Bug 1106018 (CVE-2018-15889) - VUL-1: CVE-2018-15889: podofo: podofo 0.9.6 error handle pdf in PoDoFo::PdfVecObjects::Reserve()
Summary: VUL-1: CVE-2018-15889: podofo: podofo 0.9.6 error handle pdf in PoDoFo::PdfVe...
Status: RESOLVED INVALID
Alias: CVE-2018-15889
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents (show other bugs)
Version: unspecified
Hardware: Other Other
: P4 - Low : Minor
Target Milestone: ---
Assignee: Security Team bot
QA Contact: Security Team bot
URL: https://smash.suse.de/issue/213337/
Whiteboard: CVSSv3:SUSE:CVE-2018-15889:3.3:(AV:L...
Keywords:
Depends on:
Blocks:
 
Reported: 2018-08-27 06:09 UTC by Marcus Meissner
Modified: 2024-06-19 17:59 UTC (History)
4 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Marcus Meissner 2018-08-27 06:09:48 UTC 
rh#1620065

In podofo 0.9.6, the function PoDoFo::PdfParser::ReadObjects() in
base/PdfParser.cpp can cause the program to be aborted, because
PoDoFo::PdfVecObjects::Reserve() in base/PdfVecObjects.h can be called with a
large size value. Remote attackers could leverage this vulnerability to cause a
denial-of-service via a crafted pdf file.

References:
https://bugzilla.redhat.com/show_bug.cgi?id=1620065
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-15889
http://www.cvedetails.com/cve/CVE-2018-15889/
https://sourceforge.net/p/podofo/tickets/27/
Comment 1 Antonio Larrosa 2024-06-19 17:22:27 UTC 
The CVE was rejected (see https://nvd.nist.gov/vuln/detail/CVE-2018-15889 and the comments at the end of https://sourceforge.net/p/podofo/tickets/27/) so I think we can close this as invalid.