CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2017-2820

An exploitable integer overflow vulnerability exists in the JPEG 2000 image parsing functionality of freedesktop.org Poppler 0.53.0. A specially crafted PDF file can lead to an integer overflow causing out of bounds memory overwrite on the heap resulting in potential arbitrary code execution. To trigger this vulnerability, a victim must open the malicious PDF in an application using this library.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.012

EPSS Ranking 78.2%

CVSS Severity

CVSS v3 Score 8.8

CVSS v2 Score 6.8

References

http://www.securityfocus.com/bid/99497
https://talosintelligence.com/vulnerability_reports/TALOS-2017-0321
http://www.securityfocus.com/bid/99497
https://talosintelligence.com/vulnerability_reports/TALOS-2017-0321

Products affected by CVE-2017-2820

Freedesktop » Poppler » Version: 0.53.0

cpe:2.3:a:freedesktop:poppler:0.53.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-2820

Products

Pricing

Contact Us