CVE-2009-3604

The Splash::drawImage function in Splash.cc in Xpdf 2.x and 3.x before 3.02pl4, and Poppler 0.x, as used in GPdf and kdegraphics KPDF, does not properly allocate memory, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document that triggers a NULL pointer dereference or a heap-based buffer overflow.

Affected Software

Name	Vendor	Start Version	End Version
Gpdf	Gnome	*	*
Kpdf	Kde	*	*
Red Hat Enterprise Linux 3	RedHat	xpdf-1:2.02-17.el3	*
Red Hat Enterprise Linux 4	RedHat	xpdf-1:3.00-22.el4_8.1	*
Red Hat Enterprise Linux 4	RedHat	gpdf-0:2.8.2-7.7.2.el4_8.5	*
Red Hat Enterprise Linux 4	RedHat	kdegraphics-7:3.3.1-15.el4_8.2	*
Red Hat Enterprise Linux 5	RedHat	poppler-0:0.5.4-4.4.el5_3.9	*
Red Hat Enterprise Linux 5	RedHat	kdegraphics-7:3.5.4-15.el5_4.2	*
Gpdf	Ubuntu	dapper	*
Ipe	Ubuntu	artful	*
Ipe	Ubuntu	bionic	*
Ipe	Ubuntu	cosmic	*
Ipe	Ubuntu	dapper	*
Ipe	Ubuntu	disco	*
Ipe	Ubuntu	eoan	*
Ipe	Ubuntu	groovy	*
Ipe	Ubuntu	hardy	*
Ipe	Ubuntu	hirsute	*
Ipe	Ubuntu	impish	*
Ipe	Ubuntu	intrepid	*
Ipe	Ubuntu	jaunty	*
Ipe	Ubuntu	karmic	*
Ipe	Ubuntu	kinetic	*
Ipe	Ubuntu	lucid	*
Ipe	Ubuntu	lunar	*
Ipe	Ubuntu	mantic	*
Ipe	Ubuntu	maverick	*
Ipe	Ubuntu	natty	*
Ipe	Ubuntu	oneiric	*
Ipe	Ubuntu	precise	*
Ipe	Ubuntu	quantal	*
Ipe	Ubuntu	raring	*
Ipe	Ubuntu	saucy	*
Ipe	Ubuntu	trusty	*
Ipe	Ubuntu	utopic	*
Ipe	Ubuntu	vivid	*
Ipe	Ubuntu	wily	*
Ipe	Ubuntu	xenial	*
Ipe	Ubuntu	yakkety	*
Ipe	Ubuntu	zesty	*
Koffice	Ubuntu	dapper	*
Libextractor	Ubuntu	artful	*
Libextractor	Ubuntu	cosmic	*
Libextractor	Ubuntu	dapper	*
Libextractor	Ubuntu	disco	*
Libextractor	Ubuntu	eoan	*
Libextractor	Ubuntu	groovy	*
Libextractor	Ubuntu	hardy	*
Libextractor	Ubuntu	hirsute	*
Libextractor	Ubuntu	impish	*
Libextractor	Ubuntu	intrepid	*
Libextractor	Ubuntu	jaunty	*
Libextractor	Ubuntu	karmic	*
Libextractor	Ubuntu	lucid	*
Libextractor	Ubuntu	maverick	*
Libextractor	Ubuntu	natty	*
Libextractor	Ubuntu	oneiric	*
Libextractor	Ubuntu	precise	*
Libextractor	Ubuntu	quantal	*
Libextractor	Ubuntu	raring	*
Libextractor	Ubuntu	saucy	*
Libextractor	Ubuntu	trusty	*
Libextractor	Ubuntu	utopic	*
Libextractor	Ubuntu	vivid	*
Libextractor	Ubuntu	wily	*
Libextractor	Ubuntu	xenial	*
Libextractor	Ubuntu	yakkety	*
Libextractor	Ubuntu	zesty	*
Pdfkit.framework	Ubuntu	dapper	*
Pdftohtml	Ubuntu	dapper	*
Poppler	Ubuntu	artful	*
Poppler	Ubuntu	bionic	*
Poppler	Ubuntu	cosmic	*
Poppler	Ubuntu	dapper	*
Poppler	Ubuntu	devel	*
Poppler	Ubuntu	disco	*
Poppler	Ubuntu	eoan	*
Poppler	Ubuntu	focal	*
Poppler	Ubuntu	groovy	*
Poppler	Ubuntu	hardy	*
Poppler	Ubuntu	hirsute	*
Poppler	Ubuntu	impish	*
Poppler	Ubuntu	intrepid	*
Poppler	Ubuntu	jammy	*
Poppler	Ubuntu	jaunty	*
Poppler	Ubuntu	karmic	*
Poppler	Ubuntu	kinetic	*
Poppler	Ubuntu	lucid	*
Poppler	Ubuntu	lunar	*
Poppler	Ubuntu	mantic	*
Poppler	Ubuntu	maverick	*
Poppler	Ubuntu	natty	*
Poppler	Ubuntu	noble	*
Poppler	Ubuntu	oneiric	*
Poppler	Ubuntu	oracular	*
Poppler	Ubuntu	precise	*
Poppler	Ubuntu	quantal	*
Poppler	Ubuntu	raring	*
Poppler	Ubuntu	saucy	*
Poppler	Ubuntu	trusty	*
Poppler	Ubuntu	utopic	*
Poppler	Ubuntu	vivid	*
Poppler	Ubuntu	vivid/stable-phone-overlay	*
Poppler	Ubuntu	wily	*
Poppler	Ubuntu	xenial	*
Poppler	Ubuntu	yakkety	*
Poppler	Ubuntu	zesty	*
Xpdf	Ubuntu	dapper	*
Xpdf	Ubuntu	hardy	*
Xpdf	Ubuntu	intrepid	*
Xpdf	Ubuntu	jaunty	*
Xpdf	Ubuntu	karmic	*
Xpdf	Ubuntu	upstream	*

NVD	https://nvd.nist.gov/vuln/detail/CVE-2009-3604
CWE	https://cwe.mitre.org/data/definitions/399.html

Affected Software

References