NULL Pointer Dereference Vulnerability in FoFiType1C::convertToType0 Function in Poppler 0.59.0

CVE-2017-14975 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:N/A:P

The FoFiType1C::convertToType0 function in FoFiType1C.cc in Poppler 0.59.0 has a NULL pointer dereference vulnerability because a data structure is not initialized, which allows an attacker to launch a denial of service attack.

Learn more about our Web Application Penetration Testing UK.