Lucene search

[email protected]CVE-2013-1789

HistoryOct 03, 2022 - 4:14 p.m.

CVE-2013-1789

2022-10-0316:14:47

[email protected]

web.nvd.nist.gov

cve-2013-1789

poppler

denial of service

null pointer dereference

crash

vulnerability

security

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

7 High

AI Score

Confidence

High

0.009 Low

EPSS

Percentile

83.2%

JSON

splash/Splash.cc in poppler before 0.22.1 allows context-dependent attackers to cause a denial of service (NULL pointer dereference and crash) via vectors related to the (1) Splash::arbitraryTransformMask, (2) Splash::blitMask, and (3) Splash::scaleMaskYuXu functions.

Affected configurations

NVD

Node

freedesktoppopplerRange≤0.22.0

CPENameOperatorVersion
freedesktop:popplerfreedesktop popplerle0.22.0

CPE	Name	Operator	Version
freedesktop:poppler	freedesktop poppler	le	0.22.0

References

cgit.freedesktop.org/poppler/poppler/commit/?h=poppler-0.22&id=a205e71a2dbe0c8d4f4905a76a3f79ec522eacec

cgit.freedesktop.org/poppler/poppler/commit/?h=poppler-0.22&id=a9b8ab4657dec65b8b86c225d12c533ad7e984e2

j00ru.vexillium.org/?p=1507

lists.fedoraproject.org/pipermail/package-announce/2013-March/100081.html

lists.fedoraproject.org/pipermail/package-announce/2013-March/100090.html

secunia.com/advisories/52846

ubuntu.com/usn/usn-1785-1

www.openwall.com/lists/oss-security/2013/02/28/4

www.openwall.com/lists/oss-security/2013/02/28/8

bugzilla.redhat.com/show_bug.cgi?id=917109

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

7 High

AI Score

Confidence

High

0.009 Low

EPSS

Percentile

83.2%

JSON

Related for CVE-2013-1789

nvd1 cvelist1 prion1 debiancve1 ubuntucve1 nessus8 openvas13 securityvulns2 ubuntu1 fedora4 gentoo1