Freedesktop » Poppler : Security Vulnerabilities, CVEs, Published In 2013 (Code Execution)
Stack-based buffer overflow in the extractPages function in utils/pdfseparate.cc in poppler before 0.24.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a source filename.
Max CVSS
7.5
EPSS Score
6.39%
Published
2013-11-23
Updated
2016-05-18
poppler before 0.22.1 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors that trigger an "invalid memory access" in (1) splash/Splash.cc, (2) poppler/Function.cc, and (3) poppler/Stream.cc.
Max CVSS
6.8
EPSS Score
1.60%
Published
2013-04-09
Updated
2014-01-28
2 vulnerabilities found