Bug 1106985

Summary: VUL-1: xpdf: CVE-2018-16369 xpdf: heap-based buffer over-read via a crafted pdf file
Product: [Novell Products] SUSE Security Incidents Reporter: Karol Babioch <karol>
Component: IncidentsAssignee: Peter Simons <peter.simons>
Status: RESOLVED DUPLICATE QA Contact: Security Team bot <security-team>
Severity: Minor    
Priority: P5 - None CC: smash_bz
Version: unspecified   
Target Milestone: ---   
Hardware: Other   
OS: Other   
URL: https://smash.suse.de/issue/213677/
Whiteboard: CVSSv3:RedHat:CVE-2018-16369:3.3:(AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) CVSSv3:SUSE:CVE-2018-16369:3.3:(AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) CVSSv2:NVD:CVE-2018-16369:4.3:(AV:N/AC:M/Au:N/C:N/I:N/A:P) CVSSv3:NVD:CVE-2018-16369:5.5:(AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) maint:planned:update
Found By: Security Response Team Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description Karol Babioch 2018-09-04 06:31:43 UTC 
rh#1624990

A flaw was found in Xpdf 4.00. The XRef::fetch in XRef.cc allows remote attackers to cause a denial of service (stack consumption) via a crafted pdf file, related to AcroForm::scanField, as demonstrated by pdftohtml. NOTE: this might overlap CVE-2018-7453.


References:
https://github.com/TeamSeri0us/pocs/tree/master/xpdf

References:
https://bugzilla.redhat.com/show_bug.cgi?id=1624990
Comment 1 Karol Babioch 2018-09-04 06:41:41 UTC 
Duplicate.

*** This bug has been marked as a duplicate of bug 1106879 ***