CVE-2013-4474
published 2013-11-23CVE-2013-4474: Format string vulnerability in the extractPages function in utils/pdfseparate.cc in poppler before 0.24.3 allows remote attackers to cause a denial of service…
PriorityP431medium5CVSS 2.0
AVNACLAuNCNINAP
EXPLOIT
EPSS
10.48%
95.2th percentile
Format string vulnerability in the extractPages function in utils/pdfseparate.cc in poppler before 0.24.3 allows remote attackers to cause a denial of service (crash) via format string specifiers in a destination filename.
Affected
129 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| debian | poppler | < poppler 0.18.4-9 (bookworm) | poppler 0.18.4-9 (bookworm) |
| freedesktop | poppler | <= 0.24.1 | — |
| freedesktop | poppler | — | — |
| freedesktop | poppler | — | — |
| freedesktop | poppler | — | — |
| freedesktop | poppler | — | — |
| freedesktop | poppler | — | — |
| freedesktop | poppler | — | — |
| freedesktop | poppler | — | — |
| freedesktop | poppler | — | — |
| freedesktop | poppler | — | — |
| freedesktop | poppler | — | — |
| freedesktop | poppler | — | — |
| freedesktop | poppler | — | — |
| freedesktop | poppler | — | — |
| freedesktop | poppler | — | — |
| freedesktop | poppler | — | — |
| freedesktop | poppler | — | — |
| freedesktop | poppler | — | — |
| freedesktop | poppler | — | — |
| freedesktop | poppler | — | — |
| freedesktop | poppler | — | — |
CVSS provenance
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
osv7.5HIGH
vendor_ubuntu7.5HIGH
vendor_debian5.0LOW
vendor_redhat5.0MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-7f6f-5883-mmhm: Format string vulnerability in the extractPages function in utils/pdfseparate
ghsa_unreviewed·2022-05-17
CVE-2013-4474 [MEDIUM] CWE-20 GHSA-7f6f-5883-mmhm: Format string vulnerability in the extractPages function in utils/pdfseparate
Format string vulnerability in the extractPages function in utils/pdfseparate.cc in poppler before 0.24.3 allows remote attackers to cause a denial of service (crash) via format string specifiers in a destination filename.
OSV
poppler vulnerabilities
osv·2016-05-02·CVSS 7.5
CVE-2013-4473 [HIGH] poppler vulnerabilities
poppler vulnerabilities
It was discovered that the poppler pdfseparate tool incorrectly handled
certain filenames. A local attacker could use this issue to cause the tool
to crash, resulting in a denial of service, or possibly execute arbitrary
code. This issue only applied to Ubuntu 12.04 LTS. (CVE-2013-4473,
CVE-2013-4474)
It was discovered that poppler incorrectly parsed certain malformed PDF
documents. If a user or automated system were tricked into opening a
crafted PDF file, an attacker could cause a denial of service or possibly
execute arbitrary code with privileges of the user invoking the program.
(CVE-2015-8868)
OSV
CVE-2013-4474: Format string vulnerability in the extractPages function in utils/pdfseparate
osv·2013-11-23·CVSS 5.0
CVE-2013-4474 [MEDIUM] CVE-2013-4474: Format string vulnerability in the extractPages function in utils/pdfseparate
Format string vulnerability in the extractPages function in utils/pdfseparate.cc in poppler before 0.24.3 allows remote attackers to cause a denial of service (crash) via format string specifiers in a destination filename.
Ubuntu
poppler vulnerabilities
vendor_ubuntu·2016-05-02·CVSS 7.5
CVE-2013-4473 [HIGH] poppler vulnerabilities
Title: poppler vulnerabilities
Summary: poppler could be made to crash or run programs if it opened a specially
crafted file.
It was discovered that the poppler pdfseparate tool incorrectly handled
certain filenames. A local attacker could use this issue to cause the tool
to crash, resulting in a denial of service, or possibly execute arbitrary
code. This issue only applied to Ubuntu 12.04 LTS. (CVE-2013-4473,
CVE-2013-4474)
It was discovered that poppler incorrectly parsed certain malformed PDF
documents. If a user or automated system were tricked into opening a
crafted PDF file, an attacker could cause a denial of service or possibly
execute arbitrary code with privileges of the user invoking the program.
