{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2013-12-07T00:00:00", "descriptions": [{"lang": "en", "value": "The JBIG2Stream::readSegments method in JBIG2Stream.cc in Poppler before 0.24.5 does not use the correct specifier within a format string, which allows context-dependent attackers to cause a denial of service (segmentation fault and application crash) via a crafted PDF file."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-28T12:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "FEDORA-2014-0156", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125710.html"}, {"name": "56567", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/56567"}, {"name": "[oss-security] 20140117 Re: CVE Request - Poppler library: DoS fixed in 0.24.5", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://seclists.org/oss-sec/2014/q1/105"}, {"name": "GLSA-201401-21", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "http://security.gentoo.org/glsa/glsa-201401-21.xml"}, {"tags": ["x_refsource_MISC"], "url": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=58e04a08afee39370283c494ee2e4e392fd3b684"}, {"name": "poppler-jbig2stream-readsegments-dos(90552)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90552"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1048199"}, {"name": "[oss-security] 20140116 CVE Request - Poppler library: DoS fixed in 0.24.5", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://seclists.org/oss-sec/2014/q1/97"}, {"name": "56776", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/56776"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2013-7296", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The JBIG2Stream::readSegments method in JBIG2Stream.cc in Poppler before 0.24.5 does not use the correct specifier within a format string, which allows context-dependent attackers to cause a denial of service (segmentation fault and application crash) via a crafted PDF file."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "FEDORA-2014-0156", "refsource": "FEDORA", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125710.html"}, {"name": "56567", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/56567"}, {"name": "[oss-security] 20140117 Re: CVE Request - Poppler library: DoS fixed in 0.24.5", "refsource": "MLIST", "url": "http://seclists.org/oss-sec/2014/q1/105"}, {"name": "GLSA-201401-21", "refsource": "GENTOO", "url": "http://security.gentoo.org/glsa/glsa-201401-21.xml"}, {"name": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=58e04a08afee39370283c494ee2e4e392fd3b684", "refsource": "MISC", "url": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=58e04a08afee39370283c494ee2e4e392fd3b684"}, {"name": "poppler-jbig2stream-readsegments-dos(90552)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90552"}, {"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1048199", "refsource": "CONFIRM", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1048199"}, {"name": "[oss-security] 20140116 CVE Request - Poppler library: DoS fixed in 0.24.5", "refsource": "MLIST", "url": "http://seclists.org/oss-sec/2014/q1/97"}, {"name": "56776", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/56776"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T18:01:20.423Z"}, "title": "CVE Program Container", "references": [{"name": "FEDORA-2014-0156", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125710.html"}, {"name": "56567", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/56567"}, {"name": "[oss-security] 20140117 Re: CVE Request - Poppler library: DoS fixed in 0.24.5", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://seclists.org/oss-sec/2014/q1/105"}, {"name": "GLSA-201401-21", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "http://security.gentoo.org/glsa/glsa-201401-21.xml"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=58e04a08afee39370283c494ee2e4e392fd3b684"}, {"name": "poppler-jbig2stream-readsegments-dos(90552)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90552"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1048199"}, {"name": "[oss-security] 