Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2008-2950 — Code Injection in Poppler

CWE-94 — Code Injection9 documents9 sources

Severity

7.5HIGHNVD

EPSS

12.3%

top 6.11%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Freedesktop Poppler Poppler

Timeline

PublishedJul 7

Latest updateMay 1

Description

The Page destructor in Page.cc in libpoppler in Poppler 0.8.4 and earlier deletes a pageWidgets object even if it is not initialized by a Page constructor, which allows remote attackers to execute arbitrary code via a crafted PDF document.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages2 packages

▶Debianfreedesktop/poppler< 0.8.4-1.1+3

▶NVDpoppler/poppler0.8.4

🔴Vulnerability Details

GHSA

GHSA-wx8f-9362-6rfq: The Page destructor in Page↗2022-05-01

▶

OSV

CVE-2008-2950: The Page destructor in Page↗2008-07-07

▶

CVEList

CVE-2008-2950: The Page destructor in Page↗2008-07-07

▶

💥Exploits & PoCs

Exploit-DB

Poppler 0.8.4 - libpoppler Uninitialized pointer Code Execution↗2008-07-08

▶

📋Vendor Advisories

Ubuntu

poppler vulnerability↗2008-07-28

▶

Red Hat

poppler: uninitialized pointer free (oCERT-2008-007)↗2008-07-07

▶

Debian

CVE-2008-2950: poppler - The Page destructor in Page.cc in libpoppler in Poppler 0.8.4 and earlier delete...↗2008

▶

💬Community

Bugzilla

CVE-2008-2950 poppler: uninitialized pointer free (oCERT-2008-007)↗2008-07-07

▶