An exploitable heap overflow vulnerability exists in the image rendering functionality of Poppler 0.53.0. A specifically crafted pdf can cause an image resizing after allocation has already occurred, resulting in heap corruption which can lead to code execution. An attacker controlled PDF file can be used to trigger this vulnerability.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: talos
Published: 2017-07-12T17:00:00Z
Updated: 2024-09-16T19:15:46.393Z
Reserved: 2016-12-01T00:00:00
Link: CVE-2017-2814
Vulnrichment
No data.
NVD
Status : Modified
Published: 2017-07-12T17:29:00.467
Modified: 2022-04-19T19:15:22.107
Link: CVE-2017-2814
Redhat