CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2015-8868

Heap-based buffer overflow in the ExponentialFunction::ExponentialFunction function in Poppler before 0.40.0 allows remote attackers to cause a denial of service (memory corruption and crash) or possibly execute arbitrary code via an invalid blend mode in the ExtGState dictionary in a crafted PDF document.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.008

EPSS Ranking 73.5%

CVSS Severity

CVSS v3 Score 7.8

CVSS v2 Score 9.3

References

Products affected by CVE-2015-8868

Freedesktop » Poppler » Version: 0.39.0

cpe:2.3:a:freedesktop:poppler:0.39.0
Canonical » Ubuntu Linux » Version: 12.04

cpe:2.3:o:canonical:ubuntu_linux:12.04
Canonical » Ubuntu Linux » Version: 14.04

cpe:2.3:o:canonical:ubuntu_linux:14.04
Canonical » Ubuntu Linux » Version: 15.10

cpe:2.3:o:canonical:ubuntu_linux:15.10
Debian » Debian Linux » Version: 8.0

cpe:2.3:o:debian:debian_linux:8.0
Fedoraproject » Fedora » Version: 23

cpe:2.3:o:fedoraproject:fedora:23

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2015-8868

Products

Pricing

Contact Us