CVE-2019-9903 : Security Advisory and Response
Learn about CVE-2019-9903 affecting Poppler 0.74.0. Understand the vulnerability, its impact, affected systems, exploitation, and mitigation steps to secure your systems.
Poppler 0.74.0 mishandles dict marking in PDFDoc::markObject(), leading to stack consumption in Dict::find(). An attacker can exploit this by providing a crafted PDF file to pdfunite.
Understanding CVE-2019-9903
In Poppler 0.74.0, a vulnerability exists due to mishandling of dict marking, resulting in stack consumption and potential exploitation by a specially crafted PDF file.
What is CVE-2019-9903?
Poppler 0.74.0's PDFDoc::markObject() function incorrectly handles dict marking, causing stack consumption in Dict::find(). This flaw allows attackers to trigger the issue by using a malicious PDF file.
The Impact of CVE-2019-9903
The vulnerability in Poppler 0.74.0 can lead to a stack-based buffer overflow, enabling attackers to execute arbitrary code by enticing a user to open a malicious PDF file.
Technical Details of CVE-2019-9903
Poppler 0.74.0 vulnerability details and impact.
Vulnerability Description
- Found in PDFDoc::markObject() in Poppler 0.74.0
- Mishandles dict marking, leading to stack consumption in Dict::find()
- Exploitable by providing a crafted PDF file to pdfunite
Affected Systems and Versions
- Product: Poppler
- Version: 0.74.0
Exploitation Mechanism
- Attacker provides a specially crafted PDF file to the pdfunite binary
Mitigation and Prevention
Protect systems from CVE-2019-9903.
Immediate Steps to Take
- Update Poppler to a non-vulnerable version
- Avoid opening PDF files from untrusted sources
Long-Term Security Practices
- Regularly update software and apply security patches
- Implement network and endpoint security measures
Patching and Updates
- Check for security advisories from Poppler and apply patches promptly