A flaw was found in Poppler 0.72.0. A reachable Object::getString assertion allows attackers to cause a denial of service due to construction of invalid rich media annotation assets in the AnnotRichMedia class in Annot.c.
Created mingw-poppler tracking bugs for this issue:
Affects: fedora-all [bug 1665261]
Created poppler tracking bugs for this issue:
Affects: fedora-all [bug 1665260]
Unable to reproduce this on Red Hat Enterprise Linux 5,6 or 7.
pdfdetach -save 1 poc1.pdf
Syntax Error: End of file inside dictionary
Syntax Warning: No valid XRef size in trailer
Syntax Error: Bad bounding box for annotation
Command Line Error: Invalid file number