vendor:
poppler_utils
by:
Hamm3r.py
7.8
CVSS
HIGH
Buffer Overflow
119
CWE
Product Name: poppler_utils
Affected Version From: 0.41.0
Affected Version To: 0.57.0-2ubuntu4.2
Patch Exists: YES
Related CWE: N/A
CPE: a:poppler:poppler_utils
Metasploit:
N/A
Other Scripts:
N/A
Platforms Tested: Ubuntu
2018
PDFunite Malformed pdf buffer overflow
pdfunite is a part of poppler package in ubuntu. pdfunite is prone to a local bufferoverflow when a malformed pdf is used to unite with another pdf. Following is the gdb stack trace: Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1". Program received signal SIGSEGV, Segmentation fault.
Mitigation:
Ensure that all PDF files are validated before being used with pdfunite.
