Memory Corruption Vulnerability in Poppler 0.59.0 via Object::dictLookup()

Memory Corruption Vulnerability in Poppler 0.59.0 via Object::dictLookup()

CVE-2017-14929 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:N/A:P

In Poppler 0.59.0, memory corruption occurs in a call to Object::dictLookup() in Object.h after a repeating series of Gfx::display, Gfx::go, Gfx::execOp, Gfx::opFill, Gfx::doPatternFill, Gfx::doTilingPatternFill and Gfx::drawForm calls (aka a Gfx.cc infinite loop), a different vulnerability than CVE-2017-14519.

Learn more about our Web Application Penetration Testing UK.