Your submission was sent successfully! Close

CVE-2017-14517

Published: 17 September 2017

In Poppler 0.59.0, a NULL Pointer Dereference exists in the XRef::parseEntry() function in XRef.cc via a crafted PDF document.

Priority

Medium

CVSS 3 base score: 5.5

Status

Package Release Status
poppler
Launchpad, Ubuntu, Debian
Upstream Needs triage

Ubuntu 16.04 ESM (Xenial Xerus) Not vulnerable
(not reproducible)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was not-affected [not reproducible])
Patches:
Upstream: https://cgit.freedesktop.org/poppler/poppler/commit/?id=476394e7a025e02e4897da2e765df2c895d0708f