- Vulnerability/
- USN-4042-1
USN-4042-1: poppler vulnerabilities
First published: Thu Jun 27 2019(Updated: )
It was discovered that poppler incorrectly handled certain files. If a user or automated system were tricked into opening a crafted PDF file, an attacker could cause a denial of service, or possibly execute arbitrary code
| Affected Software | Affected Version | How to fix |
|---|---|---|
| All of | ||
| ubuntu/libpoppler85 | <0.74.0-0ubuntu1.2 | 0.74.0-0ubuntu1.2 |
| =19.04 | ||
| All of | ||
| ubuntu/poppler-utils | <0.74.0-0ubuntu1.2 | 0.74.0-0ubuntu1.2 |
| =19.04 | ||
| All of | ||
| ubuntu/libpoppler79 | <0.68.0-0ubuntu1.7 | 0.68.0-0ubuntu1.7 |
| =18.10 | ||
| All of | ||
| ubuntu/poppler-utils | <0.68.0-0ubuntu1.7 | 0.68.0-0ubuntu1.7 |
| =18.10 | ||
| All of | ||
| ubuntu/libpoppler73 | <0.62.0-2ubuntu2.9 | 0.62.0-2ubuntu2.9 |
| =18.04 | ||
| All of | ||
| ubuntu/poppler-utils | <0.62.0-2ubuntu2.9 | 0.62.0-2ubuntu2.9 |
| =18.04 | ||
| All of | ||
| ubuntu/libpoppler58 | <0.41.0-0ubuntu1.14 | 0.41.0-0ubuntu1.14 |
| =16.04 | ||
| All of | ||
| ubuntu/poppler-utils | <0.41.0-0ubuntu1.14 | 0.41.0-0ubuntu1.14 |
| =16.04 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://ubuntu.com/security/CVE-2017-9865
- https://ubuntu.com/security/CVE-2018-18897
- https://ubuntu.com/security/CVE-2018-20662
- https://ubuntu.com/security/CVE-2019-10018
- https://ubuntu.com/security/CVE-2019-10019
- https://ubuntu.com/security/CVE-2019-10021
- https://ubuntu.com/security/CVE-2019-10023
- https://ubuntu.com/security/CVE-2019-10872
- https://ubuntu.com/security/CVE-2019-10873
- https://ubuntu.com/security/CVE-2019-12293
- https://ubuntu.com/security/CVE-2019-9200
- https://ubuntu.com/security/CVE-2019-9631
- https://ubuntu.com/security/CVE-2019-9903
- https://ubuntu.com/security/notices/{'id': 'USN-3905-1', 'packages': 'libpoppler-private-dev, poppler, libpoppler-glib8, libpoppler-cpp0, libpoppler44, libpoppler-qt5-1, libpoppler-qt5-dev, libpoppler-cpp-dev, libpoppler-qt4-dev, libpoppler-cpp0v5, libpoppler-glib-dev, gir1.2-poppler-0.18, libpoppler-qt4-4, libpoppler58, libpoppler73, libpoppler79, libpoppler-glib-doc, poppler-utils, libpoppler-dev'}
- https://launchpad.net/ubuntu/+source/poppler/0.74.0-0ubuntu1.2
- https://launchpad.net/ubuntu/+source/poppler/0.68.0-0ubuntu1.7
- https://launchpad.net/ubuntu/+source/poppler/0.62.0-2ubuntu2.9
- https://launchpad.net/ubuntu/+source/poppler/0.41.0-0ubuntu1.14
- https://ubuntu.com/security/notices/USN-4042-1 (Advisory)
Child vulnerabilities
(Contains the following vulnerabilities)
Frequently Asked Questions
What is the vulnerability ID for this advisory?
The vulnerability ID for this advisory is USN-4042-1.
What is the affected software in this vulnerability?
The affected software in this vulnerability is libpoppler85, poppler-utils, libpoppler79, libpoppler73, libpoppler58, and poppler-utils.
Is there a possibility of arbitrary code execution?
Yes, if a user or automated system opens a crafted PDF file, an attacker could possibly execute arbitrary code.
How can this vulnerability be exploited?
This vulnerability can be exploited by tricking a user or automated system into opening a crafted PDF file.
Where can I find more information about this vulnerability?
You can find more information about this vulnerability in the following references: [link1], [link2], [link3].
- agent/severity
- agent/type
- agent/first-publish-date
- agent/last-modified-date
- agent/softwarecombine
- agent/title
- agent/description
- agent/event
- collector/usn
- source/Ubuntu
- agent/software-canonical-lookup
- agent/references
- agent/tags
- agent/trending
- package-manager/ubuntu
- vendor/ubuntu
- canonical/ubuntu ubuntu
- version/ubuntu ubuntu/19.04
- version/ubuntu ubuntu/18.10
- version/ubuntu ubuntu/18.04
- version/ubuntu ubuntu/16.04