Oval Definition:
oval:com.ubuntu.cosmic:def:201818454000
Revision Date
:
2018-10-18
Version
:
1
Title
:
CVE-2018-18454 on Ubuntu 18.10 (cosmic) - medium.
Description
:
CCITTFaxStream::readRow() in Stream.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted pdf file, as demonstrated by pdftoppm.
Family
:
unix
Class
:
vulnerability
Status
:
Reference(s)
:
CVE-2018-18454
Platform(s)
:
Ubuntu 18.10
Product(s)
:
Definition Synopsis
Ubuntu 18.10 (cosmic) is installed.
AND
Package Information
The vulnerability of the 'ipe' package in cosmic is not known (status: 'needs-triage'). It is pending evaluation.
OR
The vulnerability of the 'libextractor' package in cosmic is not known (status: 'needs-triage'). It is pending evaluation.
OR
NOT
While related to the CVE in some way, the 'poppler' package in cosmic is not affected.
OR
The vulnerability of the 'xpdf' package in cosmic is not known (status: 'needs-triage'). It is pending evaluation.
BACK