Description
DCTStream.cc in Poppler before 0.13.3 allows remote attackers to cause a denial of service (crash) via a crafted PDF file.
References (5)
Core 5
Core References
Exploit, Patch x_refsource_confirm
http://cgit.freedesktop.org/poppler/poppler/commit/poppler/DCTStream.cc?id=fc071d800cb4329a3ccf898d7bf16b4db7323ad8
Various Sources mailing-list
x_refsource_mlist
http://comments.gmane.org/gmane.comp.security.oss.general/11132
Various Sources vendor-advisory
x_refsource_suse
https://www.suse.com/support/update/announcement/2014/suse-su-20140817-1.html
Various Sources x_refsource_confirm
https://bugs.freedesktop.org/show_bug.cgi?id=26280
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/59857
Scores
EPSS
0.0298
EPSS Percentile
85.7%
Details
CWE
CWE-20
Status
published
Products (3)
freedesktop/poppler
0.13.0
freedesktop/poppler
0.13.1
freedesktop/poppler
< 0.13.2
Published
Aug 29, 2014
Tracked Since
Feb 18, 2026