Denial of Service and Arbitrary Code Execution Vulnerability in Poppler

Denial of Service and Arbitrary Code Execution Vulnerability in Poppler

CVE-2013-1788 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

poppler before 0.22.1 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors that trigger an "invalid memory access" in (1) splash/Splash.cc, (2) poppler/Function.cc, and (3) poppler/Stream.cc.

Learn more about our Web Application Penetration Testing UK.