1085246 – (CVE-2018-8104) VUL-1: CVE-2018-8104: xpdf: The BufStream::lookChar function in Stream.cc allows attackers to launch denial of service (heap-based buffer over-read and application crash) via a specific pdf file

Bug 1085246 (CVE-2018-8104) - VUL-1: CVE-2018-8104: xpdf: The BufStream::lookChar function in Stream.cc allows attackers to launch denial of service (heap-based buffer over-read and application crash) via a specific pdf file

Summary: VUL-1: CVE-2018-8104: xpdf: The BufStream::lookChar function in Stream.cc all...

Status:	RESOLVED INVALID

Alias:	CVE-2018-8104

Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	Incidents (show other bugs)
Version:	unspecified
Hardware:	Other Other

Priority:	P4 - Low Severity: Minor
Target Milestone:	---
Assignee:	Peter Simons
QA Contact:	Security Team bot

URL:	https://smash.suse.de/issue/201804/
Whiteboard:	CVSSv3:SUSE:CVE-2018-8104:3.3:(AV:L/...
Keywords:

Depends on:
Blocks:	1133493
	Show dependency tree / graph

Clone This Bug

Reported:	2018-03-14 08:56 UTC by Karol Babioch
Modified:	2023-06-14 14:41 UTC (History)
CC List:	3 users (show)

See Also:
Found By:	Security Response Team
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Reproducer (219.88 KB, application/pdf) 2018-03-14 09:04 UTC, Karol Babioch	Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Karol Babioch 2018-03-14 08:56:21 UTC

CVE-2018-8104

The BufStream::lookChar function in Stream.cc in xpdf 4.00 allows attackers to
launch denial of service (heap-based buffer over-read and application crash) via
a specific pdf file, as demonstrated by pdftohtml.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-8104
https://forum.xpdfreader.com/viewtopic.php?f=3&t=652

Comment 1 Karol Babioch 2018-03-14 09:04:39 UTC

Created attachment 763608 [details]
Reproducer

Comment 2 Peter Simons 2018-06-21 08:48:19 UTC

Upstream has not responded to the bug report in their web forum. I am unaware of any fixes for these issues.

Comment 3 Petr Gajdos 2023-06-12 13:06:40 UTC

Could not reproduce a crash or valgrind error for TW,15,12,11sp1/poppler. Since xpdf is not maintained anymore, I suggest to close this.