FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

poppler -- multiple denial of service issues

Affected packages
poppler < 0.56.0

Details

VuXML ID eca2d861-76f4-42ed-89d2-23a2cb396c87
Discovery 2017-06-21
Entry 2017-08-24

Poppler developers report:

Poppler is prone to a stack-based buffer-overflow vulnerability.

Successful exploits may allow attackers to crash the affected application, resulting in denial-of-service condition. Due to the nature of this issue, arbitrary code execution may be possible but this has not been confirmed.

References

CVE Name CVE-2017-9775
CVE Name CVE-2017-9865
URL http://www.securityfocus.com/bid/99241/discuss