CVE-2009-4035

2009-12-2121:30:00

CWE-94

[email protected]

web.nvd.nist.gov

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.2

Confidence

High

EPSS

0.006

Percentile

79.1%

JSON

The FoFiType1::parse function in fofi/FoFiType1.cc in Xpdf 3.0.0, gpdf 2.8.2, kpdf in kdegraphics 3.3.1, and possibly other libraries and versions, does not check the return value of the getNextLine function, which allows context-dependent attackers to execute arbitrary code via a PDF file with a crafted Type 1 font that can produce a negative value, leading to a signed-to-unsigned integer conversion error and a buffer overflow.

Affected configurations

Nvd

Node

gnomegpdfMatch2.8.2

kdekdegraphicsMatch3.3.1

kdekpdfMatch3.3.1

xpdfxpdfMatch3.0.0

VendorProductVersionCPE
gnomegpdf2.8.2cpe:2.3:a:gnome:gpdf:2.8.2:*:*:*:*:*:*:*
kdekdegraphics3.3.1cpe:2.3:a:kde:kdegraphics:3.3.1:*:*:*:*:*:*:*
kdekpdf3.3.1cpe:2.3:a:kde:kpdf:3.3.1:*:*:*:*:*:*:*
xpdfxpdf3.0.0cpe:2.3:a:xpdf:xpdf:3.0.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
gnome	gpdf	2.8.2	cpe:2.3:a:gnome:gpdf:2.8.2:::::::*
kde	kdegraphics	3.3.1	cpe:2.3:a:kde:kdegraphics:3.3.1:::::::*
kde	kpdf	3.3.1	cpe:2.3:a:kde:kpdf:3.3.1:::::::*
xpdf	xpdf	3.0.0	cpe:2.3:a:xpdf:xpdf:3.0.0:::::::*