1
Candidate: CVE-2018-8107
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8107
5
https://forum.xpdfreader.com/viewtopic.php?f=3&t=654&p=819#p819
6
https://forum.xpdfreader.com/viewtopic.php?f=3&t=652
8
The JPXStream::close function in JPXStream.cc in xpdf 4.00 allows attackers
9
to launch denial of service (heap-based buffer over-read and application
10
crash) via a specific pdf file, as demonstrated by pdftohtml.
13
jdstrand> xpdf in koffice is 2.0
14
mdeslaur> can't reproduce with poppler
21
upstream_xpdf: needs-triage
23
trusty_xpdf: needs-triage
24
xenial_xpdf: needs-triage
25
artful_xpdf: needs-triage
26
bionic_xpdf: needs-triage
27
devel_xpdf: needs-triage
30
upstream_poppler: needs-triage
31
precise/esm_poppler: DNE
32
trusty_poppler: not-affected (0.24.5-2ubuntu4.9)
33
xenial_poppler: not-affected (0.41.0-0ubuntu1.6)
34
artful_poppler: not-affected (0.57.0-2ubuntu4.2)
35
bionic_poppler: not-affected (0.62.0-1ubuntu1)
36
devel_poppler: not-affected (0.62.0-1ubuntu1)
39
upstream_libextractor:
40
precise/esm_libextractor: DNE
41
trusty_libextractor: needs-triage
42
xenial_libextractor: needs-triage
43
artful_libextractor: needs-triage
44
bionic_libextractor: needs-triage
45
devel_libextractor: needs-triage
48
upstream_ipe: needs-triage
50
trusty_ipe: needs-triage
51
xenial_ipe: needs-triage
52
artful_ipe: needs-triage
53
bionic_ipe: needs-triage
54
devel_ipe: needs-triage