製品・ソフトウェアに関する情報

JVN脆弱性詳細

poppler における NULL ポインタデリファレンスの脆弱性

タイトル	poppler における NULL ポインタデリファレンスの脆弱性
概要	poppler には、NULL ポインタデリファレンスの脆弱性が存在します。
想定される影響	巧妙に細工されたドキュメントによって誘発された pdfunite を介して、NULL ポインタデリファレンスを引き起こされる可能性があります。
対策	ベンダより正式な対策が公開されています。ベンダ情報を参照して適切な対策を実施してください。
公表日	2017年5月26日0:00
登録日	2017年6月30日16:58
最終更新日	2017年6月30日16:58

CVSS3.0 : 警告
スコア	5.5
ベクター	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

CVSS2.0 : 警告
スコア	4.3
ベクター	AV:N/AC:M/Au:N/C:N/I:N/A:P

影響を受けるシステム

freedesktop.org

Poppler

CVE (情報セキュリティ共通脆弱性識別子)

No	名前	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2017-7511	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7511
National Vulnerability Database (NVD)
2	CVE-2017-7511	https://nvd.nist.gov/vuln/detail/CVE-2017-7511

CWE (共通脆弱性タイプ一覧)

No	名前	URL
JVNDB
1	CWE-476	http://cwe.mitre.org/data/definitions/476.html

ベンダー情報

No	名前	URL
freedesktop.org
1	pdfunite: Fix crash with broken documents	https://cgit.freedesktop.org/poppler/poppler/commit/?id=5c9b08a875b07853be6c44e43ff5f7f059df666a

変更履歴

No	変更内容	変更日
0	[2017年06月30日] 掲載	2018年2月17日10:37

NVD脆弱性情報

CVE-2017-7511

概要	poppler since version 0.17.3 has been vulnerable to NULL pointer dereference in pdfunite triggered by specially crafted documents.
公表日	2017年5月31日3:29
登録日	2021年1月26日13:28
最終更新日	2024年11月21日12:32

