Showing 1 - 4 of 4

CVE-2008-2950

Status Candidate

Overview

The Page destructor in Page.cc in libpoppler in Poppler 0.8.4 and earlier deletes a pageWidgets object even if it is not initialized by a Page constructor, which allows remote attackers to execute arbitrary code via a crafted PDF document.

Related Files

Ubuntu Security Notice 631-1: Posted Jul 29, 2008; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 631-1 - Felipe Andres Manzano discovered that poppler did not correctly initialize certain page widgets. If a user were tricked into viewing a malicious PDF file, a remote attacker could exploit this to crash applications linked against poppler, leading to a denial of service.; tags | advisory, remote, denial of service; systems | linux, ubuntu; advisories | CVE-2008-2950; SHA-256 | 0ec6910ad5d0a13b21e10a3f4952dc7ea960a60f14e0dac4f134e1fc3d94e805; Download | Favorite | View

Mandriva Linux Security Advisory 2008-146: Posted Jul 16, 2008; Authored by Mandriva | Site mandriva.com; Mandriva Linux Security Advisory - A memory management issue was found in libpoppler by Felipe Andres Manzano that could allow for the execution of arbitrary code with the privileges of the user running a poppler-based application, if they opened a specially crafted PDF file. The updated packages have been patched to correct this issue.; tags | advisory, arbitrary; systems | linux, mandriva; advisories | CVE-2008-2950; SHA-256 | 411aacd9fb69d58366d38e486720a5ae91a43dfafe9d392cce5d436502257020; Download | Favorite | View

Gentoo Linux Security Advisory 200807-4: Posted Jul 10, 2008; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory GLSA 200807-04 - Felipe Andres Manzano reported a memory management issue in the Page class constructor/destructor. Versions less than 0.6.3-r1 are affected.; tags | advisory; systems | linux, gentoo; advisories | CVE-2008-2950; SHA-256 | 6e0c208b00eff0d9200e67ccf52aa52107b3fb1343e0d2f129c46f14c69434d3; Download | Favorite | View

Open Source CERT Security Advisory 2008.7: Posted Jul 10, 2008; Authored by Andrea Barisani, Open Source CERT | Site ocert.org; The Poppler PDF rendering library versions 0.8.4 and below suffers from a memory management bug which can allows for arbitrary code execution.; tags | advisory, arbitrary, code execution; advisories | CVE-2008-2950; SHA-256 | 0f357fc416cd3be3d0207302a38ee42eb9121ef982844b3425f2e54b4376193c; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 232 files
Ubuntu 59 files
Debian 27 files
Valentin Lobstein 11 files
LiquidWorm 11 files
nu11secur1ty 9 files
Apple 6 files
Milad Karimi 5 files
Google Security Research 5 files
Yevhenii Butenko 4 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,022)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,467)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,318)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,567)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,456)
UNIX (9,394)
UnixWare (187)
Windows (6,650)
Other

CVE-2008-2950

Overview

Related Files

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems