← back
CVE-2012-2142

CVE-2012-2142

EPSS 2.9%
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS EPSS 2.9%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
09 Jan 2020Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
The error function in Error.cc in poppler before 0.21.4 allows remote attackers to execute arbitrary commands via a PDF containing an escape sequence for a terminal emulator.
Affected products
poppler · poppler

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://cgit.freedesktop.org/poppler/poppler/commit/?id=71bad47ed6a36d825b0d08992c8db56845c71e40http://cgit.freedesktop.org/poppler/poppler/commit/NEWS?id=2bc48d5369f1dbecfc4db2878f33bdeb80d8d90fhttp://lists.opensuse.org/opensuse-updates/2013-08/msg00049.htmlhttps://bugzilla.redhat.com/show_bug.cgi?id=789936http://www.openwall.com/lists/oss-security/2013/08/09/5http://www.openwall.com/lists/oss-security/2013/08/09/6