UBUNTU-CVE-2009-3603

Integer overflow in the SplashBitmap::SplashBitmap function in Xpdf 3.x before 3.02pl4 and Poppler before 0.12.1 might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow. NOTE: some of these details are obtained from third party...

xpdf/poppler: SplashBitmap:: SplashBitmap integer overflow

Integer overflow in the SplashBitmap::SplashBitmap function in Xpdf 3.x before 3.02pl4 and Poppler before 0.12.1 might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow. NOTE: some of these details are obtained from third party...

xpdf/poppler: SplashBitmap integer overflow

Integer overflow in the JBIG2 decoding feature in the SplashBitmap::SplashBitmap function in SplashBitmap.cc in Xpdf 3.x before 3.02pl4 and Poppler before 0.10.6, as used in GPdf and kdegraphics KPDF, allows remote attackers to execute arbitrary code or cause a denial of service application crash...

xpdf/poppler: Splash:: drawImage integer overflow and missing allocation return value check

The Splash::drawImage function in Splash.cc in Xpdf 2.x and 3.x before 3.02pl4, and Poppler 0.x, as used in GPdf and kdegraphics KPDF, does not properly allocate memory, which allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted P...

CVE-2009-1188

CVE-2009-1188 involves an integer overflow in the JBIG2 decoding path of the SplashBitmap feature. Affected software: Xpdf 3.x (before 3.02pl4) and Poppler (before 0.10.6), used by GPdf and kdegraphics KPDF. Root cause: integer overflow in JBIG2 decoding that can be triggered by a crafted PDF, le...