AVG-326

Package poppler
Status Fixed
Severity High
Type arbitrary code execution
Affected 0.55.0-3
Fixed 0.56.0-1
Current 0.61.1-1 [extra]
Ticket None
Created Fri Jun 23 03:13:49 2017
Issue Severity Remote Type Description
CVE-2017-9776 High Yes Arbitrary code execution
Integer overflow leading to heap overflow in JBIG2Stream.cc.
CVE-2017-9775 Medium Yes Arbitrary code execution
A stack buffer overflow in has been found in GfxState.cc's module of poppler. Due to some restrictions in the lines after the bug, an attacker can't control...
Date Advisory Package Description
26 Jun 2017 ASA-201706-33 poppler arbitrary code execution
References
https://bugs.freedesktop.org/show_bug.cgi?id=101541
https://bugs.freedesktop.org/show_bug.cgi?id=101540