CVE-2009-3609

2009-10-21 19:30:00 2019-03-06 17:30:38

Integer overflow in the ImageStream::ImageStream function in Stream.cc in Xpdf before 3.02pl4 and Poppler before 0.12.1, as used in GPdf, kdegraphics KPDF, and CUPS pdftops, allows remote attackers to cause a denial of service (application crash) via a crafted PDF document that triggers a NULL pointer dereference or buffer over-read.

Vector

NETWORK

Complexity

MEDIUM

Authentication

NONE

Confidentiality

NONE

Integrity

NONE

Availability

PARTIAL
Poppler Poppler 0.11.1 (not an official CPE) Poppler Poppler 0.11.0 (not an official CPE) Poppler Poppler 0.10.7 (not an official CPE) Poppler Poppler 0.10.6 (not an official CPE) Poppler Poppler 0.10.5 (not an official CPE) Poppler Poppler 0.10.4 (not an official CPE) Poppler Poppler 0.10.3 (not an official CPE) Poppler Poppler 0.10.2 (not an official CPE) Poppler Poppler 0.10.1 (not an official CPE) Poppler Poppler 0.10.0 (not an official CPE) Poppler Poppler 0.9.3 (not an official CPE) Poppler Poppler 0.9.2 (not an official CPE) Poppler Poppler 0.9.1 (not an official CPE) Poppler Poppler 0.9.0 (not an official CPE) Poppler Poppler 0.8.7 (not an official CPE) Poppler Poppler 0.8.6 (not an official CPE) Poppler Poppler 0.8.4 (not an official CPE) Poppler Poppler 0.8.3 (not an official CPE) Poppler Poppler 0.8.2 (not an official CPE) Poppler Poppler 0.8.1 (not an official CPE) Poppler Poppler 0.8.0 (not an official CPE) Poppler Poppler 0.7.3 (not an official CPE) Poppler Poppler 0.7.2 (not an official CPE) Poppler Poppler 0.7.1 (not an official CPE) Poppler Poppler 0.7.0 (not an official CPE) Poppler Poppler 0.6.4 (not an official CPE) Poppler Poppler 0.6.3 (not an official CPE) Poppler Poppler 0.6.2 (not an official CPE) Poppler Poppler 0.6.1 (not an official CPE) Poppler Poppler 0.6.0 (not an official CPE) Poppler Poppler 0.5.9 (not an official CPE) Poppler Poppler 0.5.4 (not an official CPE) Poppler Poppler 0.5.3 (not an official CPE) Poppler Poppler 0.5.2 (not an official CPE) Poppler Poppler 0.5.1 (not an official CPE) Poppler Poppler 0.5.0 (not an official CPE) Poppler Poppler 0.4.4 (not an official CPE) Poppler Poppler 0.4.3 (not an official CPE) Poppler Poppler 0.4.2 (not an official CPE) Poppler Poppler 0.4.1 (not an official CPE) Poppler Poppler 0.4.0 (not an official CPE) Poppler Poppler 0.3.3 (not an official CPE) Poppler Poppler 0.3.2 (not an official CPE) Poppler Poppler 0.3.1 (not an official CPE) Poppler Poppler 0.3.0 (not an official CPE) Poppler Poppler 0.2.0 (not an official CPE) Poppler Poppler 0.1.2 (not an official CPE) Poppler Poppler 0.1.1 (not an official CPE) Poppler Poppler 0.1 (not an official CPE) Glyphandcog Xpdfreader 3.02 (not an official CPE) Glyphandcog Xpdfreader 3.01 (not an official CPE) Glyphandcog Xpdfreader 3.00 (not an official CPE) Foolabs Xpdf 3.02pl3 (not an official CPE) Foolabs Xpdf 3.02pl2 (not an official CPE) Foolabs Xpdf 3.02pl1 (not an official CPE) Poppler Poppler 0.11.2 (not an official CPE) Poppler Poppler 0.11.3 (not an official CPE) Poppler Poppler 0.12.0 (not an official CPE)