Multiple vulnerabilities in Leptonica

Published: 2018-02-19 | Updated: 2018-03-20

Risk	High
Patch available	YES
Number of vulnerabilities	2
CVE-ID	CVE-2018-7247 CVE-2018-7186
CWE-ID	CWE-120 CWE-121
Exploitation vector	Network
Public exploit	N/A
Vulnerable software	Leptonica Universal components / Libraries / Libraries used by multiple products
Vendor	DanBloomberg

Security Bulletin

This security bulletin contains information about 2 vulnerabilities.

1) Buffer overflow

EUVDB-ID: #VU11176

Risk: High

CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2018-7247

CWE-ID: CWE-120 - Buffer overflow

Exploit availability: No

Description

The vulnerability allows a remote unauthenticated attacker to execute arbitrary code on the target system.

The weakness exists in the pixHtmlViewer function due to buffer overflow. A remote attacker can trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of the vulnerability may result in system compromise.

Mitigation

Update to version 1.75.3.

Vulnerable software versions

Leptonica: 1.0 - 1.75.2

CPE2.3

External links

https://github.com/DanBloomberg/leptonica/commit/c1079bb8e77cdd426759e466729917ca37a3ed9f

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Stack-based buffer overflow

EUVDB-ID: #VU11175

Risk: Low

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2018-7186

CWE-ID: CWE-121 - Stack-based buffer overflow