Lucene search
RootSSV:3570HistoryJul 08, 2008 - 12:00 a.m.
Poppler PDF渲染库页类远程代码执行漏洞
2008-07-0800:00:00
Root
www.seebug.org
9
0.405 Medium
EPSS
Percentile
96.9%
BUGTRAQ ID: 30107
CVE ID:CVE-2008-2950
CNCVE ID:CNCVE-20082950
Poppler是一款PDF渲染库。
Poppler PDF渲染库存在一个内存管理错误,远程攻击者可以利用漏洞以应用程序权限执行任意代码。
漏洞存在于页类构造/解构中,在特定条件下pageWidgets对象在页构造中不正确初始化,并在之后解构过程中没有检查是否初始化而直接删除,特殊构建的PDF文件可导致分配任意内存而触发此漏洞。可能导致以应用程序权限执行任意代码。
poppler 0.8.4
升级到最新版本:
<a href=“http://poppler.freedesktop.org/” target=“_blank”>http://poppler.freedesktop.org/</a>
Related
nessus
nessus
Mandriva Linux Security Advisory : poppler (MDVSA-2008:146)
2009-04-23 00:00:00
Fedora 8 : poppler-0.6.2-2.fc8 (2008-7104)
2008-08-08 00:00:00
openSUSE Security Update : libpoppler-devel (libpoppler-devel-77)
2009-07-21 00:00:00
fedora
fedora
[SECURITY] Fedora 9 Update: poppler-0.8.1-2.fc9
2008-09-11 17:07:33
[SECURITY] Fedora 8 Update: poppler-0.6.2-2.fc8
2008-08-07 23:57:57
[SECURITY] Fedora 9 Update: poppler-0.8.7-2.fc9
2009-06-27 02:49:30
securityvulns
securityvulns
libpoppler library uninitialized pointer
2008-07-10 00:00:00
[Full-disclosure] #2008-007 libpoppler uninitialized pointer - POC
2008-07-10 00:00:00
[oCERT-2008-007] libpoppler uninitialized pointer
2008-07-09 00:00:00
ubuntucve
ubuntucve
CVE-2008-2950
2008-07-07 00:00:00
prion
prion
Code injection
2008-07-07 23:41:00
openvas
openvas
Fedora Update for poppler FEDORA-2008-7104
2009-02-17 00:00:00
Gentoo Security Advisory GLSA 200807-04 (poppler)
2008-09-24 00:00:00
Mandriva Update for poppler MDVSA-2008:146 (poppler)
2009-04-09 00:00:00
freebsd
freebsd
poppler -- uninitialized pointer
2008-07-07 00:00:00
packetstorm
packetstorm
poppler-poc.txt
2008-07-10 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 5 package poppler5 version July
2008-07-29 00:00:00
cve
cve
CVE-2008-2950
2008-07-07 23:41:00
gentoo
gentoo
Poppler: User-assisted execution of arbitrary code
2008-07-08 00:00:00
ubuntu
ubuntu
poppler vulnerability
2008-07-28 00:00:00
debiancve
debiancve
CVE-2008-2950
2008-07-07 23:41:00