openSUSE Security Update : poppler (openSUSE-2018-648)

high Nessus Plugin ID 110592

Language:

Synopsis

The remote openSUSE host is missing a security update.

Description

This update for poppler fixes the following issues :

These security issues were fixed :

- CVE-2017-14517: Prevent NULL pointer dereference in the XRef::parseEntry() function via a crafted PDF document (bsc#1059066).

- CVE-2017-9865: Fixed a stack-based buffer overflow vulnerability in GfxState.cc that would have allowed attackers to facilitate a denial-of-service attack via specially crafted PDF documents. (bsc#1045939)

- CVE-2017-14518: Remedy a floating point exception in isImageInterpolationRequired() that could have been exploited using a specially crafted PDF document.
(bsc#1059101)

- CVE-2017-14520: Remedy a floating point exception in Splash::scaleImageYuXd() that could have been exploited using a specially crafted PDF document. (bsc#1059155)

- CVE-2017-14617: Fixed a floating point exception in Stream.cc, which may lead to a potential attack when handling malicious PDF files. (bsc#1060220)

- CVE-2017-14928: Fixed a NULL pointer dereference in AnnotRichMedia::Configuration::Configuration() in Annot.cc, which may lead to a potential attack when handling malicious PDF files. (bsc#1061092)

- CVE-2017-14975: Fixed a NULL pointer dereference vulnerability, that existed because a data structure in FoFiType1C.cc was not initialized, which allowed an attacker to launch a denial of service attack.
(bsc#1061263)

- CVE-2017-14976: Fixed a heap-based buffer over-read vulnerability in FoFiType1C.cc that occurred when an out-of-bounds font dictionary index was encountered, which allowed an attacker to launch a denial of service attack. (bsc#1061264)

- CVE-2017-14977: Fixed a NULL pointer dereference vulnerability in the FoFiTrueType::getCFFBlock() function in FoFiTrueType.cc that occurred due to lack of validation of a table pointer, which allows an attacker to launch a denial of service attack. (bsc#1061265)

- CVE-2017-15565: Prevent NULL pointer dereference in the GfxImageColorMap::getGrayLine() function via a crafted PDF document (bsc#1064593).

- CVE-2017-1000456: Validate boundaries in TextPool::addWord to prevent overflows in subsequent calculations (bsc#1074453).

This update was imported from the SUSE:SLE-12-SP2:Update update project.

Solution

Update the affected poppler packages.

See Also

https://bugzilla.opensuse.org/show_bug.cgi?id=1045939

https://bugzilla.opensuse.org/show_bug.cgi?id=1059066

https://bugzilla.opensuse.org/show_bug.cgi?id=1059101

https://bugzilla.opensuse.org/show_bug.cgi?id=1059155

https://bugzilla.opensuse.org/show_bug.cgi?id=1060220

https://bugzilla.opensuse.org/show_bug.cgi?id=1061092

https://bugzilla.opensuse.org/show_bug.cgi?id=1061263

https://bugzilla.opensuse.org/show_bug.cgi?id=1061264

https://bugzilla.opensuse.org/show_bug.cgi?id=1061265

https://bugzilla.opensuse.org/show_bug.cgi?id=1064593

https://bugzilla.opensuse.org/show_bug.cgi?id=1074453

Plugin Details

Severity: High

ID: 110592

File Name: openSUSE-2018-648.nasl

Version: 1.5

Type: local

Agent: unix

Published: 6/18/2018

Updated: 9/17/2024

Supported Sensors: Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

CVSS Score Source: CVE-2017-15565

CVSS v3

Risk Factor: High

Base Score: 8.8

Temporal Score: 7.9

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:novell:opensuse:libpoppler-qt4-4, p-cpe:/a:novell:opensuse:libpoppler-glib8-32bit, p-cpe:/a:novell:opensuse:libpoppler-qt5-1-debuginfo, p-cpe:/a:novell:opensuse:libpoppler-qt5-1, p-cpe:/a:novell:opensuse:libpoppler60-32bit, p-cpe:/a:novell:opensuse:libpoppler-glib-devel, p-cpe:/a:novell:opensuse:poppler-qt-debugsource, p-cpe:/a:novell:opensuse:libpoppler-qt5-1-debuginfo-32bit, cpe:/o:novell:opensuse:42.3, p-cpe:/a:novell:opensuse:libpoppler-qt4-4-debuginfo, p-cpe:/a:novell:opensuse:libpoppler-qt5-1-32bit, p-cpe:/a:novell:opensuse:poppler-qt5-debugsource, p-cpe:/a:novell:opensuse:libpoppler60, p-cpe:/a:novell:opensuse:libpoppler60-debuginfo-32bit, p-cpe:/a:novell:opensuse:libpoppler-qt4-4-debuginfo-32bit, p-cpe:/a:novell:opensuse:libpoppler-cpp0-debuginfo-32bit, p-cpe:/a:novell:opensuse:libpoppler-glib8-debuginfo-32bit, p-cpe:/a:novell:opensuse:libpoppler-glib8, p-cpe:/a:novell:opensuse:poppler-tools, p-cpe:/a:novell:opensuse:libpoppler-devel, p-cpe:/a:novell:opensuse:libpoppler-cpp0, p-cpe:/a:novell:opensuse:libpoppler-glib8-debuginfo, p-cpe:/a:novell:opensuse:libpoppler-cpp0-debuginfo, p-cpe:/a:novell:opensuse:libpoppler-qt4-4-32bit, p-cpe:/a:novell:opensuse:libpoppler-qt4-devel, p-cpe:/a:novell:opensuse:poppler-debugsource, p-cpe:/a:novell:opensuse:libpoppler-qt5-devel, p-cpe:/a:novell:opensuse:libpoppler-cpp0-32bit, p-cpe:/a:novell:opensuse:libpoppler60-debuginfo, p-cpe:/a:novell:opensuse:poppler-tools-debuginfo, p-cpe:/a:novell:opensuse:typelib-1_0-poppler-0_18

Required KB Items: Host/local_checks_enabled, Host/SuSE/release, Host/SuSE/rpm-list, Host/cpu

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 6/16/2018

Vulnerability Publication Date: 6/25/2017

Reference Information

CVE: CVE-2017-1000456, CVE-2017-14517, CVE-2017-14518, CVE-2017-14520, CVE-2017-14617, CVE-2017-14928, CVE-2017-14975, CVE-2017-14976, CVE-2017-14977, CVE-2017-15565, CVE-2017-9865