Lucene search
GoogleOSV:DSA-2028-1HistoryApr 05, 2010 - 12:00 a.m.
xpdf - several vulnerabilities
2010-04-0500:00:00
Google
osv.dev
10
0.39 Low
EPSS
Percentile
97.3%
Several vulnerabilities have been identified in xpdf, a suite of tools for
viewing and converting Portable Document Format (PDF) files.
The Common Vulnerabilities and Exposures project identifies the following
problems:
- CVE-2009-1188 and CVE-2009-3603
Integer overflow in SplashBitmap::SplashBitmap which might allow remote
attackers to execute arbitrary code or an application crash via a crafted
PDF document. - CVE-2009-3604
NULL pointer dereference or heap-based buffer overflow in
Splash::drawImage which might allow remote attackers to cause a denial
of service (application crash) or possibly execute arbitrary code via
a crafted PDF document. - CVE-2009-3606
Integer overflow in the PSOutputDev::doImageL1Sep which might allow
remote attackers to execute arbitrary code via a crafted PDF document. - CVE-2009-3608
Integer overflow in the ObjectStream::ObjectStream which might allow
remote attackers to execute arbitrary code via a crafted PDF document. - CVE-2009-3609
Integer overflow in the ImageStream::ImageStream which might allow
remote attackers to cause a denial of service via a crafted PDF
document.
For the stable distribution (lenny), this problem has been fixed in
version 3.02-1.4+lenny2.
For the testing distribution (squeeze), this problem will be fixed soon.
For the unstable distribution (sid), this problem has been fixed in
version 3.02-2.
| CPE | Name | Operator | Version |
|---|---|---|---|
| xpdf | eq | 3.02-1.4 | |
| xpdf | eq | 3.02-1.4+lenny1 |
References
Related
nessus
nessus
Fedora 12 : pdfedit-0.4.3-4.fc12 (2010-1377)
2010-07-01 00:00:00
Debian DSA-2050-1 : kdegraphics - several vulnerabilities
2010-05-25 00:00:00
Debian DSA-2028-1 : xpdf - multiple vulnerabilities
2010-04-06 00:00:00
openvas
openvas
Mandriva Security Advisory MDVSA-2009:287-1 (xpdf)
2009-12-10 00:00:00
FreeBSD Ports: xpdf
2009-10-27 00:00:00
Debian: Security Advisory (DSA-2050-1)
2010-06-03 00:00:00
fedora
fedora
[SECURITY] Fedora 11 Update: pdfedit-0.4.3-4.fc11
2010-02-20 00:24:10
[SECURITY] Fedora 12 Update: pdfedit-0.4.3-4.fc12
2010-02-20 00:25:46
[SECURITY] Fedora 13 Update: pdfedit-0.4.3-4.fc13
2010-02-20 00:11:55
debian
debian
[SECURITY] [DSA 2028-1] New xpdf packages fix several vulnerabilities
2010-04-05 15:23:30
[SECURITY] [DSA 2050-1] New kdegraphics packages fix several vulnerabilities
2010-05-24 15:38:34
osv
osv
kdegraphics - several vulnerabilities
2010-05-24 00:00:00
securityvulns
securityvulns
CUPS / poppler / xpdf / Adobe Reader multipls security vulnerabilities
2009-10-28 00:00:00
[USN-850-1] poppler vulnerabilities
2009-10-22 00:00:00
[oCERT-2009-016] Poppler, xpdf integer overflow during heap allocation
2009-10-22 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 5 package xpdf version 3.02-alt7
2009-11-15 00:00:00
Security fix for the ALT Linux 5 package kdegraphics version 3.5.10-alt3
2009-10-19 00:00:00
oraclelinux
oraclelinux
xpdf security update
2009-10-15 00:00:00
poppler security and bug fix update
2009-10-15 00:00:00
kdegraphics security update
2009-10-15 00:00:00
redhat
redhat
(RHSA-2009:1501) Important: xpdf security update
2009-10-15 00:00:00
(RHSA-2009:1502) Important: kdegraphics security update
2009-10-15 00:00:00
(RHSA-2009:1503) Important: gpdf security update
2009-10-15 00:00:00
centos
centos
xpdf security update
2009-10-16 13:29:40
kdegraphics security update
2009-10-30 14:43:50
poppler security update
2009-10-30 14:43:58
ubuntu
ubuntu
poppler vulnerabilities
2009-11-02 00:00:00
poppler vulnerabilities
2009-10-21 00:00:00
cve
cve
debiancve
debiancve
nvd
nvd
ubuntucve
ubuntucve
CVE-2009-3603
2009-10-21 00:00:00
prion
prion
Integer overflow
2009-10-21 17:30:00
Heap overflow
2009-10-21 17:30:00
cvelist
cvelist
veracode
veracode
Buffer Overflow
2020-04-10 00:39:35