vulnerability
Arch Linux: Arbitrary code execution (CVE-2017-9775)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:N/AC:M/Au:N/C:N/I:N/A:P) | Jun 22, 2017 | Jul 11, 2025 | Nov 27, 2025 |
Severity
4
CVSS
(AV:N/AC:M/Au:N/C:N/I:N/A:P)
Published
Jun 22, 2017
Added
Jul 11, 2025
Modified
Nov 27, 2025
Description
A stack buffer overflow in has been found in GfxState.cc's module of poppler. Due to some restrictions in the lines after the bug, an attacker can't control the values written in the stack so it unlikely this could lead to a code execution.
Solution
arch-linux-upgrade-latest
References
- CVE-2017-9775
- https://attackerkb.com/topics/CVE-2017-9775
- URL-http://www.securityfocus.com/bid/99241
- URL-https://access.redhat.com/errata/RHSA-2017:2551
- URL-https://bugs.freedesktop.org/show_bug.cgi?id=101540
- URL-https://bugs.freedesktop.org/show_bug.cgi?id=101541
- URL-https://security.archlinux.org/ASA-201706-33
- URL-https://www.debian.org/security/2018/dsa-4079
- CWE-119
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.