影響を受けるソフトウェアの構成

構成1	以上	以下	より上	未満
cpe:2.3:a:freedesktop:poppler:0.44.0:::::::*
cpe:2.3:a:freedesktop:poppler:0.28.1:::::::*
cpe:2.3:a:freedesktop:poppler:0.31.0:::::::*
cpe:2.3:a:freedesktop:poppler:0.23.1:::::::*
cpe:2.3:a:freedesktop:poppler:0.50.0:::::::*
cpe:2.3:a:freedesktop:poppler:0.24.4:::::::*
cpe:2.3:a:freedesktop:poppler:0.21.3:::::::*
cpe:2.3:a:freedesktop:poppler:0.22.5:::::::*
cpe:2.3:a:freedesktop:poppler:0.18.4:::::::*
cpe:2.3:a:freedesktop:poppler:0.22.3:::::::*
cpe:2.3:a:freedesktop:poppler:0.24.1:::::::*
cpe:2.3:a:freedesktop:poppler:0.26.5:::::::*
cpe:2.3:a:freedesktop:poppler:0.25.0:::::::*
cpe:2.3:a:freedesktop:poppler:0.24.0:::::::*
cpe:2.3:a:freedesktop:poppler:0.48.0:::::::*
cpe:2.3:a:freedesktop:poppler:0.20.1:::::::*
cpe:2.3:a:freedesktop:poppler:0.51.0:::::::*
cpe:2.3:a:freedesktop:poppler:0.17.3:::::::*
cpe:2.3:a:freedesktop:poppler:0.53.0:::::::*
cpe:2.3:a:freedesktop:poppler:0.34.0:::::::*
cpe:2.3:a:freedesktop:poppler:0.25.3:::::::*
cpe:2.3:a:freedesktop:poppler:0.39.0:::::::*
cpe:2.3:a:freedesktop:poppler:0.20.0:::::::*
cpe:2.3:a:freedesktop:poppler:0.37.0:::::::*
cpe:2.3:a:freedesktop:poppler:0.18.0:::::::*
cpe:2.3:a:freedesktop:poppler:0.19.2:::::::*
cpe:2.3:a:freedesktop:poppler:0.19.1:::::::*
cpe:2.3:a:freedesktop:poppler:0.20.3:::::::*
cpe:2.3:a:freedesktop:poppler:0.32.0:::::::*
cpe:2.3:a:freedesktop:poppler:0.21.0:::::::*
cpe:2.3:a:freedesktop:poppler:0.55.0:::::::*
cpe:2.3:a:freedesktop:poppler:0.26.0:::::::*
cpe:2.3:a:freedesktop:poppler:0.26.4:::::::*
cpe:2.3:a:freedesktop:poppler:0.45.0:::::::*
cpe:2.3:a:freedesktop:poppler:0.42.0:::::::*
cpe:2.3:a:freedesktop:poppler:0.19.3:::::::*
cpe:2.3:a:freedesktop:poppler:0.29.0:::::::*
cpe:2.3:a:freedesktop:poppler:0.20.2:::::::*
cpe:2.3:a:freedesktop:poppler:0.26.1:::::::*
cpe:2.3:a:freedesktop:poppler:0.23.4:::::::*
cpe:2.3:a:freedesktop:poppler:0.28.0:::::::*
cpe:2.3:a:freedesktop:poppler:0.26.3:::::::*
cpe:2.3:a:freedesktop:poppler:0.22.4:::::::*
cpe:2.3:a:freedesktop:poppler:0.17.4:::::::*
cpe:2.3:a:freedesktop:poppler:0.26.2:::::::*
cpe:2.3:a:freedesktop:poppler:0.24.3:::::::*
cpe:2.3:a:freedesktop:poppler:0.18.1:::::::*
cpe:2.3:a:freedesktop:poppler:0.19.4:::::::*
cpe:2.3:a:freedesktop:poppler:0.25.2:::::::*
cpe:2.3:a:freedesktop:poppler:0.21.1:::::::*
cpe:2.3:a:freedesktop:poppler:0.33.0:::::::*
cpe:2.3:a:freedesktop:poppler:0.21.4:::::::*
cpe:2.3:a:freedesktop:poppler:0.35.0:::::::*
cpe:2.3:a:freedesktop:poppler:0.41.0:::::::*
cpe:2.3:a:freedesktop:poppler:0.23.3:::::::*
cpe:2.3:a:freedesktop:poppler:0.54.0:::::::*
cpe:2.3:a:freedesktop:poppler:0.23.0:::::::*
cpe:2.3:a:freedesktop:poppler:0.18.2:::::::*
cpe:2.3:a:freedesktop:poppler:0.22.2:::::::*
cpe:2.3:a:freedesktop:poppler:0.19.0:::::::*
cpe:2.3:a:freedesktop:poppler:0.43.0:::::::*
cpe:2.3:a:freedesktop:poppler:0.24.5:::::::*
cpe:2.3:a:freedesktop:poppler:0.38.0:::::::*
cpe:2.3:a:freedesktop:poppler:0.22.0:::::::*
cpe:2.3:a:freedesktop:poppler:0.20.5:::::::*
cpe:2.3:a:freedesktop:poppler:0.22.1:::::::*
cpe:2.3:a:freedesktop:poppler:0.20.4:::::::*
cpe:2.3:a:freedesktop:poppler:0.40.0:::::::*
cpe:2.3:a:freedesktop:poppler:0.23.2:::::::*
cpe:2.3:a:freedesktop:poppler:0.21.2:::::::*
cpe:2.3:a:freedesktop:poppler:0.52.0:::::::*
cpe:2.3:a:freedesktop:poppler:0.49.0:::::::*
cpe:2.3:a:freedesktop:poppler:0.46.0:::::::*
cpe:2.3:a:freedesktop:poppler:0.47.0:::::::*
cpe:2.3:a:freedesktop:poppler:0.36.0:::::::*
cpe:2.3:a:freedesktop:poppler:0.18.3:::::::*
cpe:2.3:a:freedesktop:poppler:0.24.2:::::::*
cpe:2.3:a:freedesktop:poppler:0.25.1:::::::*
cpe:2.3:a:freedesktop:poppler:0.30.0:::::::*

