SB2021012129 - Arch Linux update for podofo 

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2021012129

SB2021012129 - Arch Linux update for podofo

Published: January 21, 2021

Security Bulletin ID SB2021012129
Severity
High
Patch available
YES
Number of vulnerabilities 11
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

High 36% Medium 55% Low 9%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 11 secuirty vulnerabilities.


1) Infinite loop (CVE-ID: CVE-2017-8054)

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

The function PdfPagesTree::GetPageNodeFromArray in PdfPageTree.cpp:464 in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (infinite recursion and application crash) via a crafted PDF document.


2) Uncontrolled Recursion (CVE-ID: CVE-2018-11254)

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

An issue was discovered in PoDoFo 0.9.5. There is an Excessive Recursion in the PdfPagesTree::GetPageNode() function of PdfPagesTree.cpp. Remote attackers could leverage this vulnerability to cause a denial of service through a crafted pdf file, a related issue to CVE-2017-8054.


3) NULL pointer dereference (CVE-ID: CVE-2018-11255)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error. A remote attacker can trigger denial of service conditions via a crafted PDF document.


4) NULL pointer dereference (CVE-ID: CVE-2018-11256)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error. A remote attacker can trigger denial of service conditions via a crafted PDF document.


5) Buffer overflow (CVE-ID: CVE-2018-12982)

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

Invalid memory read in the PoDoFo::PdfVariant::DelayedLoad() function in PdfVariant.h in PoDoFo 0.9.6-rc1 allows remote attackers to have denial-of-service impact via a crafted file.


6) Out-of-bounds read (CVE-ID: CVE-2018-14320)

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition within the PdfEncoding::ParseToUnicode() function in PoDoFo library. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger out-of-bounds read error and read contents of memory on the system.


7) NULL pointer dereference (CVE-ID: CVE-2018-19532)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error in the function PdfTranslator::setTarget() in pdftranslator.cpp of PoDoFo 0.9.6, while creating the PdfXObject, as demonstrated by podofoimpose. It allows an attacker to cause Denial of Service. A remote attacker can perform a denial of service (DoS) attack.


8) NULL pointer dereference (CVE-ID: CVE-2018-20751)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error in crop_page in PoDoFo 0.9.6. For a crafted PDF document, pPage->GetObject()->GetDictionary().AddKey(PdfName("MediaBox"),var) can be problematic due to the function GetObject() being called for the pPage NULL pointer object. The value of pPage at this point is 0x0, which causes a NULL pointer dereference. A remote attacker can perform a denial of service (DoS) attack.


9) Allocation of Resources Without Limits or Throttling (CVE-ID: CVE-2018-5783)

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

In PoDoFo 0.9.5, there is an uncontrolled memory allocation in the PoDoFo::PdfVecObjects::Reserve function (base/PdfVecObjects.h). Remote attackers could leverage this vulnerability to cause a denial of service via a crafted pdf file.


10) NULL pointer dereference (CVE-ID: CVE-2019-9199)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error in pdftranslator.cpp in PoDoFo 0.9.6 has a NULL pointer dereference that can (for example) be triggered by sending a crafted PDF file to the podofoimpose binary. It allows an attacker to cause Denial of Service (Segmentation fault) or possibly have unspecified other impact. A remote attacker can perform a denial of service (DoS) attack.


11) Heap-based buffer overflow (CVE-ID: CVE-2019-9687)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error within the PdfString::ConvertUTF16toUTF8 in base/PdfString.cpp. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger heap-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


Remediation

Install update from vendor's website.

References