CVE-2017-2820
published 2017-07-12CVE-2017-2820: An exploitable integer overflow vulnerability exists in the JPEG 2000 image parsing functionality of freedesktop.org Poppler 0.53.0. A specially crafted PDF…
PriorityP346high8.8CVSS 3.1
AVNACLPRNUIRSUCHIHAH
EPSS
4.42%
90.1th percentile
An exploitable integer overflow vulnerability exists in the JPEG 2000 image parsing functionality of freedesktop.org Poppler 0.53.0. A specially crafted PDF file can lead to an integer overflow causing out of bounds memory overwrite on the heap resulting in potential arbitrary code execution. To trigger this vulnerability, a victim must open the malicious PDF in an application using this library.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | poppler | — | — |
| freedesktop | poppler | — | — |
| freedesktop | poppler | >= 0 < 0.24.5-2ubuntu4.5 | 0.24.5-2ubuntu4.5 |
| freedesktop | poppler | >= 0 < 0.41.0-0ubuntu1.2 | 0.41.0-0ubuntu1.2 |
| poppler | poppler | — | — |
CVSS provenance
nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvdv3.08.8HIGHCVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
osv8.8HIGH
vendor_debian8.8LOW
vendor_redhat8.8HIGH
vendor_ubuntu8.8HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-2v7w-8gjr-q477: An exploitable integer overflow vulnerability exists in the JPEG 2000 image parsing functionality of freedesktop
ghsa_unreviewed·2022-05-13
CVE-2017-2820 [HIGH] CWE-190 GHSA-2v7w-8gjr-q477: An exploitable integer overflow vulnerability exists in the JPEG 2000 image parsing functionality of freedesktop
An exploitable integer overflow vulnerability exists in the JPEG 2000 image parsing functionality of freedesktop.org Poppler 0.53.0. A specially crafted PDF file can lead to an integer overflow causing out of bounds memory overwrite on the heap resulting in potential arbitrary code execution. To trigger this vulnerability, a victim must open the malicious PDF in an application using this library.
OSV
CVE-2017-2820: An exploitable integer overflow vulnerability exists in the JPEG 2000 image parsing functionality of freedesktop
osv·2017-07-12·CVSS 8.8
CVE-2017-2820 [HIGH] CVE-2017-2820: An exploitable integer overflow vulnerability exists in the JPEG 2000 image parsing functionality of freedesktop
An exploitable integer overflow vulnerability exists in the JPEG 2000 image parsing functionality of freedesktop.org Poppler 0.53.0. A specially crafted PDF file can lead to an integer overflow causing out of bounds memory overwrite on the heap resulting in potential arbitrary code execution. To trigger this vulnerability, a victim must open the malicious PDF in an application using this library.
OSV
poppler vulnerabilities
osv·2017-07-07·CVSS 8.8
CVE-2017-2820 [HIGH] poppler vulnerabilities
poppler vulnerabilities
Aleksandar Nikolic discovered that poppler incorrectly handled JPEG 2000
images. If a user or automated system were tricked into opening a crafted
PDF file, an attacker could cause a denial of service or possibly execute
arbitrary code with privileges of the user invoking the program.
(CVE-2017-2820)
Jiaqi Peng discovered that the poppler pdfunite tool incorrectly parsed
certain malformed PDF documents. If a user or automated system were tricked
into opening a crafted PDF file, an attacker could cause poppler to crash,
resulting in a denial of service. (CVE-2017-7511)
It was discovered that the poppler pdfunite tool incorrectly parsed certain
malformed PDF documents. If a user or automated system were tricked into
opening a crafted PDF file, an attacker could cau
Red Hat
poppler: Integer overflow in the JPEG 2000 image parsing functionality
vendor_redhat·2017-07-07·CVSS 8.8
CVE-2017-2820 [HIGH] CWE-190 poppler: Integer overflow in the JPEG 2000 image parsing functionality
poppler: Integer overflow in the JPEG 2000 image parsing functionality
An exploitable integer overflow vulnerability exists in the JPEG 2000 image parsing functionality of freedesktop.org Poppler 0.53.0. A specially crafted PDF file can lead to an integer overflow causing out of bounds memory overwrite on the heap resulting in potential arbitrary code execution. To trigger this vulnerability, a victim must open the malicious PDF in an application using this library.
Package: poppler (Red Hat Enterprise Linux 5) - Not affected
Package: poppler (Red Hat Enterprise Linux 6) - Not affected
Package: poppler (Red Hat Enterprise Linux 7) - Not affected
Ubuntu
poppler vulnerabilities
vendor_ubuntu·2017-07-07·CVSS 8.8
CVE-2017-2820 [HIGH] poppler vulnerabilities
Title: poppler vulnerabilities
Summary: poppler could be made to crash or run programs as your login if it opened a
specially crafted file.
