Search for vulnerabilities
Vulnerability details: VCID-knd1-6qrt-aaan
Vulnerability ID VCID-knd1-6qrt-aaan
Aliases CVE-2013-1790
Summary poppler/Stream.cc in poppler before 0.22.1 allows context-dependent attackers to have an unspecified impact via vectors that trigger a read of uninitialized memory by the CCITTFaxStream::lookChar function.
Status Published
Exploitability 0.5
Weighted Severity 6.1
Risk 3.0
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
System Score Found at
epss 0.01305 https://api.first.org/data/v1/epss?cve=CVE-2013-1790
epss 0.01305 https://api.first.org/data/v1/epss?cve=CVE-2013-1790
epss 0.01305 https://api.first.org/data/v1/epss?cve=CVE-2013-1790
epss 0.01305 https://api.first.org/data/v1/epss?cve=CVE-2013-1790
epss 0.01305 https://api.first.org/data/v1/epss?cve=CVE-2013-1790
epss 0.01305 https://api.first.org/data/v1/epss?cve=CVE-2013-1790
epss 0.01305 https://api.first.org/data/v1/epss?cve=CVE-2013-1790
epss 0.01305 https://api.first.org/data/v1/epss?cve=CVE-2013-1790
epss 0.01305 https://api.first.org/data/v1/epss?cve=CVE-2013-1790
epss 0.01305 https://api.first.org/data/v1/epss?cve=CVE-2013-1790
epss 0.01305 https://api.first.org/data/v1/epss?cve=CVE-2013-1790
epss 0.01305 https://api.first.org/data/v1/epss?cve=CVE-2013-1790
epss 0.01682 https://api.first.org/data/v1/epss?cve=CVE-2013-1790
epss 0.01682 https://api.first.org/data/v1/epss?cve=CVE-2013-1790
epss 0.01682 https://api.first.org/data/v1/epss?cve=CVE-2013-1790
epss 0.01682 https://api.first.org/data/v1/epss?cve=CVE-2013-1790
epss 0.02786 https://api.first.org/data/v1/epss?cve=CVE-2013-1790
epss 0.02786 https://api.first.org/data/v1/epss?cve=CVE-2013-1790
epss 0.02786 https://api.first.org/data/v1/epss?cve=CVE-2013-1790
epss 0.02786 https://api.first.org/data/v1/epss?cve=CVE-2013-1790
epss 0.02786 https://api.first.org/data/v1/epss?cve=CVE-2013-1790
epss 0.02786 https://api.first.org/data/v1/epss?cve=CVE-2013-1790
epss 0.02786 https://api.first.org/data/v1/epss?cve=CVE-2013-1790
epss 0.02786 https://api.first.org/data/v1/epss?cve=CVE-2013-1790
epss 0.02786 https://api.first.org/data/v1/epss?cve=CVE-2013-1790
epss 0.02786 https://api.first.org/data/v1/epss?cve=CVE-2013-1790
epss 0.02786 https://api.first.org/data/v1/epss?cve=CVE-2013-1790
epss 0.02786 https://api.first.org/data/v1/epss?cve=CVE-2013-1790
epss 0.02786 https://api.first.org/data/v1/epss?cve=CVE-2013-1790
epss 0.02786 https://api.first.org/data/v1/epss?cve=CVE-2013-1790
epss 0.02786 https://api.first.org/data/v1/epss?cve=CVE-2013-1790
epss 0.02786 https://api.first.org/data/v1/epss?cve=CVE-2013-1790
epss 0.02786 https://api.first.org/data/v1/epss?cve=CVE-2013-1790
epss 0.02786 https://api.first.org/data/v1/epss?cve=CVE-2013-1790
epss 0.02786 https://api.first.org/data/v1/epss?cve=CVE-2013-1790
epss 0.02786 https://api.first.org/data/v1/epss?cve=CVE-2013-1790
epss 0.02786 https://api.first.org/data/v1/epss?cve=CVE-2013-1790
epss 0.02786 https://api.first.org/data/v1/epss?cve=CVE-2013-1790
epss 0.02786 https://api.first.org/data/v1/epss?cve=CVE-2013-1790
epss 0.02786 https://api.first.org/data/v1/epss?cve=CVE-2013-1790
epss 0.02786 https://api.first.org/data/v1/epss?cve=CVE-2013-1790
epss 0.02786 https://api.first.org/data/v1/epss?cve=CVE-2013-1790
epss 0.02786 https://api.first.org/data/v1/epss?cve=CVE-2013-1790
epss 0.02786 https://api.first.org/data/v1/epss?cve=CVE-2013-1790
epss 0.02786 https://api.first.org/data/v1/epss?cve=CVE-2013-1790
epss 0.02786 https://api.first.org/data/v1/epss?cve=CVE-2013-1790
epss 0.02786 https://api.first.org/data/v1/epss?cve=CVE-2013-1790
epss 0.02786 https://api.first.org/data/v1/epss?cve=CVE-2013-1790
epss 0.02786 https://api.first.org/data/v1/epss?cve=CVE-2013-1790
epss 0.02786 https://api.first.org/data/v1/epss?cve=CVE-2013-1790
