Test ID:	1.3.6.1.4.1.25623.1.1.10.2017.0360
Category:	Mageia Linux Local Security Checks
Title:	Mageia: Security Advisory (MGASA-2017-0360)
Summary:	The remote host is missing an update for the 'poppler' package(s) announced via the MGASA-2017-0360 advisory.
Description:	Summary: The remote host is missing an update for the 'poppler' package(s) announced via the MGASA-2017-0360 advisory. Vulnerability Insight: In Poppler 0.59.0, a NULL Pointer Dereference exists in the XRef::parseEntry() function in XRef.cc via a crafted PDF document. (CVE-2017-14517) In Poppler 0.59.0, memory corruption occurs in a call to Object::streamGetChar in Object.h after a repeating series of Gfx::display, Gfx::go, Gfx::execOp, Gfx::opShowText, and Gfx::doShowText calls (aka a Gfx.cc infinite loop). (CVE-2017-14519) In Poppler 0.59.0, a floating point exception occurs in Splash::scaleImageYuXd() in Splash.cc, which may lead to a potential attack when handling malicious PDF files. (CVE-2017-14520) Affected Software/OS: 'poppler' package(s) on Mageia 5, Mageia 6. Solution: Please install the updated package(s). CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2017-14517 BugTraq ID: 105050 http://www.securityfocus.com/bid/105050 Debian Security Information: DSA-4079 (Google Search) https://www.debian.org/security/2018/dsa-4079 Common Vulnerability Exposure (CVE) ID: CVE-2017-14519 Common Vulnerability Exposure (CVE) ID: CVE-2017-14520
Copyright	Copyright (C) 2022 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.