20140116 CVE Request - Poppler library: DoS fixed in 0.24.5", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://seclists.org/oss-sec/2014/q1/97"}, {"name": "56776", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/56776"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2013-7296", "datePublished": "2014-01-26T01:00:00", "dateReserved": "2014-01-17T00:00:00", "dateUpdated": "2024-08-06T18:01:20.423Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:freedesktop:poppler:*:*:*:*:*:*:*:*", "matchCriteriaId": "470EC7C4-3102-4DFF-AF5A-C7F8ED2822B6", "versionEndIncluding": "0.24.3", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:poppler:0.1:*:*:*:*:*:*:*", "matchCriteriaId": "28BB4DC8-BCD6-44EB-BD73-C650AF47FE19", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:poppler:0.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "BB2E8A2B-D2FC-4840-BC26-DB2A0E4DA4E2", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:poppler:0.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "81AD541A-77B3-44D3-9442-BAD8888331B8", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:poppler:0.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "3FA68DBB-D9AE-4326-AAF4-0D8EF2594107", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:poppler:0.10.0:*:*:*:*:*:*:*", "matchCriteriaId": "271E2F6D-5DAC-4B48-A6DC-C1BD5424D7BF", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:poppler:0.10.1:*:*:*:*:*:*:*", "matchCriteriaId": "B2578912-1929-4CCC-B718-60279F5DD9DF", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:poppler:0.10.2:*:*:*:*:*:*:*", "matchCriteriaId": "8739E30F-7987-4749-926A-45B53220D95B", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:poppler:0.10.3:*:*:*:*:*:*:*", "matchCriteriaId": "907F732E-2AC2-4C66-B240-03C5B1A8BE89", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:poppler:0.10.4:*:*:*:*:*:*:*", "matchCriteriaId": "36176CB9-CB8A-4B54-855D-76D0C9FFA4A9", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:poppler:0.10.5:*:*:*:*:*:*:*", "matchCriteriaId": "B2E6F617-47EA-40A7-8140-D220F73895C1", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:poppler:0.10.6:*:*:*:*:*:*:*", "matchCriteriaId": "3BFF932F-B15C-426C-8368-918BD5397326", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:poppler:0.10.7:*:*:*:*:*:*:*", "matchCriteriaId": "D2E2EF83-C5EF-4A07-9690-D1659AB88AED", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:poppler:0.11.0:*:*:*:*:*:*:*", "matchCriteriaId": "906DB5B3-3AD3-4763-9B97-0875485701AB", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:poppler:0.11.1:*:*:*:*:*:*:*", "matchCriteriaId": "9BF81A03-C47B-4250-BF4C-C637662876EB", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:poppler:0.11.2:*:*:*:*:*:*:*", "matchCriteriaId": "BE65D66E-F51E-4B14-901D-8EA47C128CE4", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:poppler:0.11.3:*:*:*:*:*:*:*", "matchCriteriaId": "EF00D9C1-07DE-43DF-8185-A06406F61ADE", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:poppler:0.12.0:*:*:*:*:*:*:*", "matchCriteriaId": "B6B36DB5-6D7D-475D-BD6B-AF1401C41EE7", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:poppler:0.12.1:*:*:*:*:*:*:*", "matchCriteriaId": "443737A0-75DE-436D-81C0-FC94CB23F2FC", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:poppler:0.12.2:*:*:*:*:*:*:*", "matchCriteriaId": "6F7D0BBE-D4B4-4CF2-91F1-50864DC92F43", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:poppler:0.12.3:*:*:*:*:*:*:*", "matchCriteriaId": "03727E0E-E5E9-40EF-B3B6-05B600F04282", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:poppler:0.12.4:*:*:*:*:*:*:*", "matchCriteriaId": "C9DC337D-EBB4-403D-B32D-7B195725CD05", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:poppler:0.13.0:*:*:*:*:*:*:*", "matchCriteriaId": "0AEF3348-5BB0-45CB-B59B-4A90EEAAF2BD", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:poppler:0.13.1:*:*:*:*:*:*:*", "matchCriteriaId": "949E12C4-97BA-4D56-B18E-4AC032834D14", