← Back to branch summary

~ubuntu-security/ubuntu-cve-tracker/master

« back to all changes in this revision

Viewing changes to retired/CVE-2013-1789

  • Committer: Steve Beattie
  • Date: 2019-02-19 06:18:27 UTC
  • Revision ID: sbeattie@ubuntu.com-20190219061827-oh57fzcfc1u9dlfk
The ubuntu-cve-tracker project has been converted to git.

Please use 'git clone https://git.launchpad.net/ubuntu-cve-tracker' to
get the converted tree.

Show diffs side-by-side

added added

removed removed

Lines of Context:
retired/CVE-2013-1789
1
 
PublicDateAtUSN: 2013-02-28
2
 
Candidate: CVE-2013-1789
3
 
PublicDate: 2013-04-09
4
 
References:
5
 
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1789
6
 
 http://www.openwall.com/lists/oss-security/2013/02/28/4
7
 
 http://www.openwall.com/lists/oss-security/2013/02/28/8
8
 
 http://j00ru.vexillium.org/?p=1507
9
 
 https://usn.ubuntu.com/usn/usn-1785-1
10
 
Description:
11
 
 splash/Splash.cc in poppler before 0.22.1 allows context-dependent
12
 
 attackers to cause a denial of service (NULL pointer dereference and crash)
13
 
 via vectors related to the (1) Splash::arbitraryTransformMask, (2)
14
 
 Splash::blitMask, and (3) Splash::scaleMaskYuXu functions.
15
 
Ubuntu-Description:
16
 
Notes:
17
 
 mdeslaur> reproducers: 1031.pdf.asan.48.15, 1007.pdf.asan.48.4
18
 
Bugs:
19
 
 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=702071
20
 
 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-1789
21
 
Priority: low
22
 
Discovered-by:
23
 
Assigned-to: mdeslaur
24
 
 
25
 
Patches_poppler:
26
 
 upstream: http://cgit.freedesktop.org/poppler/poppler/commit/?id=a205e71a2dbe0c8d4f4905a76a3f79ec522eacec
27
 
 upstream: http://cgit.freedesktop.org/poppler/poppler/commit/?id=a9b8ab4657dec65b8b86c225d12c533ad7e984e2
28
 
upstream_poppler: released (0.22.1)
29
 
hardy_poppler: ignored (reached end-of-life)
30
 
lucid_poppler: released (0.12.4-0ubuntu5.3)
31
 
oneiric_poppler: released (0.16.7-2ubuntu2.1)
32
 
precise_poppler: released (0.18.4-1ubuntu3.1)
33
 
quantal_poppler: released (0.20.4-0ubuntu1.2)
34
 
devel_poppler: released (0.20.5-1ubuntu3)