NULL Pointer Dereference Vulnerability in FoFiTrueType::getCFFBlock Function in Poppler 0.59.0
CVE-2017-14977 · MEDIUM Severity
AV:N/AC:L/AU:N/C:N/I:N/A:P
The FoFiTrueType::getCFFBlock function in FoFiTrueType.cc in Poppler 0.59.0 has a NULL pointer dereference vulnerability due to lack of validation of a table pointer, which allows an attacker to launch a denial of service attack.
Learn more about our Web Application Penetration Testing UK.