5

CVE-2013-4474

Format string vulnerability in the extractPages function in utils/pdfseparate.cc in poppler before 0.24.3 allows remote attackers to cause a denial of service (crash) via format string specifiers in a destination filename.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
CanonicalUbuntu Linux Version12.04 SwEditionlts
CanonicalUbuntu Linux Version14.04 SwEditionlts
CanonicalUbuntu Linux Version15.10
FreedesktopPoppler Version <= 0.24.1
FreedesktopPoppler Version0.1
FreedesktopPoppler Version0.1.1
FreedesktopPoppler Version0.1.2
FreedesktopPoppler Version0.2.0
FreedesktopPoppler Version0.3.0
FreedesktopPoppler Version0.3.1
FreedesktopPoppler Version0.3.2
FreedesktopPoppler Version0.3.3
FreedesktopPoppler Version0.4.0
FreedesktopPoppler Version0.4.1
FreedesktopPoppler Version0.4.2
FreedesktopPoppler Version0.4.3
FreedesktopPoppler Version0.4.4
FreedesktopPoppler Version0.5.0
FreedesktopPoppler Version0.5.1
FreedesktopPoppler Version0.5.2
FreedesktopPoppler Version0.5.3
FreedesktopPoppler Version0.5.4
FreedesktopPoppler Version0.5.9
FreedesktopPoppler Version0.5.90
FreedesktopPoppler Version0.5.91
FreedesktopPoppler Version0.6.0
FreedesktopPoppler Version0.6.1
FreedesktopPoppler Version0.6.2
FreedesktopPoppler Version0.6.3
FreedesktopPoppler Version0.6.4
FreedesktopPoppler Version0.7.0
FreedesktopPoppler Version0.7.1
FreedesktopPoppler Version0.7.2
FreedesktopPoppler Version0.7.3
FreedesktopPoppler Version0.8.0
FreedesktopPoppler Version0.8.1
FreedesktopPoppler Version0.8.2
FreedesktopPoppler Version0.8.3
FreedesktopPoppler Version0.8.4
FreedesktopPoppler Version0.8.5
FreedesktopPoppler Version0.8.6
FreedesktopPoppler Version0.8.7
FreedesktopPoppler Version0.9.0
FreedesktopPoppler Version0.9.1
FreedesktopPoppler Version0.9.2
FreedesktopPoppler Version0.9.3
FreedesktopPoppler Version0.10.0
FreedesktopPoppler Version0.10.1
FreedesktopPoppler Version0.10.2
FreedesktopPoppler Version0.10.3
FreedesktopPoppler Version0.10.4
FreedesktopPoppler Version0.10.5
FreedesktopPoppler Version0.10.6
FreedesktopPoppler Version0.10.7
FreedesktopPoppler Version0.11.0
FreedesktopPoppler Version0.11.1
FreedesktopPoppler Version0.11.2
FreedesktopPoppler Version0.11.3
FreedesktopPoppler Version0.12.0
FreedesktopPoppler Version0.12.1
FreedesktopPoppler Version0.12.2
FreedesktopPoppler Version0.12.3
FreedesktopPoppler Version0.12.4
FreedesktopPoppler Version0.13.0
FreedesktopPoppler Version0.13.1
FreedesktopPoppler Version0.13.2
FreedesktopPoppler Version0.13.3
FreedesktopPoppler Version0.13.4
FreedesktopPoppler Version0.14.0
FreedesktopPoppler Version0.14.1
FreedesktopPoppler Version0.14.2
FreedesktopPoppler Version0.14.3
FreedesktopPoppler Version0.14.4
FreedesktopPoppler Version0.14.5
FreedesktopPoppler Version0.15.0
FreedesktopPoppler Version0.15.1
FreedesktopPoppler Version0.15.2
FreedesktopPoppler Version0.15.3
FreedesktopPoppler Version0.16.0
FreedesktopPoppler Version0.16.1
FreedesktopPoppler Version0.16.2
FreedesktopPoppler Version0.16.3
FreedesktopPoppler Version0.16.4
FreedesktopPoppler Version0.16.5
FreedesktopPoppler Version0.16.6
FreedesktopPoppler Version0.16.7
FreedesktopPoppler Version0.17.0
FreedesktopPoppler Version0.17.1
FreedesktopPoppler Version0.17.2
FreedesktopPoppler Version0.17.3
FreedesktopPoppler Version0.17.4
FreedesktopPoppler Version0.18.0
FreedesktopPoppler Version0.18.1
FreedesktopPoppler Version0.18.2
FreedesktopPoppler Version0.18.3
FreedesktopPoppler Version0.18.4
FreedesktopPoppler Version0.19.0
FreedesktopPoppler Version0.19.1
FreedesktopPoppler Version0.19.2
FreedesktopPoppler Version0.19.3
FreedesktopPoppler Version0.19.4
FreedesktopPoppler Version0.20.0
FreedesktopPoppler Version0.20.1
FreedesktopPoppler Version0.20.2
FreedesktopPoppler Version0.20.3
FreedesktopPoppler Version0.20.4
FreedesktopPoppler Version0.20.5
FreedesktopPoppler Version0.21.0
FreedesktopPoppler Version0.21.1
FreedesktopPoppler Version0.21.2
FreedesktopPoppler Version0.21.3
FreedesktopPoppler Version0.21.4
FreedesktopPoppler Version0.22.0
FreedesktopPoppler Version0.22.1
FreedesktopPoppler Version0.22.2
FreedesktopPoppler Version0.22.3
FreedesktopPoppler Version0.22.4
FreedesktopPoppler Version0.23.0
FreedesktopPoppler Version0.23.1
FreedesktopPoppler Version0.23.2
FreedesktopPoppler Version0.23.3
FreedesktopPoppler Version0.23.4
FreedesktopPoppler Version0.24.0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 10.48% 0.952
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:N/A:P
CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://bugs.debian.org/723124
http://secunia.com/advisories/56567
http://security.gentoo.org/glsa/glsa-201401-21.xml
http://www.openwall.com/lists/oss-security/2013/10/29/1
http://www.ubuntu.com/usn/USN-2958-1
https://bugs.freedesktop.org/show_bug.cgi?id=69434
Vendor Advisory
http://cgit.freedesktop.org/poppler/poppler/commit/?id=61f79b8447c3ac8ab5a26e79e0c28053ffdccf75
Vendor Advisory
http://www.securityfocus.com/bid/63374