The FoFiType1C::convertToType0 function in FoFiType1C.cc in Poppler 0.59.0 has a NULL pointer dereference vulnerability because a data structure is not initialized, which allows an attacker to launch a denial of service attack.
Advisories
Source ID Title
Debian DLA Debian DLA DLA-1177-1 poppler security update
Debian DSA Debian DSA DSA-4079-1 poppler security update
EUVD EUVD EUVD-2017-6451 The FoFiType1C::convertToType0 function in FoFiType1C.cc in Poppler 0.59.0 has a NULL pointer dereference vulnerability because a data structure is not initialized, which allows an attacker to launch a denial of service attack.
Ubuntu USN Ubuntu USN USN-3440-1 poppler vulnerabilities
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2024-08-05T19:42:22.353Z

Reserved: 2017-10-01T00:00:00

Link: CVE-2017-14975

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Deferred

Published: 2017-10-02T01:29:00.593

Modified: 2025-04-20T01:37:25.860

Link: CVE-2017-14975

cve-icon Redhat

Severity : Low

Publid Date: 2017-09-11T00:00:00Z

Links: CVE-2017-14975 - Bugzilla

cve-icon OpenCVE Enrichment

No data.