The FoFiType1C::convertToType0 function in FoFiType1C.cc in Poppler 0.59.0 has a heap-based buffer over-read vulnerability if an out-of-bounds font dictionary index is encountered, which allows an attacker to launch a denial of service attack.
Metrics
Affected Vendors & Products
Advisories
Source | ID | Title |
---|---|---|
![]() |
DLA-1177-1 | poppler security update |
![]() |
DSA-4079-1 | poppler security update |
![]() |
EUVD-2017-6452 | The FoFiType1C::convertToType0 function in FoFiType1C.cc in Poppler 0.59.0 has a heap-based buffer over-read vulnerability if an out-of-bounds font dictionary index is encountered, which allows an attacker to launch a denial of service attack. |
![]() |
USN-3517-1 | poppler vulnerabilities |
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
History
No history.

Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2024-08-05T19:42:22.313Z
Reserved: 2017-10-01T00:00:00
Link: CVE-2017-14976

No data.

Status : Deferred
Published: 2017-10-02T01:29:00.627
Modified: 2025-04-20T01:37:25.860
Link: CVE-2017-14976


No data.