Aleksandar Nikolic discovered that poppler incorrectly handled JPEG 2000
images. If a user or automated system were tricked into opening a crafted
PDF file, an attacker could cause a denial of service or possibly execute
arbitrary code with privileges of the user invoking the program.
(CVE-2017-2820)
Jiaqi Peng discovered that the poppler pdfunite tool incorrectly parsed
certain malformed PDF documents. If a user or automated system were tricked
into opening a crafted PDF file, an attacker could cause poppler to crash,
resulting in a denial of service. (CVE-2017-7511)
It was discovered that the poppler pdfunite tool incorrectly parsed certain
malfo
Debian
CVE-2017-2820: poppler - An exploitable integer overflow vulnerability exists in the JPEG 2000 image pars...
vendor_debian·2017·CVSS 8.8
CVE-2017-2820 [HIGH] CVE-2017-2820: poppler - An exploitable integer overflow vulnerability exists in the JPEG 2000 image pars...
An exploitable integer overflow vulnerability exists in the JPEG 2000 image parsing functionality of freedesktop.org Poppler 0.53.0. A specially crafted PDF file can lead to an integer overflow causing out of bounds memory overwrite on the heap resulting in potential arbitrary code execution. To trigger this vulnerability, a victim must open the malicious PDF in an application using this library.
Scope: local
bookworm: open
bullseye: open
forky: open
sid: open
trixie: open
No detection rules found.
No public exploits indexed.
Talos
Vulnerability Spotlight: TALOS-2017-0311,0319,0321 - Multiple Remote Code Execution Vulnerability in Poppler PDF library
blogs_talos·2017-07-07·CVSS 7.5
[HIGH] Vulnerability Spotlight: TALOS-2017-0311,0319,0321 - Multiple Remote Code Execution Vulnerability in Poppler PDF library
## Vulnerability Spotlight: TALOS-2017-0311,0319,0321 - Multiple Remote Code Execution Vulnerability in Poppler PDF library
Vulnerability discovered by Marcin Noga, Lilith Wyatt and Aleksandar Nikolic of Cisco Talos.
## Overview Talos has discovered multiple vulnerabilities in the freedesktop.org Poppler PDF library. Exploiting these vulnerabilities can allow an attacker to gain full control over the victim's machine. If an attacker builds a specially crafted PDF document and the victim opens it, the attackers code will be executed with the privileges of the local user.
## Details
Poppler is a shared library for displaying PDF files, used as middleware within different enterprise and open source solutions (e.g. Gimp). It is forked off from XPDF and is a complete implementation of the P
Talos
Vulnerability Spotlight: TALOS-2017-0311,0319,0321 - Multiple Remote Code Execution Vulnerability in Poppler PDF library
blogs_talos·2017-07-07·CVSS 7.5
[HIGH] Vulnerability Spotlight: TALOS-2017-0311,0319,0321 - Multiple Remote Code Execution Vulnerability in Poppler PDF library
Vulnerability discovered by Marcin Noga, Lilith Wyatt and Aleksandar Nikolic of Cisco Talos.
### Overview Talos has discovered multiple vulnerabilities in the freedesktop.org Poppler PDF library. Exploiting these vulnerabilities can allow an attacker to gain full control over the victim's machine. If an attacker builds a specially crafted PDF document and the victim opens it, the attackers code will be executed with the privileges of the local user.
### Details
Poppler is a shared library for displaying PDF files, used as middleware within different enterprise and open source solutions (e.g. Gimp). It is forked off from XPDF and is a complete implementation of the PDF ISO standard. Talos identified three remote code execution vulnerabilities in the Poppler library.
TALOS-2017-0311 / CV
Bugzilla
CVE-2017-2820 poppler: Integer overflow in the JPEG 2000 image parsing functionality
bugzilla·2017-07-12·CVSS 8.8
CVE-2017-2820 [HIGH] CVE-2017-2820 poppler: Integer overflow in the JPEG 2000 image parsing functionality
CVE-2017-2820 poppler: Integer overflow in the JPEG 2000 image parsing functionality
An exploitable integer overflow vulnerability exists in the JPEG 2000 image parsing functionality of freedesktop.org Poppler. A specially crafted PDF file can lead to an integer overflow causing out of bounds memory overwrite on the heap resulting in potential arbitrary code execution. To trigger this vulnerability, a victim must open the malicious PDF in an application using this library.
External References:
https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0321
Discussion:
As per upstream advisory:
"Poppler is a popular open source PDF parser library. It is used by default in many open source PDF viewers. The library itself implements a decoder for JPEG 2000 encoded images instead
2017-07-12
Published