Oval Definition:
oval:com.ubuntu.cosmic:def:201816368000
Revision Date
:
2018-09-02
Version
:
1
Title
:
CVE-2018-16368 on Ubuntu 18.10 (cosmic) - medium.
Description
:
SplashXPath::strokeAdjust in splash/SplashXPath.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted pdf file, as demonstrated by pdftoppm.
Family
:
unix
Class
:
vulnerability
Status
:
Reference(s)
:
CVE-2018-16368
Platform(s)
:
Ubuntu 18.10
Product(s)
:
Definition Synopsis
Ubuntu 18.10 (cosmic) is installed.
AND
Package Information
The vulnerability of the 'ipe' package in cosmic is not known (status: 'needs-triage'). It is pending evaluation.
OR
The vulnerability of the 'libextractor' package in cosmic is not known (status: 'needs-triage'). It is pending evaluation.
OR
NOT
While related to the CVE in some way, the 'poppler' package in cosmic is not affected.
OR
The vulnerability of the 'xpdf' package in cosmic is not known (status: 'needs-triage'). It is pending evaluation.
BACK