epss 0.02786 https://api.first.org/data/v1/epss?cve=CVE-2013-1790
epss 0.02786 https://api.first.org/data/v1/epss?cve=CVE-2013-1790
epss 0.02786 https://api.first.org/data/v1/epss?cve=CVE-2013-1790
epss 0.02786 https://api.first.org/data/v1/epss?cve=CVE-2013-1790
epss 0.02786 https://api.first.org/data/v1/epss?cve=CVE-2013-1790
epss 0.02786 https://api.first.org/data/v1/epss?cve=CVE-2013-1790
epss 0.02786 https://api.first.org/data/v1/epss?cve=CVE-2013-1790
epss 0.02786 https://api.first.org/data/v1/epss?cve=CVE-2013-1790
epss 0.02786 https://api.first.org/data/v1/epss?cve=CVE-2013-1790
epss 0.02786 https://api.first.org/data/v1/epss?cve=CVE-2013-1790
epss 0.02786 https://api.first.org/data/v1/epss?cve=CVE-2013-1790
epss 0.02786 https://api.first.org/data/v1/epss?cve=CVE-2013-1790
epss 0.02786 https://api.first.org/data/v1/epss?cve=CVE-2013-1790
epss 0.02786 https://api.first.org/data/v1/epss?cve=CVE-2013-1790
epss 0.02786 https://api.first.org/data/v1/epss?cve=CVE-2013-1790
epss 0.02786 https://api.first.org/data/v1/epss?cve=CVE-2013-1790
epss 0.02786 https://api.first.org/data/v1/epss?cve=CVE-2013-1790
epss 0.02786 https://api.first.org/data/v1/epss?cve=CVE-2013-1790
epss 0.02786 https://api.first.org/data/v1/epss?cve=CVE-2013-1790
epss 0.02786 https://api.first.org/data/v1/epss?cve=CVE-2013-1790
epss 0.02786 https://api.first.org/data/v1/epss?cve=CVE-2013-1790
epss 0.02786 https://api.first.org/data/v1/epss?cve=CVE-2013-1790
epss 0.02786 https://api.first.org/data/v1/epss?cve=CVE-2013-1790
epss 0.02786 https://api.first.org/data/v1/epss?cve=CVE-2013-1790
epss 0.02786 https://api.first.org/data/v1/epss?cve=CVE-2013-1790
epss 0.02786 https://api.first.org/data/v1/epss?cve=CVE-2013-1790
epss 0.02786 https://api.first.org/data/v1/epss?cve=CVE-2013-1790
epss 0.02786 https://api.first.org/data/v1/epss?cve=CVE-2013-1790
epss 0.02786 https://api.first.org/data/v1/epss?cve=CVE-2013-1790
epss 0.02786 https://api.first.org/data/v1/epss?cve=CVE-2013-1790
epss 0.02786 https://api.first.org/data/v1/epss?cve=CVE-2013-1790
epss 0.02786 https://api.first.org/data/v1/epss?cve=CVE-2013-1790
epss 0.02786 https://api.first.org/data/v1/epss?cve=CVE-2013-1790
epss 0.06598 https://api.first.org/data/v1/epss?cve=CVE-2013-1790
cvssv2 6.8 https://nvd.nist.gov/vuln/detail/CVE-2013-1790
Reference id Reference type URL
http://cgit.freedesktop.org/poppler/poppler/commit/?h=poppler-0.22&id=b1026b5978c385328f2a15a2185c599a563edf91
http://j00ru.vexillium.org/?p=1507
http://lists.fedoraproject.org/pipermail/package-announce/2013-March/100081.html
http://lists.fedoraproject.org/pipermail/package-announce/2013-March/100090.html
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1790.json
https://api.first.org/data/v1/epss?cve=CVE-2013-1790
https://bugzilla.redhat.com/show_bug.cgi?id=917111
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1790
http://secunia.com/advisories/52846
http://ubuntu.com/usn/usn-1785-1
http://www.debian.org/security/2013/dsa-2719
http://www.mandriva.com/security/advisories?name=MDVSA-2013:143
http://www.openwall.com/lists/oss-security/2013/02/28/4
http://www.openwall.com/lists/oss-security/2013/02/28/8
702071 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=702071
cpe:2.3:a:freedesktop:poppler:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:*:*:*:*:*:*:*:*
CVE-2013-1790 https://nvd.nist.gov/vuln/detail/CVE-2013-1790
GLSA-201310-03 https://security.gentoo.org/glsa/201310-03
USN-1785-1 https://usn.ubuntu.com/1785-1/
No exploits are available.
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2013-1790
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.86302
EPSS Score 0.01305
Published At Nov. 1, 2024, midnight
Date Actor Action Source VulnerableCode Version
There are no relevant records.