CVE-2017-2818
published 2017-07-12CVE-2017-2818: An exploitable heap overflow vulnerability exists in the image rendering functionality of Poppler 0.53.0. A specifically crafted PDF can cause an overly large…
PriorityP341high8.8CVSS 3.0
AVNACLPRNUIRSUCHIHAH
EPSS
1.98%
78.0th percentile
An exploitable heap overflow vulnerability exists in the image rendering functionality of Poppler 0.53.0. A specifically crafted PDF can cause an overly large number of color components during image rendering, resulting in heap corruption. An attacker controlled PDF file can be used to trigger this vulnerability.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | poppler | — | — |
| freedesktop | poppler | — | — |
| poppler | poppler | — | — |
CVSS provenance
nvdv3.08.8HIGHCVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
osv8.8HIGH
vendor_debian7.5LOW
vendor_redhat7.5HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-65cm-pc5p-2hgx: An exploitable heap overflow vulnerability exists in the image rendering functionality of Poppler 0
ghsa_unreviewed·2022-05-13
CVE-2017-2818 [HIGH] CWE-119 GHSA-65cm-pc5p-2hgx: An exploitable heap overflow vulnerability exists in the image rendering functionality of Poppler 0
An exploitable heap overflow vulnerability exists in the image rendering functionality of Poppler 0.53.0. A specifically crafted PDF can cause an overly large number of color components during image rendering, resulting in heap corruption. An attacker controlled PDF file can be used to trigger this vulnerability.
OSV
CVE-2017-2818: An exploitable heap overflow vulnerability exists in the image rendering functionality of Poppler 0
osv·2017-07-12·CVSS 8.8
CVE-2017-2818 [HIGH] CVE-2017-2818: An exploitable heap overflow vulnerability exists in the image rendering functionality of Poppler 0
An exploitable heap overflow vulnerability exists in the image rendering functionality of Poppler 0.53.0. A specifically crafted PDF can cause an overly large number of color components during image rendering, resulting in heap corruption. An attacker controlled PDF file can be used to trigger this vulnerability.
Red Hat
poppler: Heap-buffer overflow in the image rendering functionality
vendor_redhat·2017-07-07·CVSS 7.5
CVE-2017-2818 [HIGH] CWE-122 poppler: Heap-buffer overflow in the image rendering functionality
poppler: Heap-buffer overflow in the image rendering functionality
An exploitable heap overflow vulnerability exists in the image rendering functionality of Poppler 0.53.0. A specifically crafted PDF can cause an overly large number of color components during image rendering, resulting in heap corruption. An attacker controlled PDF file can be used to trigger this vulnerability.
Package: poppler (Red Hat Enterprise Linux 5) - Not affected
Package: poppler (Red Hat Enterprise Linux 6) - Not affected
Package: poppler (Red Hat Enterprise Linux 7) - Not affected
Debian
CVE-2017-2818: poppler - An exploitable heap overflow vulnerability exists in the image rendering functio...
vendor_debian·2017·CVSS 7.5
CVE-2017-2818 [HIGH] CVE-2017-2818: poppler - An exploitable heap overflow vulnerability exists in the image rendering functio...
An exploitable heap overflow vulnerability exists in the image rendering functionality of Poppler 0.53.0. A specifically crafted PDF can cause an overly large number of color components during image rendering, resulting in heap corruption. An attacker controlled PDF file can be used to trigger this vulnerability.
Scope: local
bookworm: open
bullseye: open
forky: open
sid: open
trixie: open
No detection rules found.
No public exploits indexed.
Talos
Vulnerability Spotlight: TALOS-2017-0311,0319,0321 - Multiple Remote Code Execution Vulnerability in Poppler PDF library
blogs_talos·2017-07-07·CVSS 7.5
[HIGH] Vulnerability Spotlight: TALOS-2017-0311,0319,0321 - Multiple Remote Code Execution Vulnerability in Poppler PDF library
## Vulnerability Spotlight: TALOS-2017-0311,0319,0321 - Multiple Remote Code Execution Vulnerability in Poppler PDF library
Vulnerability discovered by Marcin Noga, Lilith Wyatt and Aleksandar Nikolic of Cisco Talos.
## Overview Talos has discovered multiple vulnerabilities in the freedesktop.org Poppler PDF library. Exploiting these vulnerabilities can allow an attacker to gain full control over the victim's machine. If an attacker builds a specially crafted PDF document and the victim opens it, the attackers code will be executed with the privileges of the local user.
## Details
Poppler is a shared library for displaying PDF files, used as middleware within different enterprise and open source solutions (e.g. Gimp). It is forked off from XPDF and is a complete implementation of the P
Talos
Vulnerability Spotlight: TALOS-2017-0311,0319,0321 - Multiple Remote Code Execution Vulnerability in Poppler PDF library
blogs_talos·2017-07-07·CVSS 7.5
[HIGH] Vulnerability Spotlight: TALOS-2017-0311,0319,0321 - Multiple Remote Code Execution Vulnerability in Poppler PDF library
Vulnerability discovered by Marcin Noga, Lilith Wyatt and Aleksandar Nikolic of Cisco Talos.
### Overview Talos has discovered multiple vulnerabilities in the freedesktop.org Poppler PDF library. Exploiting these vulnerabilities can allow an attacker to gain full control over the victim's machine. If an attacker builds a specially crafted PDF document and the victim opens it, the attackers code will be executed with the privileges of the local user.
### Details
Poppler is a shared library for displaying PDF files, used as middleware within different enterprise and open source solutions (e.g. Gimp). It is forked off from XPDF and is a complete implementation of the PDF ISO standard. Talos identified three remote code execution vulnerabilities in the Poppler library.
TALOS-2017-0311 / CV
Bugzilla
CVE-2017-2818 poppler: Heap-buffer overflow in the image rendering functionality
bugzilla·2017-07-12·CVSS 7.5
CVE-2017-2818 [HIGH] CVE-2017-2818 poppler: Heap-buffer overflow in the image rendering functionality
CVE-2017-2818 poppler: Heap-buffer overflow in the image rendering functionality
An exploitable heap overflow vulnerability exists in the image rendering functionality of Poppler. A specifically crafted PDF can cause an overly large number of color components during image rendering, resulting in heap corruption. An attacker controlled PDF file can be used to trigger this vulnerability.
External References:
https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0319
Discussion:
As per the upstream advisory:
"The Poppler library, by default, uses a private implementation of reading and rendering images. There is a compilation option for libjpeg support, but the flag is not enabled by default. This private implementation contains assumptions about the JPEG file headers that
2017-07-12
Published