CVE-2017-6841 - NULL pointer dereference in...

A PDF parsing, modification and creation library.

Brought to you by: domseichter

This project can now be found here.

#10 CVE-2017-6841 - NULL pointer dereference in GraphicsStack::TGraphicsStackElement::~TGraphicsStackElement

Milestone: SVN TRUNK

Status: closed

Owner: nobody

Labels: security (37)

Updated: 2018-03-11

Created: 2018-02-24

Creator: Mattia Rizzolo

Private: No

https://security-tracker.debian.org/tracker/CVE-2017-6841
http://www.openwall.com/lists/oss-security/2017/03/02/2https://blogs.gentoo.org/ago/2017/03/02/podofo-null-pointer-dereference-in-graphicsstacktgraphicsstackelementtgraphicsstackelement-graphicsstack-h
https://bugs.debian.org/861558

The GraphicsStack::TGraphicsStackElement::~TGraphicsStackElement function in graphicsstack.h in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file.

Discussion

zyx - 2018-03-11

This is fied with revision 1892:
http://sourceforge.net/p/podofo/code/1892

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

zyx - 2018-03-11

status: open --> closed
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

CVE-2017-6841 - NULL pointer dereference in...

A PDF parsing, modification and creation library.

Milestone

Searches

Help

#10 CVE-2017-6841 - NULL pointer dereference in GraphicsStack::TGraphicsStackElement::~TGraphicsStackElement

Discussion