CVE-2009-3605

2009-11-02 16:30:00 2017-09-19 03:29:41

Multiple integer overflows in Poppler 0.10.5 and earlier allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF file, related to (1) glib/poppler-page.cc; (2) ArthurOutputDev.cc, (3) CairoOutputDev.cc, (4) GfxState.cc, (5) JBIG2Stream.cc, (6) PSOutputDev.cc, and (7) SplashOutputDev.cc in poppler/; and (8) SplashBitmap.cc, (9) Splash.cc, and (10) SplashFTFont.cc in splash/. NOTE: this may overlap CVE-2009-0791.

Vector

NETWORK

Complexity

MEDIUM

Authentication

NONE

Confidentiality

PARTIAL

Integrity

PARTIAL

Availability

PARTIAL
Poppler Poppler 0.7.1 (not an official CPE) Poppler Poppler 0.6.2 (not an official CPE) Poppler Poppler 0.5.3 (not an official CPE) Poppler Poppler 0.4.4 (not an official CPE) Poppler Poppler 0.9.0 (not an official CPE) Poppler Poppler 0.8.1 (not an official CPE) Poppler Poppler 0.7.2 (not an official CPE) Poppler Poppler 0.6.3 (not an official CPE) Poppler Poppler 0.5.4 (not an official CPE) Poppler Poppler 0.9.1 (not an official CPE) Poppler Poppler 0.8.2 (not an official CPE) Poppler Poppler 0.7.3 (not an official CPE) Poppler Poppler 0.6.4 (not an official CPE) Poppler Poppler 0.9.2 (not an official CPE) Poppler Poppler 0.8.3 (not an official CPE) Poppler Poppler 0.2.0 (not an official CPE) Poppler Poppler 0.1.1 (not an official CPE) Poppler Poppler 0.3.0 (not an official CPE) Poppler Poppler 0.1.2 (not an official CPE) Poppler Poppler 0.10.0 (not an official CPE) Poppler Poppler 0.10.1 (not an official CPE) Poppler Poppler 0.10.2 (not an official CPE) Poppler Poppler 0.10.3 (not an official CPE) Poppler Poppler 0.10.4 (not an official CPE) Poppler Poppler 0.10.5 (not an official CPE) Poppler Poppler 0.5.90 (not an official CPE) Poppler Poppler 0.5.91 (not an official CPE) Poppler Poppler 0.1 (not an official CPE) Poppler Poppler 0.9.3 (not an official CPE) Poppler Poppler 0.8.4 (not an official CPE) Poppler Poppler 0.8.5 (not an official CPE) Poppler Poppler 0.8.6 (not an official CPE) Poppler Poppler 0.5.9 (not an official CPE) Poppler Poppler 0.8.7 (not an official CPE) Poppler Poppler 0.4.0 (not an official CPE) Poppler Poppler 0.3.1 (not an official CPE) Poppler Poppler 0.5.0 (not an official CPE) Poppler Poppler 0.4.1 (not an official CPE) Poppler Poppler 0.3.2 (not an official CPE) Poppler Poppler 0.6.0 (not an official CPE) Poppler Poppler 0.5.1 (not an official CPE) Poppler Poppler 0.4.2 (not an official CPE) Poppler Poppler 0.3.3 (not an official CPE) Poppler Poppler 0.7.0 (not an official CPE) Poppler Poppler 0.6.1 (not an official CPE) Poppler Poppler 0.5.2 (not an official CPE) Poppler Poppler 0.4.3 (not an official CPE) Poppler Poppler 0.8.0 (not an official CPE)