CVE-2017-2820

Summary

An exploitable integer overflow vulnerability exists in the JPEG 2000 image parsing functionality of freedesktop.org Poppler 0.53.0. A specially crafted PDF file can lead to an integer overflow causing out of bounds memory overwrite on the heap resulting in potential arbitrary code execution. To trigger this vulnerability, a victim must open the malicious PDF in an application using this library.

Affected Software

VendorProductVersion RangeStatus
PopplerPoppler0.53affected

Weaknesses

  • heap overflow

ADP Enrichment

CVE Program Container

Additional References

References