(CVE-2015-8868)
Instructions: In general, a standard system update will make al
Red Hat
poppler: format string flaw in pdfseparate utility
vendor_redhat·2013-10-26·CVSS 5.0
CVE-2013-4474 [MEDIUM] poppler: format string flaw in pdfseparate utility
poppler: format string flaw in pdfseparate utility
Format string vulnerability in the extractPages function in utils/pdfseparate.cc in poppler before 0.24.3 allows remote attackers to cause a denial of service (crash) via format string specifiers in a destination filename.
Statement: Not Vulnerable. This issue does not affect the version of poppler as shipped with Red Hat Enterprise Linux 5 and 6.
Package: poppler (Red Hat Enterprise Linux 5) - Not affected
Package: poppler (Red Hat Enterprise Linux 6) - Not affected
Package: poppler (Red Hat Enterprise Linux 7) - Not affected
Debian
CVE-2013-4474: poppler - Format string vulnerability in the extractPages function in utils/pdfseparate.cc...
vendor_debian·2013·CVSS 5.0
CVE-2013-4474 [MEDIUM] CVE-2013-4474: poppler - Format string vulnerability in the extractPages function in utils/pdfseparate.cc...
Format string vulnerability in the extractPages function in utils/pdfseparate.cc in poppler before 0.24.3 allows remote attackers to cause a denial of service (crash) via format string specifiers in a destination filename.
Scope: local
bookworm: resolved (fixed in 0.18.4-9)
bullseye: resolved (fixed in 0.18.4-9)
forky: resolved (fixed in 0.18.4-9)
sid: resolved (fixed in 0.18.4-9)
trixie: resolved (fixed in 0.18.4-9)
No detection rules found.
Bugzilla
CVE-2013-4472 CVE-2013-4473 CVE-2013-4474 poppler: various flaws [fedora-all]
bugzilla·2013-10-30·CVSS 3.3
CVE-2013-4472 [LOW] CVE-2013-4472 CVE-2013-4473 CVE-2013-4474 poppler: various flaws [fedora-all]
CVE-2013-4472 CVE-2013-4473 CVE-2013-4474 poppler: various flaws [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of Fedora.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When creating a Bodhi update request, please use the bodhi submission link
noted in the next comment(s). This will include the bug IDs of this
tracking bug as well as the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
Bodhi notes field when available.
Please note: this issue aff
Bugzilla
CVE-2013-4474 poppler: format string flaw in pdfseparate utility
bugzilla·2013-10-30·CVSS 5.0
CVE-2013-4474 [MEDIUM] CVE-2013-4474 poppler: format string flaw in pdfseparate utility
CVE-2013-4474 poppler: format string flaw in pdfseparate utility
Poppler was found to have a user controlled format string vulnerability because it fails to sanitize user-supplied input. An attacker may exploit this issue to execute arbitrary code in the context of the vulnerable application. Failed exploit attempts will likely result in a denial-of-service condition.
The issue is said to be fixed in Poppler 0.24.3.
References:
http://seclists.org/oss-sec/2013/q4/181
Commit:
http://cgit.freedesktop.org/poppler/poppler/commit/?id=61f79b8447c3ac8ab5a26e79e0c28053ffdccf75
Discussion:
Filename(line): poppler-0.24.2/utils/pdfseparate.cc(70)
Code snippet:
bool extractPages (const char *srcFileName, const char *destFileName) {
char pathName[4096];
GooString *gfileName = new GooString (srcF
http://bugs.debian.org/723124http://cgit.freedesktop.org/poppler/poppler/commit/?id=61f79b8447c3ac8ab5a26e79e0c28053ffdccf75http://secunia.com/advisories/56567http://security.gentoo.org/glsa/glsa-201401-21.xmlhttp://www.openwall.com/lists/oss-security/2013/10/29/1http://www.securityfocus.com/bid/63374http://www.ubuntu.com/usn/USN-2958-1https://bugs.freedesktop.org/show_bug.cgi?id=69434http://bugs.debian.org/723124http://cgit.freedesktop.org/poppler/poppler/commit/?id=61f79b8447c3ac8ab5a26e79e0c28053ffdccf75http://secunia.com/advisories/56567http://security.gentoo.org/glsa/glsa-201401-21.xmlhttp://www.openwall.com/lists/oss-security/2013/10/29/1http://www.securityfocus.com/bid/63374http://www.ubuntu.com/usn/USN-2958-1https://bugs.freedesktop.org/show_bug.cgi?id=69434
2013-11-23
Published