Novell Home

CVE-2013-7296

Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

Upstream information

CVE-2013-7296 at MITRE

Description

The JBIG2Stream::readSegments method in JBIG2Stream.cc in Poppler before 0.24.5 does not use the correct specifier within a format string, which allows context-dependent attackers to cause a denial of service (segmentation fault and application crash) via a crafted PDF file.

NVD CVSS v2 Base Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)

SUSE information

SUSE Bugzilla entries: 859427, 862080

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
openSUSE 12.3
  • libpoppler-cpp0 >= 0.22.1-1.8.1
  • libpoppler-cpp0-debuginfo >= 0.22.1-1.8.1
  • libpoppler-devel >= 0.22.1-1.8.1
  • libpoppler-glib-devel >= 0.22.1-1.8.1
  • libpoppler-glib8 >= 0.22.1-1.8.1
  • libpoppler-glib8-debuginfo >= 0.22.1-1.8.1
  • libpoppler-qt4-4 >= 0.22.1-1.8.1
  • libpoppler-qt4-4-debuginfo >= 0.22.1-1.8.1
  • libpoppler-qt4-devel >= 0.22.1-1.8.1
  • libpoppler34 >= 0.22.1-1.8.1
  • libpoppler34-debuginfo >= 0.22.1-1.8.1
  • poppler >= 0.22.1-1.8.1
  • poppler-debugsource >= 0.22.1-1.8.1
  • poppler-qt >= 0.22.1-1.8.1
  • poppler-qt-debugsource >= 0.22.1-1.8.1
  • poppler-tools >= 0.22.1-1.8.1
  • poppler-tools-debuginfo >= 0.22.1-1.8.1
  • typelib-1_0-Poppler-0_18 >= 0.22.1-1.8.1
Patchnames:
openSUSE-2014-101
openSUSE 13.1
  • libpoppler-cpp0 >= 0.24.3-8.1
  • libpoppler-cpp0-debuginfo >= 0.24.3-8.1
  • libpoppler-devel >= 0.24.3-8.1
  • libpoppler-glib-devel >= 0.24.3-8.1
  • libpoppler-glib8 >= 0.24.3-8.1
  • libpoppler-glib8-debuginfo >= 0.24.3-8.1
  • libpoppler-qt4-4 >= 0.24.3-8.1
  • libpoppler-qt4-4-debuginfo >= 0.24.3-8.1
  • libpoppler-qt4-devel >= 0.24.3-8.1
  • libpoppler43 >= 0.24.3-8.1
  • libpoppler43-debuginfo >= 0.24.3-8.1
  • poppler >= 0.24.3-8.1
  • poppler-debugsource >= 0.24.3-8.1
  • poppler-qt >= 0.24.3-8.1
  • poppler-qt-debugsource >= 0.24.3-8.1
  • poppler-tools >= 0.24.3-8.1
  • poppler-tools-debuginfo >= 0.24.3-8.1
  • typelib-1_0-Poppler-0_18 >= 0.24.3-8.1
Patchnames:
openSUSE-2014-101
openSUSE Evergreen 11.4
  • libpoppler-cpp0 >= 0.14.4-13.1
  • libpoppler-cpp0-debuginfo >= 0.14.4-13.1
  • libpoppler-devel >= 0.14.4-13.1
  • libpoppler-doc >= 0.14.4-13.1
  • libpoppler-glib-devel >= 0.14.4-13.1
  • libpoppler-glib5 >= 0.14.4-13.1
  • libpoppler-glib5-debuginfo >= 0.14.4-13.1
  • libpoppler7 >= 0.14.4-13.1
  • libpoppler7-debuginfo >= 0.14.4-13.1
  • poppler >= 0.14.4-13.1
  • poppler-debugsource >= 0.14.4-13.1
  • poppler-tools >= 0.14.4-13.1
  • poppler-tools-debuginfo >= 0.14.4-13.1
Patchnames:
2014-19

© 2015 Novell