Lucene search

K

PRIOn knowledge basePRION:CVE-2008-1693

HistoryApr 18, 2008 - 3:05 p.m.

Design/Logic Flaw

2008-04-1815:05:00

PRIOn knowledge base

www.prio-n.com

2

7.6 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.09 Low

EPSS

Percentile

94.4%

The CairoFont::create function in CairoFontEngine.cc in Poppler, possibly before 0.8.0, as used in Xpdf, Evince, ePDFview, KWord, and other applications, does not properly handle embedded fonts in PDF files, which allows remote attackers to execute arbitrary code via a crafted font object, related to dereferencing a function pointer associated with the type of this font object.

CPENameOperatorVersion
popplereq0.3.2
popplereq0.4.0
popplereq0.7.1
popplereq0.6.1
popplereq0.3.1
popplereq0.5.2
popplereq0.5.91
popplereq0.6.0
popplereq0.3.3
popplereq0.4.2

Rows per page:

1-10 of 291

References

lists.opensuse.org/opensuse-security-announce/2008-05/msg00000.html

secunia.com/advisories/29816

secunia.com/advisories/29834

secunia.com/advisories/29836

secunia.com/advisories/29851

secunia.com/advisories/29853

secunia.com/advisories/29868

secunia.com/advisories/29869

secunia.com/advisories/29884

secunia.com/advisories/29885

secunia.com/advisories/30019

secunia.com/advisories/30033

secunia.com/advisories/30717

secunia.com/advisories/31035

security.gentoo.org/glsa/glsa-200804-18.xml

securitytracker.com/id?1019893

www.debian.org/security/2008/dsa-1548

www.debian.org/security/2008/dsa-1606

www.mandriva.com/security/advisories?name=MDVSA-2008:089

www.mandriva.com/security/advisories?name=MDVSA-2008:173

www.mandriva.com/security/advisories?name=MDVSA-2008:197

www.novell.com/linux/security/advisories/2008_13_sr.html

www.redhat.com/support/errata/RHSA-2008-0238.html

www.redhat.com/support/errata/RHSA-2008-0239.html

www.redhat.com/support/errata/RHSA-2008-0240.html

www.redhat.com/support/errata/RHSA-2008-0262.html

www.securityfocus.com/bid/28830

www.ubuntu.com/usn/usn-603-1

www.ubuntu.com/usn/usn-603-2

www.vupen.com/english/advisories/2008/1265/references

www.vupen.com/english/advisories/2008/1266/references

exchange.xforce.ibmcloud.com/vulnerabilities/41884

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11226

www.redhat.com/archives/fedora-package-announce/2008-April/msg00522.html

7.6 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.09 Low

EPSS

Percentile

94.4%

Related for PRION:CVE-2008-1693

osv2 oraclelinux4 nessus29 openvas37 centos4 redhat4 debian2 debiancve1 ubuntu2 seebug1 veracode1 cve1 gentoo1 securityvulns2 ubuntucve1 fedora1