2009-04-23 21:30:00 2018-10-10 21:34:43

Integer overflow in the JBIG2 decoding feature in the SplashBitmap::SplashBitmap function in SplashBitmap.cc in Xpdf 3.x before 3.02pl4 and Poppler before 0.10.6, as used in GPdf and kdegraphics KPDF, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document.

Vector

NETWORK

Complexity

LOW

Authentication

NONE

Confidentiality

NONE

Integrity

NONE

Availability

PARTIAL
Poppler Poppler 0.10.5 (not an official CPE) Poppler Poppler 0.10.4 (not an official CPE) Poppler Poppler 0.10.3 (not an official CPE) Poppler Poppler 0.10.2 (not an official CPE) Poppler Poppler 0.10.1 (not an official CPE) Poppler Poppler 0.10.0 (not an official CPE) Poppler Poppler 0.9.3 (not an official CPE) Poppler Poppler 0.9.2 (not an official CPE) Poppler Poppler 0.9.1 (not an official CPE) Poppler Poppler 0.9.0 (not an official CPE) Poppler Poppler 0.8.7 (not an official CPE) Poppler Poppler 0.8.6 (not an official CPE) Poppler Poppler 0.8.5 (not an official CPE) Poppler Poppler 0.8.4 (not an official CPE) Poppler Poppler 0.8.3 (not an official CPE) Poppler Poppler 0.8.2 (not an official CPE) Poppler Poppler 0.8.1 (not an official CPE) Poppler Poppler 0.8.0 (not an official CPE) Poppler Poppler 0.7.3 (not an official CPE) Poppler Poppler 0.7.2 (not an official CPE) Poppler Poppler 0.7.1 (not an official CPE) Poppler Poppler 0.7.0 (not an official CPE) Poppler Poppler 0.6.4 (not an official CPE) Poppler Poppler 0.6.3 (not an official CPE) Poppler Poppler 0.6.2 (not an official CPE) Poppler Poppler 0.6.1 (not an official CPE) Poppler Poppler 0.6.0 (not an official CPE) Poppler Poppler 0.5.91 (not an official CPE) Poppler Poppler 0.5.90 (not an official CPE) Poppler Poppler 0.5.9 (not an official CPE) Poppler Poppler 0.5.4 (not an official CPE) Poppler Poppler 0.5.3 (not an official CPE) Poppler Poppler 0.5.2 (not an official CPE) Poppler Poppler 0.5.1 (not an official CPE) Poppler Poppler 0.5.0 (not an official CPE) Poppler Poppler 0.4.4 (not an official CPE) Poppler Poppler 0.4.3 (not an official CPE) Poppler Poppler 0.4.2 (not an official CPE) Poppler Poppler 0.4.1 (not an official CPE) Poppler Poppler 0.4.0 (not an official CPE) Poppler Poppler 0.3.3 (not an official CPE) Poppler Poppler 0.3.2 (not an official CPE) Poppler Poppler 0.3.1 (not an official CPE) Poppler Poppler 0.3.0 (not an official CPE) Poppler Poppler 0.2.0 (not an official CPE) Poppler Poppler 0.1.2 (not an official CPE) Poppler Poppler 0.1.1 (not an official CPE) Poppler Poppler 0.1 (not an official CPE)