libpoppler in poppler version 0.60.1 is vulnerable to an invalid read and subsequent crash when parsing a specially crafted PDF. The invalid read is caused by incorrect boundary validation in TextOutputDev.cc:TextPool::addWord(), leading to overflow in subsequent calculations. References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-1000456 http://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-1000456.html http://www.cvedetails.com/cve/CVE-2017-1000456/ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000456 https://bugs.freedesktop.org/show_bug.cgi?id=103116 https://bugs.freedesktop.org/attachment.cgi?id=134691
Created poppler tracking bugs for this issue: Affects: fedora-all [bug 1531383]
Analysis: This is really an OOB read when trying to render specially-crafted text in a PDF file. No remote code execution.