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:poppler:0.13.2:*:*:*:*:*:*:*", "matchCriteriaId": "40A9D590-FF77-4181-B46C-668249A9B255", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:poppler:0.13.3:*:*:*:*:*:*:*", "matchCriteriaId": "5B0CC3B1-C3F6-4211-9B68-5ACD0834F8CD", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:poppler:0.13.4:*:*:*:*:*:*:*", "matchCriteriaId": "6F4179FF-0856-4F0E-8487-3B9B94D89DBA", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:poppler:0.14.0:*:*:*:*:*:*:*", "matchCriteriaId": "4D991BB6-38E6-4E0B-8C15-6EC5F3058DC5", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:poppler:0.14.1:*:*:*:*:*:*:*", "matchCriteriaId": "379D1862-1EF5-462B-9727-D3F4E14FEB3E", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:poppler:0.14.2:*:*:*:*:*:*:*", "matchCriteriaId": "A60E0080-2617-40C1-8796-DDE2846546BF", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:poppler:0.14.3:*:*:*:*:*:*:*", "matchCriteriaId": "2DC44976-236F-4796-B7B7-FFF107B44F5E", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:poppler:0.14.4:*:*:*:*:*:*:*", "matchCriteriaId": "47D1FC9F-4DFD-4923-9C70-0EA3A7F95F8F", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:poppler:0.14.5:*:*:*:*:*:*:*", "matchCriteriaId": "AB53D75E-917C-4D01-960B-4E6503C19E83", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:poppler:0.15.0:*:*:*:*:*:*:*", "matchCriteriaId": "F2CD559C-B0FD-4ED1-AB8B-93EFB1B536FE", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:poppler:0.15.1:*:*:*:*:*:*:*", "matchCriteriaId": "D3E970BB-37CA-441C-8D2E-CAEBA1E4671A", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:poppler:0.15.2:*:*:*:*:*:*:*", "matchCriteriaId": "ADA83F24-7708-4751-BE4F-A33EFF77D1BB", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:poppler:0.15.3:*:*:*:*:*:*:*", "matchCriteriaId": "3896B9F2-83A0-40AB-A3BC-20BE0415B5F8", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:poppler:0.16.0:*:*:*:*:*:*:*", "matchCriteriaId": "7E6C7D9F-BC8C-4C31-AC76-978E7E461571", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:poppler:0.16.1:*:*:*:*:*:*:*", "matchCriteriaId": "78CCF102-5C54-49AC-9CE5-A2E1CD062C9E", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:poppler:0.16.2:*:*:*:*:*:*:*", "matchCriteriaId": "FF9EBACF-EE24-4991-B7D0-DCA028A699DC", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:poppler:0.16.3:*:*:*:*:*:*:*", "matchCriteriaId": "8EE9AD76-9D5A-4EED-816F-84D12D2617BD", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:poppler:0.16.4:*:*:*:*:*:*:*", "matchCriteriaId": "043A5C6F-8E1D-4B4F-9F47-8C9A331AA13A", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:poppler:0.16.5:*:*:*:*:*:*:*", "matchCriteriaId": "039CF6A6-6273-4BA7-B517-075AAA8F206D", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:poppler:0.16.6:*:*:*:*:*:*:*", "matchCriteriaId": "79708E36-EBBE-43E8-918C-A006DAE59D27", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:poppler:0.16.7:*:*:*:*:*:*:*", "matchCriteriaId": "7DF74129-BF02-4CB2-8813-8825FA28D39B", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:poppler:0.17.0:*:*:*:*:*:*:*", "matchCriteriaId": "069D3AF1-92EB-493C-B465-AD080D16A0C9", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:poppler:0.17.1:*:*:*:*:*:*:*", "matchCriteriaId": "C4A74B84-7805-4DB3-B589-C95A41538258", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:poppler:0.17.2:*:*:*:*:*:*:*", "matchCriteriaId": "0DC0B895-B214-44F2-8552-D4CE27CA71B2", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:poppler:0.17.3:*:*:*:*:*:*:*", "matchCriteriaId": "1B464004-B108-400A-8EF1-66C9BDDD0431", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:poppler:0.17.4:*:*:*:*:*:*:*", "matchCriteriaId": "2E179689-E881-4528-BB29-F0BD41B2611C", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:poppler:0.18.0:*:*:*:*:*:*:*", "matchCriteriaId": "DBAEB0E8-B097-44EE-B3C2-674B2E0D880E", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:poppler:0.18.1:*:*:*:*:*:*:*", "matchCriteriaId": "ED35025A-5A38-4114-BE98-90665BE328A0", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