THREATINT

We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Zendesk (Helpdesk and Chat)

Ok

PUBLISHED

CVE-2024-6239

Poppler: pdfinfo: crash in broken documents when using -dests parameter

Assigner:redhat
Reserved:2024-06-21
Published:2024-06-21
Updated:2024-06-24

Description

A flaw was found in the Poppler's Pdfinfo utility. This issue occurs when using -dests parameter with pdfinfo utility. By using certain malformed input files, an attacker could cause the utility to crash, leading to a denial of service.



MEDIUM: 6.5CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Problem types

Improper Input Validation

Product status

Default status
unknown

Default status
unknown

Default status
unknown

Default status
affected

Default status
affected

Default status
affected

Default status
affected

Default status
affected

Default status
affected

Default status
affected

Timeline

2024-06-20:Reported to Red Hat.
2024-06-06:Made public.

References

https://access.redhat.com/security/cve/CVE-2024-6239 vdb-entry

https://bugzilla.redhat.com/show_bug.cgi?id=2293594 (RHBZ#2293594) issue-tracking

cve.org CVE-2024-6239

nvd.nist.gov CVE-2024-6239

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2024-6239
Find us on
Data Privacy
Terms of Use
Logo Silicon Valley Europe
Logo BSI Allianz für Cyber-Sicherheit