This service will be undergoing maintenance at 00:00 UTC, 2016-08-01. It is expected to last about 1 hours

Bug 789936 (CVE-2012-2142)

Summary: CVE-2012-2142 poppler, xpdf: Insufficient sanitization of escape sequences in the error messages
Product: [Other] Security Response Reporter: Jan Lieskovsky <jlieskov>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: NEW --- QA Contact:
Severity: low Docs Contact:
Priority: low    
Version: unspecifiedCC: amaris, mkasik, phill.wolf, security-response-team, tcallawa
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard: impact=low,public=20130809,reported=20120211,source=researcher,cvss2=2.6/AV:N/AC:H/Au:N/C:N/I:P/A:N,rhel-5/poppler=defer,rhel-6/poppler=defer,rhel-7/poppler=notaffected,fedora-all/poppler=affected,fedora-all/xpdf=affected,epel-all/xpdf=affected
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Bug Depends On: 995400, 995401, 995402, 1013943    
Bug Blocks: 789948    
Attachments:
Description Flags
Proposed poppler patch by Marek Kasik (against upstream poppler version) none

Description Jan Lieskovsky 2012-02-13 05:18:24 EST
An insufficient escape sequences sanitization flaw was found in the way xpdf, a PDF file viewer for the X window system, and poppler, a PDF rendering library, performed sanitization of certain characters to be displayed in the error messages, which arose during presentation of certain PDF files. A remote attacker could use this flaw to modify a window's title, or, possibly execute arbitrary commands or overwrite files, via a specially-crafted PDF file containing an escape sequence for a terminal emulator if local, unsuspecting user opened such crafted PDF file in xpdf or in an application linked against poppler library (for example evince).
Comment 5 Jan Lieskovsky 2012-02-13 05:33:07 EST
This issue affects the versions of the poppler package, as shipped with Red Hat Enterprise Linux 5 and 6.

--

This issue affects the versions of the poppler package, as shipped with Fedora release of 18 and 19.

--

This issue affects the versions of the xpdf package, as shipped with Fedora EPEL 5 and Fedora EPEL 6.

--

This issue affects the versions of the poppler package, as shipped with Fedora release of 18 and 19.
Comment 22 Jan Lieskovsky 2012-04-26 11:53:45 EDT
The CVE identifier of CVE-2012-2142 has been assigned to this issue.
Comment 24 Jan Lieskovsky 2012-04-27 09:20:52 EDT
Acknowledgements:

Red Hat would like to thank Phillips Wolf for reporting this issue.
Comment 25 Jan Lieskovsky 2013-08-09 04:41:01 EDT
Created attachment 784759 [details]
Proposed poppler patch by Marek Kasik (against upstream poppler version)
Comment 26 Jan Lieskovsky 2013-08-09 05:24:18 EDT
Created poppler tracking bugs for this issue:

Affects: fedora-all [bug 995400]
Comment 27 Jan Lieskovsky 2013-08-09 05:25:41 EDT
Created xpdf tracking bugs for this issue:

Affects: fedora-all [bug 995401]
Affects: epel-all [bug 995402]
Comment 28 Jan Lieskovsky 2013-08-09 05:34:02 EDT
Relevant poppler Git repository patch:
  http://cgit.freedesktop.org/poppler/poppler/commit/?id=71bad47ed6a36d825b0d08992c8db56845c71e40
Comment 29 Jan Lieskovsky 2013-08-11 08:26:15 EDT
(In reply to Jan Lieskovsky from comment #28)
> Relevant poppler Git repository patch:
>  
> http://cgit.freedesktop.org/poppler/poppler/commit/
> ?id=71bad47ed6a36d825b0d08992c8db56845c71e40

Poppler patch modified against xpdf-3.0.3:
(from http://www.openwall.com/lists/oss-security/2013/08/11/1):
  http://sourceforge.net/projects/miscellaneouspa/files/misc/xpdf-3.03-CVE-2012-2142.diff
Comment 30 Fedora Update System 2013-09-03 18:27:13 EDT
poppler-0.20.2-16.fc18 has been pushed to the Fedora 18 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 31 Fedora Update System 2013-09-30 22:05:45 EDT
xpdf-3.03-8.fc18 has been pushed to the Fedora 18 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 32 Fedora Update System 2013-09-30 22:07:38 EDT
xpdf-3.03-8.fc19 has been pushed to the Fedora 19 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 33 Fedora Update System 2013-09-30 22:11:11 EDT
xpdf-3.03-8.fc20 has been pushed to the Fedora 20 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 35 Huzaifa S. Sidhpurwala 2013-10-01 01:55:51 EDT
Statement:

This issue affects the version of poppler as shipped with Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this issue as having low security impact, a future update may address this flaw.
Comment 36 Fedora Update System 2013-10-08 16:37:16 EDT
xpdf-3.03-8.el5.1 has been pushed to the Fedora EPEL 5 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 37 Fedora Update System 2013-10-08 16:38:32 EDT
xpdf-3.03-8.el6.1 has been pushed to the Fedora EPEL 6 stable repository.  If problems still persist, please make note of it in this bug report.