Freedesktop Poppler 0.76.1 Remote Code Execution Vulnerability
In Poppler through 0.76.1, there is a heap-based buffer over-read in JPXStream::init in JPEG2000Stream.cc via data with inconsistent heights or widths.
The information has been provided by Freedesktop
The original article can be found at: https://gitlab.freedesktop.org/poppler/poppler/issues/768
Freedesktop Poppler is prone to a remote code-execution vulnerability.This allows a remote attacker to exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts may result in a denial-of-service condition.
- Freedesktop Poppler 0.76.1