CVE-2013-1789
Published: 28 February 2013
splash/Splash.cc in poppler before 0.22.1 allows context-dependent attackers to cause a denial of service (NULL pointer dereference and crash) via vectors related to the (1) Splash::arbitraryTransformMask, (2) Splash::blitMask, and (3) Splash::scaleMaskYuXu functions.
Notes
| Author | Note |
|---|---|
| mdeslaur | reproducers: 1031.pdf.asan.48.15, 1007.pdf.asan.48.4 |
Priority
Status
| Package | Release | Status |
|---|---|---|
|
poppler Launchpad, Ubuntu, Debian |
hardy |
Ignored
(end of life)
|
| lucid |
Released
(0.12.4-0ubuntu5.3)
|
|
| oneiric |
Released
(0.16.7-2ubuntu2.1)
|
|
| precise |
Released
(0.18.4-1ubuntu3.1)
|
|
| quantal |
Released
(0.20.4-0ubuntu1.2)
|
|
| upstream |
Released
(0.22.1)
|
|
|
Patches: upstream: http://cgit.freedesktop.org/poppler/poppler/commit/?id=a205e71a2dbe0c8d4f4905a76a3f79ec522eacec upstream: http://cgit.freedesktop.org/poppler/poppler/commit/?id=a9b8ab4657dec65b8b86c225d12c533ad7e984e2 |
||