:poppler:0.18.2:*:*:*:*:*:*:*", "matchCriteriaId": "B8269E19-8D3D-4D46-BA38-5B4259279927", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:poppler:0.18.3:*:*:*:*:*:*:*", "matchCriteriaId": "7DBACC6D-F45C-4E7F-AF57-5F2636BFAC6A", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:poppler:0.18.4:*:*:*:*:*:*:*", "matchCriteriaId": "87CC490B-2653-45B2-B76E-27C58F804807", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:poppler:0.19.0:*:*:*:*:*:*:*", "matchCriteriaId": "F1620ED7-17B5-42B3-A331-EA0DB4F3A73A", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:poppler:0.19.1:*:*:*:*:*:*:*", "matchCriteriaId": "5FA33265-F8EB-4D5F-AFCE-2DBFB6BFED62", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:poppler:0.19.2:*:*:*:*:*:*:*", "matchCriteriaId": "FA407987-21C8-4930-9D03-B74210490E32", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:poppler:0.19.3:*:*:*:*:*:*:*", "matchCriteriaId": "8192A381-A80E-4800-A85C-B799AACFE897", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:poppler:0.19.4:*:*:*:*:*:*:*", "matchCriteriaId": "23516598-8E84-4092-BA33-695E7A352175", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:poppler:0.20.0:*:*:*:*:*:*:*", "matchCriteriaId": "9F90CD7B-E988-4ADA-8809-9220F8309C05", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:poppler:0.20.1:*:*:*:*:*:*:*", "matchCriteriaId": "855A2B51-945A-4007-8F6A-8C198B19BC13", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:poppler:0.20.2:*:*:*:*:*:*:*", "matchCriteriaId": "7A8B83EE-113B-49CC-A168-ED373B8E9F85", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:poppler:0.20.3:*:*:*:*:*:*:*", "matchCriteriaId": "1FBF9CF8-AE84-4609-9347-173D1E1D5F14", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:poppler:0.20.4:*:*:*:*:*:*:*", "matchCriteriaId": "527709DC-A1FC-47C0-AC6B-2833EF0CC277", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:poppler:0.20.5:*:*:*:*:*:*:*", "matchCriteriaId": "15A1B4BE-12A6-43DF-959C-965E75F04875", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:poppler:0.21.0:*:*:*:*:*:*:*", "matchCriteriaId": "5FDFC91E-9123-4729-916F-24E62742B149", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:poppler:0.21.1:*:*:*:*:*:*:*", "matchCriteriaId": "C0090ED0-AF62-4A40-85E1-5502C0E5B6D3", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:poppler:0.21.2:*:*:*:*:*:*:*", "matchCriteriaId": "D9BEACB5-13A1-48DF-BC2A-0AF71B6671BD", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:poppler:0.21.3:*:*:*:*:*:*:*", "matchCriteriaId": "154F4DAA-76BF-4948-8258-C42A0B595012", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:poppler:0.21.4:*:*:*:*:*:*:*", "matchCriteriaId": "AD61DCAA-F9D3-4FD2-9712-8BA7A9A85241", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:poppler:0.22.0:*:*:*:*:*:*:*", "matchCriteriaId": "9240BEED-D541-463F-9398-94ED5D4BDE01", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:poppler:0.22.1:*:*:*:*:*:*:*", "matchCriteriaId": "7E33A6A0-1B2D-431F-81E1-A5262BCC74E5", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:poppler:0.22.2:*:*:*:*:*:*:*", "matchCriteriaId": "EBC71349-603D-41CA-B3EA-B87D85655BB7", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:poppler:0.22.3:*:*:*:*:*:*:*", "matchCriteriaId": "1EF51EEB-10F6-41A9-A1EF-AF1D451B102E", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:poppler:0.22.4:*:*:*:*:*:*:*", "matchCriteriaId": "8216A541-D100-4483-9465-85A5A8F44732", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:poppler:0.23.0:*:*:*:*:*:*:*", "matchCriteriaId": "0C3FD3F9-923B-4FCA-AC67-E79412671842", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:poppler:0.23.1:*:*:*:*:*:*:*", "matchCriteriaId": "8F49AC59-9B97-409A-8C78-5D5738AB361C", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:poppler:0.23.2:*:*:*:*:*:*:*", "matchCriteriaId": "D0FBA6A3-E6A7-431C-8A64-577E971A144D", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:poppler:0.23.3:*:*:*:*:*:*:*", "matchCriteriaId": "795D282A-9BD3-409B-8153-1AF98FCD6EB5", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:poppler:0.23.4:*:*:*:*:*:*:*", "matchCriteriaId": "9416A79E-C8A7-4027-B2D5-70C2523EDDA4", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:poppler:0.24.0:*:*:*:*:*:*:*", "matchCriteriaId": "226369BB-7875-4F49-AF96-B6B358ED5EF8", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:poppler:0.24.1:*:*:*:*:*:*:*", "matchCriteriaId": "2448981A-3CEE-432B-87C4-646E3D782F2C", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:poppler:0.24.2:*:*:*:*:*:*:*", "matchCriteriaId": "5C88AC80-9F18-4E16-B5FD-C17CB71EF645", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The