CVE-2019-9200

high-risk

Published 2019-02-26

A heap-based buffer underwrite exists in ImageStream::getLine() located at Stream.cc in Poppler 0.74.0 that can (for example) be triggered by sending a crafted PDF file to the pdfimages binary. It allows an attacker to cause Denial of Service (Segmentation fault) or possibly have unspecified other impact.

Do I need to act?

5.3% chance of exploitation in next 30 days

EPSS score — moderate exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 8.8/10 High

NETWORK / LOW complexity

Affected Products (6)

Poppler

Debian Linux

Ubuntu Linux

Affected Vendors

Debian Canonical Freedesktop

References (24)

Third Party Advisory http://www.securityfocus.com/bid/107172

https://access.redhat.com/errata/RHSA-2019:2022

https://access.redhat.com/errata/RHSA-2019:2713

Exploit https://gitlab.freedesktop.org/poppler/poppler/issues/728

Mailing List https://lists.debian.org/debian-lts-announce/2019/03/msg00008.html

https://lists.debian.org/debian-lts-announce/2020/07/msg00018.html

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapro...

Exploit https://research.loginsoft.com/bugs/heap-based-buffer-underwrite-in-imagestreamg...

Third Party Advisory https://usn.ubuntu.com/3905-1/

https://usn.ubuntu.com/4042-1/

Third Party Advisory http://www.securityfocus.com/bid/107172

https://access.redhat.com/errata/RHSA-2019:2022

https://access.redhat.com/errata/RHSA-2019:2713

Exploit https://gitlab.freedesktop.org/poppler/poppler/issues/728

Mailing List https://lists.debian.org/debian-lts-announce/2019/03/msg00008.html

https://lists.debian.org/debian-lts-announce/2020/07/msg00018.html

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapro...

and 4 more references

/ 100

high-risk

Severity 30/34 · Critical

Exploitability 8/34 · Low

Exposure 13/34 · Low