Bug 1545278 (CVE-2017-18184)
| Summary: | CVE-2017-18184 qpdf: out-of-bounds read in iterate_rc4 in QPDF_encryption.cc | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | Laura Pardo <lpardo> |
| Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
| Status: | CLOSED WONTFIX | QA Contact: | |
| Severity: | low | Docs Contact: | |
| Priority: | low | ||
| Version: | unspecified | CC: | jpopelka, twaugh, zdohnal |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | qpdf 7.1.1 | Doc Type: | If docs needed, set a value |
| Doc Text: |
A stack-based out-of-bounds read flaw was found in the way QPDF parsed PDF files. An attacker could potentially use this flaw to crash QPDF, under certain conditions, by tricking it into processing crafted QPDF files.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | 2019-06-08 03:40:01 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 1554698, 1554700 | ||
| Bug Blocks: | 1545293 | ||
|
Description
Laura Pardo
2018-02-14 14:23:07 UTC
|