libqpdf.a in QPDF 6.0.0 allows remote attackers to cause a denial of service (infinite recursion and stack consumption) via a crafted PDF document, related to unparse functions, aka qpdf-infiniteloop3.
References
Link | Resource |
---|---|
https://blogs.gentoo.org/ago/2017/05/21/qpdf-three-infinite-loop-in-libqpdf/ | Third Party Advisory |
https://usn.ubuntu.com/3638-1/ | Third Party Advisory |
Information
Published : 2017-05-22 21:29
Updated : 2019-10-02 17:03
NVD link : CVE-2017-9210
Mitre link : CVE-2017-9210
JSON object : View
CWE
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
Products Affected
qpdf_project
- qpdf
canonical
- ubuntu_linux