An exploitable integer overflow vulnerability exists in the JPEG 2000 image parsing functionality of freedesktop.org Poppler 0.53.0. A specially crafted PDF file can lead to an integer overflow causing out of bounds memory overwrite on the heap resulting in potential arbitrary code execution. To trigger this vulnerability, a victim must open the malicious PDF in an application using this library.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: talos

Published:

Updated: 2024-09-16T17:57:59.150Z

Reserved: 2016-12-01T00:00:00

Link: CVE-2017-2820

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Deferred

Published: 2017-07-12T17:29:00.530

Modified: 2025-04-20T01:37:25.860

Link: CVE-2017-2820

cve-icon Redhat

Severity : Moderate

Publid Date: 2017-07-07T00:00:00Z

Links: CVE-2017-2820 - Bugzilla

cve-icon OpenCVE Enrichment

No data.