JBIG2Stream::readSegments method in JBIG2Stream.cc in Poppler before 0.24.5 does not use the correct specifier within a format string, which allows context-dependent attackers to cause a denial of service (segmentation fault and application crash) via a crafted PDF file."}, {"lang": "es", "value": "El m\u00e9todo JBIG2Stream :: readSegments en JBIG2Stream.cc en Poppler antes de 0.24.5 no utiliza el especificador correcto dentro de una cadena de formato, que permite a atacantes dependientes de contexto provocar una denegaci\u00f3n de servicio (fallo de segmentaci\u00f3n y ca\u00edda de aplicaci\u00f3n) a trav\u00e9s de un archivo PDF manipulado."}], "id": "CVE-2013-7296", "lastModified": "2025-04-11T00:51:21.963", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2014-01-26T01:55:13.423", "references": [{"source": "cve@mitre.org", "url": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=58e04a08afee39370283c494ee2e4e392fd3b684"}, {"source": "cve@mitre.org", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125710.html"}, {"source": "cve@mitre.org", "url": "http://seclists.org/oss-sec/2014/q1/105"}, {"source": "cve@mitre.org", "url": "http://seclists.org/oss-sec/2014/q1/97"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/56567"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/56776"}, {"source": "cve@mitre.org", "url": "http://security.gentoo.org/glsa/glsa-201401-21.xml"}, {"source": "cve@mitre.org", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1048199"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90552"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=58e04a08afee39370283c494ee2e4e392fd3b684"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125710.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://seclists.org/oss-sec/2014/q1/105"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://seclists.org/oss-sec/2014/q1/97"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/56567"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/56776"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://security.gentoo.org/glsa/glsa-201401-21.xml"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1048199"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90552"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "poppler: DoS due to a format string error", "id": "1048199", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1048199"}, "csaw": false, "cvss": {"cvss_base_score": "4.3", "cvss_scoring_vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "status": "draft"}, "details": ["The JBIG2Stream::readSegments method in JBIG2Stream.cc in Poppler before 0.24.5 does not use the correct specifier within a format string, which allows context-dependent attackers to cause a denial of service (segmentation fault and application crash) via a crafted PDF file."], "name": "CVE-2013-7296", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Not affected", "package_name": "poppler", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "poppler", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "poppler", "product_name": "Red Hat Enterprise Linux 7"}], "public_date": "2013-12-07T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2013-7296\nhttps://nvd.nist.gov/vuln/detail/CVE-2013-7296"], "statement": "Not Vulnerable. This issue does not affect the version of poppler as shipped with Red Hat Enterprise Linux 5 and 6.", "threat_severity": "Moderate"}