CVE Vulnerabilities

CVE-2009-3605

Published: Nov 02, 2009 | Modified: Nov 07, 2023
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
6.8 MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
RedHat/V2
5.8 MODERATE
AV:A/AC:L/Au:N/C:P/I:P/A:P
RedHat/V3
Ubuntu
MEDIUM

Multiple integer overflows in Poppler 0.10.5 and earlier allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF file, related to (1) glib/poppler-page.cc; (2) ArthurOutputDev.cc, (3) CairoOutputDev.cc, (4) GfxState.cc, (5) JBIG2Stream.cc, (6) PSOutputDev.cc, and (7) SplashOutputDev.cc in poppler/; and (8) SplashBitmap.cc, (9) Splash.cc, and (10) SplashFTFont.cc in splash/. NOTE: this may overlap CVE-2009-0791.

Affected Software

Name Vendor Start Version End Version
Poppler Poppler * 0.10.5 (including)
Poppler Poppler 0.1 (including) 0.1 (including)
Poppler Poppler 0.1.1 (including) 0.1.1 (including)
Poppler Poppler 0.1.2 (including) 0.1.2 (including)
Poppler Poppler 0.2.0 (including) 0.2.0 (including)
Poppler Poppler 0.3.0 (including) 0.3.0 (including)
Poppler Poppler 0.3.1 (including) 0.3.1 (including)
Poppler Poppler 0.3.2 (including) 0.3.2 (including)
Poppler Poppler 0.3.3 (including) 0.3.3 (including)
Poppler Poppler 0.4.0 (including) 0.4.0 (including)
Poppler Poppler 0.4.1 (including) 0.4.1 (including)
Poppler Poppler 0.4.2 (including) 0.4.2 (including)
Poppler Poppler 0.4.3 (including) 0.4.3 (including)
Poppler Poppler 0.4.4 (including) 0.4.4 (including)
Poppler Poppler 0.5.0 (including) 0.5.0 (including)
Poppler Poppler 0.5.1 (including) 0.5.1 (including)
Poppler Poppler 0.5.2 (including) 0.5.2 (including)
Poppler Poppler 0.5.3 (including) 0.5.3 (including)
Poppler Poppler 0.5.4 (including) 0.5.4 (including)
Poppler Poppler 0.5.9 (including) 0.5.9 (including)
Poppler Poppler 0.5.90 (including) 0.5.90 (including)
Poppler Poppler 0.5.91 (including) 0.5.91 (including)
Poppler Poppler 0.6.0 (including) 0.6.0 (including)
Poppler Poppler 0.6.1 (including) 0.6.1 (including)
Poppler Poppler 0.6.2 (including) 0.6.2 (including)
Poppler Poppler 0.6.3 (including) 0.6.3 (including)
Poppler Poppler 0.6.4 (including) 0.6.4 (including)
Poppler Poppler 0.7.0 (including) 0.7.0 (including)
Poppler Poppler 0.7.1 (including) 0.7.1 (including)
Poppler Poppler 0.7.2 (including) 0.7.2 (including)
Poppler Poppler 0.7.3 (including) 0.7.3 (including)
Poppler Poppler 0.8.0 (including) 0.8.0 (including)
Poppler Poppler 0.8.1 (including) 0.8.1 (including)
Poppler Poppler 0.8.2 (including) 0.8.2 (including)
Poppler Poppler 0.8.3 (including) 0.8.3 (including)
Poppler Poppler 0.8.4 (including) 0.8.4 (including)
Poppler Poppler 0.8.5 (including) 0.8.5 (including)
Poppler Poppler 0.8.6 (including) 0.8.6 (including)
Poppler Poppler 0.8.7 (including) 0.8.7 (including)
Poppler Poppler 0.9.0 (including) 0.9.0 (including)
Poppler Poppler 0.9.1 (including) 0.9.1 (including)
Poppler Poppler 0.9.2 (including) 0.9.2 (including)
Poppler Poppler 0.9.3 (including) 0.9.3 (including)
Poppler Poppler 0.10.0 (including) 0.10.0 (including)
Poppler Poppler 0.10.1 (including) 0.10.1 (including)
Poppler Poppler 0.10.2 (including) 0.10.2 (including)
Poppler Poppler 0.10.3 (including) 0.10.3 (including)
Poppler Poppler 0.10.4 (including) 0.10.4 (including)
Poppler Ubuntu dapper *
Poppler Ubuntu hardy *
Poppler Ubuntu intrepid *
Poppler Ubuntu jaunty *

References