CVE-2017-9776 — Integer Overflow or Wraparound

Vendor	Product	Version range	Fixed in
debian	debian_linux	—	—
debian	debian_linux	—	—
debian	poppler	< poppler 0.57.0-2 (bookworm)	poppler 0.57.0-2 (bookworm)
freedesktop	poppler	<= 0.55.0	—
freedesktop	poppler	>= 0 < 0.57.0-2	0.57.0-2
freedesktop	poppler	>= 0 < 0.57.0-2	0.57.0-2
freedesktop	poppler	>= 0 < 0.57.0-2	0.57.0-2
freedesktop	poppler	>= 0 < 0.57.0-2	0.57.0-2
freedesktop	poppler	>= 0 < 0.24.5-2ubuntu4.7	0.24.5-2ubuntu4.7
freedesktop	poppler	>= 0 < 0.41.0-0ubuntu1.4	0.41.0-0ubuntu1.4
redhat	enterprise_linux_desktop	—	—
redhat	enterprise_linux_desktop	—	—
redhat	enterprise_linux_server	—	—
redhat	enterprise_linux_server	—	—
redhat	enterprise_linux_server_aus	—	—
redhat	enterprise_linux_server_aus	—	—
redhat	enterprise_linux_server_eus	—	—
redhat	enterprise_linux_server_eus	—	—
redhat	enterprise_linux_server_eus	—	—
redhat	enterprise_linux_server_tus	—	—
redhat	enterprise_linux_server_tus	—	—
redhat	enterprise_linux_workstation	—	—
redhat	enterprise_linux_workstation	—	—

Ubuntu

poppler vulnerabilities

vendor_ubuntu·2017-10-06·CVSS 7.8

CVE-2017-14518 [HIGH] poppler vulnerabilities Title: poppler vulnerabilities Summary: Several security issues were fixed in poppler. It was discovered that Poppler incorrectly handled certain files. If a user or automated system were tricked into opening a crafted PDF file, an attacker could cause a denial of service. (CVE-2017-14518, CVE-2017-14520, CVE-2017-14617, CVE-2017-14929, CVE-2017-14975, CVE-2017-14977) It was discovered that Poppler incorrectly handled certain files. If a user or automated system were tricked into opening a crafted PDF file, an attacker could cause a denial of service. This issue only affected Ubuntu 17.04 and 16.04. (CVE-2017-14926, CVE-2017-14928) Alberto Garcia, Francisco Oca and Suleman Ali discovered that Poppler incorrectly handled certain files. If a user or automated system were tricked into ope

Red Hat

poppler: Integer overflow in JBIG2Stream.cc

vendor_redhat·2017-06-21·CVSS 7.8

CVE-2017-9776 [HIGH] CWE-190 poppler: Integer overflow in JBIG2Stream.cc poppler: Integer overflow in JBIG2Stream.cc Integer overflow leading to Heap buffer overflow in JBIG2Stream.cc in pdftocairo in Poppler before 0.56 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted PDF document. An integer overflow leading to heap-based buffer overflow was found in the poppler library. An attacker could create a malicious PDF file that would cause applications that use poppler (such as Evince) to crash, or potentially execute arbitrary code when opened. Package: poppler (Red Hat Enterprise Linux 5) - Will not fix

Debian

CVE-2017-9776: poppler - Integer overflow leading to Heap buffer overflow in JBIG2Stream.cc in pdftocairo...

vendor_debian·2017·CVSS 7.8

CVE-2017-9776 [HIGH] CVE-2017-9776: poppler - Integer overflow leading to Heap buffer overflow in JBIG2Stream.cc in pdftocairo... Integer overflow leading to Heap buffer overflow in JBIG2Stream.cc in pdftocairo in Poppler before 0.56 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted PDF document. Scope: local bookworm: resolved (fixed in 0.57.0-2) bullseye: resolved (fixed in 0.57.0-2) forky: resolved (fixed in 0.57.0-2) sid: resolved (fixed in 0.57.0-2) trixie: resolved (fixed in 0.57.0-2)

GHSA

GHSA-vj9m-pc78-2rvq: Integer overflow leading to Heap buffer overflow in JBIG2Stream

ghsa_unreviewed·2022-05-14

CVE-2017-9776 [HIGH] CWE-190 GHSA-vj9m-pc78-2rvq: Integer overflow leading to Heap buffer overflow in JBIG2Stream Integer overflow leading to Heap buffer overflow in JBIG2Stream.cc in pdftocairo in Poppler before 0.56 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted PDF document.

OSV

poppler vulnerabilities

osv·2017-10-06·CVSS 7.8

CVE-2017-14518 [HIGH] poppler vulnerabilities poppler vulnerabilities It was discovered that Poppler incorrectly handled certain files. If a user or automated system were tricked into opening a crafted PDF file, an attacker could cause a denial of service. (CVE-2017-14518, CVE-2017-14520, CVE-2017-14617, CVE-2017-14929, CVE-2017-14975, CVE-2017-14977) It was discovered that Poppler incorrectly handled certain files. If a user or automated system were tricked into opening a crafted PDF file, an attacker could cause a denial of service. This issue only affected Ubuntu 17.04 and 16.04. (CVE-2017-14926, CVE-2017-14928) Alberto Garcia, Francisco Oca and Suleman Ali discovered that Poppler incorrectly handled certain files. If a user or automated system were tricked into opening a crafted PDF file, an attacker could cause a denial of ser

OSV

CVE-2017-9776: Integer overflow leading to Heap buffer overflow in JBIG2Stream

osv·2017-06-22·CVSS 7.8

CVE-2017-9776 [HIGH] CVE-2017-9776: Integer overflow leading to Heap buffer overflow in JBIG2Stream Integer overflow leading to Heap buffer overflow in JBIG2Stream.cc in pdftocairo in Poppler before 0.56 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted PDF document.

CVE-2017-9776: Integer overflow leading to Heap buffer overflow in JBIG2Stream.cc in pdftocairo in Poppler before 0.56 allows remote attackers to cause a denial of service…

Affected

CVSS provenance