構成1	以上	以下	より上	未満
cpe:2.3:a:freedesktop:poppler:0.44.0:::::::*
cpe:2.3:a:freedesktop:poppler:0.28.1:::::::*
cpe:2.3:a:freedesktop:poppler:0.31.0:::::::*
cpe:2.3:a:freedesktop:poppler:0.23.1:::::::*
cpe:2.3:a:freedesktop:poppler:0.50.0:::::::*
cpe:2.3:a:freedesktop:poppler:0.24.4:::::::*
cpe:2.3:a:freedesktop:poppler:0.21.3:::::::*
cpe:2.3:a:freedesktop:poppler:0.22.5:::::::*
cpe:2.3:a:freedesktop:poppler:0.18.4:::::::*
cpe:2.3:a:freedesktop:poppler:0.22.3:::::::*
cpe:2.3:a:freedesktop:poppler:0.24.1:::::::*
cpe:2.3:a:freedesktop:poppler:0.26.5:::::::*
cpe:2.3:a:freedesktop:poppler:0.25.0:::::::*
cpe:2.3:a:freedesktop:poppler:0.24.0:::::::*
cpe:2.3:a:freedesktop:poppler:0.48.0:::::::*
cpe:2.3:a:freedesktop:poppler:0.20.1:::::::*
cpe:2.3:a:freedesktop:poppler:0.51.0:::::::*
cpe:2.3:a:freedesktop:poppler:0.17.3:::::::*
cpe:2.3:a:freedesktop:poppler:0.53.0:::::::*
cpe:2.3:a:freedesktop:poppler:0.34.0:::::::*
cpe:2.3:a:freedesktop:poppler:0.25.3:::::::*
cpe:2.3:a:freedesktop:poppler:0.39.0:::::::*
cpe:2.3:a:freedesktop:poppler:0.20.0:::::::*
cpe:2.3:a:freedesktop:poppler:0.37.0:::::::*
cpe:2.3:a:freedesktop:poppler:0.18.0:::::::*
cpe:2.3:a:freedesktop:poppler:0.19.2:::::::*
cpe:2.3:a:freedesktop:poppler:0.19.1:::::::*
cpe:2.3:a:freedesktop:poppler:0.20.3:::::::*
cpe:2.3:a:freedesktop:poppler:0.32.0:::::::*
cpe:2.3:a:freedesktop:poppler:0.21.0:::::::*
cpe:2.3:a:freedesktop:poppler:0.55.0:::::::*
cpe:2.3:a:freedesktop:poppler:0.26.0:::::::*
cpe:2.3:a:freedesktop:poppler:0.26.4:::::::*
cpe:2.3:a:freedesktop:poppler:0.45.0:::::::*
cpe:2.3:a:freedesktop:poppler:0.42.0:::::::*
cpe:2.3:a:freedesktop:poppler:0.19.3:::::::*
cpe:2.3:a:freedesktop:poppler:0.29.0:::::::*
cpe:2.3:a:freedesktop:poppler:0.20.2:::::::*
cpe:2.3:a:freedesktop:poppler:0.26.1:::::::*
cpe:2.3:a:freedesktop:poppler:0.23.4:::::::*
cpe:2.3:a:freedesktop:poppler:0.28.0:::::::*
cpe:2.3:a:freedesktop:poppler:0.26.3:::::::*
cpe:2.3:a:freedesktop:poppler:0.22.4:::::::*
cpe:2.3:a:freedesktop:poppler:0.17.4:::::::*
cpe:2.3:a:freedesktop:poppler:0.26.2:::::::*
cpe:2.3:a:freedesktop:poppler:0.24.3:::::::*
cpe:2.3:a:freedesktop:poppler:0.18.1:::::::*
cpe:2.3:a:freedesktop:poppler:0.19.4:::::::*
cpe:2.3:a:freedesktop:poppler:0.25.2:::::::*
cpe:2.3:a:freedesktop:poppler:0.21.1:::::::*
cpe:2.3:a:freedesktop:poppler:0.33.0:::::::*
cpe:2.3:a:freedesktop:poppler:0.21.4:::::::*
cpe:2.3:a:freedesktop:poppler:0.35.0:::::::*
cpe:2.3:a:freedesktop:poppler:0.41.0:::::::*
cpe:2.3:a:freedesktop:poppler:0.23.3:::::::*
cpe:2.3:a:freedesktop:poppler:0.54.0:::::::*
cpe:2.3:a:freedesktop:poppler:0.23.0:::::::*
cpe:2.3:a:freedesktop:poppler:0.18.2:::::::*
cpe:2.3:a:freedesktop:poppler:0.22.2:::::::*
cpe:2.3:a:freedesktop:poppler:0.19.0:::::::*
cpe:2.3:a:freedesktop:poppler:0.43.0:::::::*
cpe:2.3:a:freedesktop:poppler:0.24.5:::::::*
cpe:2.3:a:freedesktop:poppler:0.38.0:::::::*
cpe:2.3:a:freedesktop:poppler:0.22.0:::::::*
cpe:2.3:a:freedesktop:poppler:0.20.5:::::::*
cpe:2.3:a:freedesktop:poppler:0.22.1:::::::*
cpe:2.3:a:freedesktop:poppler:0.20.4:::::::*
cpe:2.3:a:freedesktop:poppler:0.40.0:::::::*
cpe:2.3:a:freedesktop:poppler:0.23.2:::::::*
cpe:2.3:a:freedesktop:poppler:0.21.2:::::::*
cpe:2.3:a:freedesktop:poppler:0.52.0:::::::*
cpe:2.3:a:freedesktop:poppler:0.49.0:::::::*
cpe:2.3:a:freedesktop:poppler:0.46.0:::::::*
cpe:2.3:a:freedesktop:poppler:0.47.0:::::::*
cpe:2.3:a:freedesktop:poppler:0.36.0:::::::*
cpe:2.3:a:freedesktop:poppler:0.18.3:::::::*
cpe:2.3:a:freedesktop:poppler:0.24.2:::::::*
cpe:2.3:a:freedesktop:poppler:0.25.1:::::::*
cpe:2.3:a:freedesktop:poppler:0.30.0:::::::*

No	URL	タグ
1	https://cgit.freedesktop.org/poppler/poppler/commit/?id=5c9b08a875b07853be6c44e43ff5f7f059df666a	Patch Third Party Advisory
2	https://cgit.freedesktop.org/poppler/poppler/commit/?id=5c9b08a875b07853be6c44e43ff5f7f059df666a	Patch Third Party Advisory
3	https://security.gentoo.org/glsa/201801-17
4	https://security.gentoo.org/glsa/201801-17