MDVSA-2013:143 -- Mandriva popplerID: oval:org.secpod.oval:def:1300180 | Date: (C)2013-04-17 (M)2022-10-10 |
Class: PATCH | Family: unix |
Multiple vulnerabilities has been found and corrected in poppler: poppler before 0.22.1 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via vectors that trigger an invalid memory access in splash/Splash.cc, poppler/Function.cc, and poppler/Stream.cc . poppler/Stream.cc in poppler before 0.22.1 allows context-dependent attackers to have an unspecified impact via vectors that trigger a read of uninitialized memory by the CCITTFaxStream::lookChar function . The updated packages have been patched to correct these issues.
Platform: |
Mandriva Enterprise Server 5.2 |