CVE Vulnerabilities

CVE-2018-18457

NULL Pointer Dereference

Published: Oct 18, 2018 | Modified: Nov 30, 2018
CVSS 3.x
5.5
MEDIUM
Source:
NVD
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVSS 2.x
4.3 MEDIUM
AV:N/AC:M/Au:N/C:N/I:N/A:P
RedHat/V2
RedHat/V3
Ubuntu
NEGLIGIBLE

The function DCTStream::readScan in Stream.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted pdf file, as demonstrated by pdftoppm.

Weakness

A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit.

Affected Software

Name Vendor Start Version End Version
Xpdf Xpdfreader 4.00 (including) 4.00 (including)
Ipe Ubuntu bionic *
Ipe Ubuntu cosmic *
Ipe Ubuntu disco *
Ipe Ubuntu eoan *
Ipe Ubuntu groovy *
Ipe Ubuntu hirsute *
Ipe Ubuntu impish *
Ipe Ubuntu kinetic *
Ipe Ubuntu lunar *
Ipe Ubuntu mantic *
Ipe Ubuntu trusty *
Ipe Ubuntu xenial *
Libextractor Ubuntu cosmic *
Libextractor Ubuntu disco *
Libextractor Ubuntu eoan *
Libextractor Ubuntu groovy *
Libextractor Ubuntu hirsute *
Libextractor Ubuntu impish *
Libextractor Ubuntu trusty *
Libextractor Ubuntu xenial *
Xpdf Ubuntu bionic *
Xpdf Ubuntu cosmic *
Xpdf Ubuntu devel *
Xpdf Ubuntu disco *
Xpdf Ubuntu eoan *
Xpdf Ubuntu esm-apps/bionic *
Xpdf Ubuntu esm-apps/jammy *
Xpdf Ubuntu esm-apps/noble *
Xpdf Ubuntu esm-apps/xenial *
Xpdf Ubuntu hirsute *
Xpdf Ubuntu impish *
Xpdf Ubuntu jammy *
Xpdf Ubuntu kinetic *
Xpdf Ubuntu lunar *
Xpdf Ubuntu mantic *
Xpdf Ubuntu noble *
Xpdf Ubuntu oracular *
Xpdf Ubuntu trusty *
Xpdf Ubuntu xenial *

Potential Mitigations

References