CVE-2017-9775: Stack buffer overflow in GfxState.cc in pdftocairo in Poppler before 0.56 allows remote attackers to cause a denial of service (application crash) via a…

medium6.5CVSS 3.0

AVNACLPRNUIRSUCNINAH

Stack buffer overflow in GfxState.cc in pdftocairo in Poppler before 0.56 allows remote attackers to cause a denial of service (application crash) via a crafted PDF document.

Affected

20 ranges

Vendor	Product	Version range	Fixed in
debian	debian_linux	—	—
debian	debian_linux	—	—
debian	poppler	< poppler 0.57.0-2 (bookworm)	poppler 0.57.0-2 (bookworm)
freedesktop	poppler	<= 0.55.0	—
freedesktop	poppler	>= 0 < 0.57.0-2	0.57.0-2
freedesktop	poppler	>= 0 < 0.57.0-2	0.57.0-2
freedesktop	poppler	>= 0 < 0.57.0-2	0.57.0-2
freedesktop	poppler	>= 0 < 0.57.0-2	0.57.0-2
freedesktop	poppler	>= 0 < 0.24.5-2ubuntu4.5	0.24.5-2ubuntu4.5
freedesktop	poppler	>= 0 < 0.41.0-0ubuntu1.2	0.41.0-0ubuntu1.2
redhat	enterprise_linux_desktop	—	—
redhat	enterprise_linux_server	—	—
redhat	enterprise_linux_server_aus	—	—
redhat	enterprise_linux_server_aus	—	—
redhat	enterprise_linux_server_eus	—	—
redhat	enterprise_linux_server_eus	—	—
redhat	enterprise_linux_server_eus	—	—
redhat	enterprise_linux_server_tus	—	—
redhat	enterprise_linux_server_tus	—	—
redhat	enterprise_linux_workstation	—	—

CVSS provenance

nvdv3.06.5MEDIUMCVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

osv8.8HIGH