaff787000a8caaa</a> [4] <a href="http://cgit.freedesktop.org/poppler/poppler/commit/?h=poppler-0.22&id=957aa252912cde85d76c41e9710b33425a82b696">http://cgit.freedesktop.org/poppler/poppler/commit/?h=poppler-0.22&id=957aa252912cde85d76c41e9710b33425a82b696</a> [5] <a href="http://cgit.freedesktop.org/poppler/poppler/commit/?h=poppler-0.22&id=bbc2d8918fe234b7ef2c480eb148943922cc0959">http://cgit.freedesktop.org/poppler/poppler/commit/?h=poppler-0.22&id=bbc2d8918fe234b7ef2c480eb148943922cc0959</a>
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Poppler Data | <0.22.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://cgit.freedesktop.org/poppler/poppler/commit/?h=poppler-0.22&id=8b6dc55e530b2f5ede6b9dfb64aafdd1d5836492
- http://cgit.freedesktop.org/poppler/poppler/commit/?h=poppler-0.22&id=e14b6e9c13d35c9bd1e0c50906ace8e707816888
- http://cgit.freedesktop.org/poppler/poppler/commit/?h=poppler-0.22&id=0388837f01bc467045164f9ddaff787000a8caaa
- http://cgit.freedesktop.org/poppler/poppler/commit/?h=poppler-0.22&id=957aa252912cde85d76c41e9710b33425a82b696
- http://cgit.freedesktop.org/poppler/poppler/commit/?h=poppler-0.22&id=bbc2d8918fe234b7ef2c480eb148943922cc0959
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=917113
- https://access.redhat.com/security/cve/CVE-2013-1789
- https://access.redhat.com/security/updates/classification/
- https://bugzilla.redhat.com/show_bug.cgi?id=917108
Frequently Asked Questions
What is the severity of REDHAT-BUG-917108?
The severity of REDHAT-BUG-917108 is categorized as high due to the presence of invalid memory access flaws that can lead to potential security vulnerabilities.
How do I fix REDHAT-BUG-917108?
To fix REDHAT-BUG-917108, upgrade to version 0.22.1 of the Freedesktop poppler software or later.
What are the impacts of not addressing REDHAT-BUG-917108?
Failing to address REDHAT-BUG-917108 may leave systems vulnerable to memory access issues that could be exploited by attackers.
Which versions of poppler are affected by REDHAT-BUG-917108?
Versions of poppler prior to 0.22.1 are affected by REDHAT-BUG-917108.
Is there any known exploit for REDHAT-BUG-917108?
As of now, there are no specific known exploits reported for REDHAT-BUG-917108, but the invalid memory access could be leveraged in attacks.
- agent/type
- agent/last-modified-date
- agent/first-publish-date
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2013-1788
- agent/references
- agent/severity
- agent/description
- agent/event
- agent/trending
- agent/source
- agent/tags
- agent/softwarecombine
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/freedesktop
- canonical/poppler data