exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 10 of 10 RSS Feed

CVE-2009-3604

Status Candidate

Overview

The Splash::drawImage function in Splash.cc in Xpdf 2.x and 3.x before 3.02pl4, and Poppler 0.x, as used in GPdf and kdegraphics KPDF, does not properly allocate memory, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document that triggers a NULL pointer dereference or a heap-based buffer overflow.

Related Files

Gentoo Linux Security Advisory 201310-03
Posted Oct 7, 2013
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201310-3 - Multiple vulnerabilities have been found in Poppler, some of which may allow execution of arbitrary code. Versions less than 0.22.2-r1 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2009-0146, CVE-2009-0147, CVE-2009-0165, CVE-2009-0166, CVE-2009-0195, CVE-2009-0799, CVE-2009-0800, CVE-2009-1179, CVE-2009-1180, CVE-2009-1181, CVE-2009-1182, CVE-2009-1183, CVE-2009-1187, CVE-2009-1188, CVE-2009-3603, CVE-2009-3604, CVE-2009-3605, CVE-2009-3606, CVE-2009-3607, CVE-2009-3608, CVE-2009-3609, CVE-2009-3938, CVE-2010-3702, CVE-2010-3703, CVE-2010-3704, CVE-2010-4653, CVE-2010-4654, CVE-2012-2142
SHA-256 | 16eefcedc1f920563836019127836503bea995cfd0361da741d9651c6c38a920
Mandriva Linux Security Advisory 2011-175
Posted Nov 16, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-175 - Multiple security vulnerabilities has been discovered and corrected in poppler. An out-of-bounds reading flaw in the JBIG2 decoder allows remote attackers to cause a denial of service via a crafted PDF file. Multiple input validation flaws in the JBIG2 decoder allows remote attackers to execute arbitrary code via a crafted PDF file. An integer overflow in the JBIG2 decoder allows remote attackers to execute arbitrary code via a crafted PDF file. Multiple other vulnerabilities have been addressed as well. The updated packages have been patched to correct these issues.

tags | advisory, remote, denial of service, overflow, arbitrary, vulnerability
systems | linux, mandriva
advisories | CVE-2009-0799, CVE-2009-0800, CVE-2009-1179, CVE-2009-1180, CVE-2009-1181, CVE-2009-1182, CVE-2009-1183, CVE-2009-1188, CVE-2009-3603, CVE-2009-3604, CVE-2009-3605, CVE-2009-3606, CVE-2009-3607, CVE-2009-3608, CVE-2009-3609, CVE-2009-3938
SHA-256 | 277a0876547aa48a2da60db5935554f4108da58a7024458c326a8a0ae4c37a2e
Debian Linux Security Advisory 2050-1
Posted May 25, 2010
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2050-1 - Several local vulnerabilities have been discovered in KPDF, a PDF viewer for KDE, which allow the execution of arbitrary code or denial of service if a user is tricked into opening a crafted PDF document.

tags | advisory, denial of service, arbitrary, local, vulnerability
systems | linux, debian
advisories | CVE-2009-1188, CVE-2009-3603, CVE-2009-3604, CVE-2009-3606, CVE-2009-3608, CVE-2009-3609
SHA-256 | 8644bd02ce6a14e6ad5b57a5ac9357645edd45cf845f315851d8662a0585d241
Mandriva Linux Security Advisory 2010-087
Posted Apr 30, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-087 - Multiple buffer overflow vulnerabilities have been found and corrected in poppler. The updated poppler packages have upgraded to 0.5.4 and have been patched to correct these issues.

tags | advisory, overflow, vulnerability
systems | linux, mandriva
advisories | CVE-2009-0146, CVE-2009-0147, CVE-2009-0166, CVE-2009-0195, CVE-2009-0799, CVE-2009-0800, CVE-2009-1179, CVE-2009-1180, CVE-2009-1181, CVE-2009-1182, CVE-2009-1183, CVE-2009-1187, CVE-2009-1188, CVE-2009-3604, CVE-2009-3606, CVE-2009-3603
SHA-256 | 4168f306577bc79b87d31896306a31d170c85717df5212b9d33cbb3aa67282ad
Debian Linux Security Advisory 2028-1
Posted Apr 6, 2010
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2028-1 - Several vulnerabilities have been identified in xpdf, a suite of tools for viewing and converting Portable Document Format (PDF) files.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2009-1188, CVE-2009-3603, CVE-2009-3604, CVE-2009-3606, CVE-2009-3608, CVE-2009-3609
SHA-256 | 6844de5c8708330205f555a5bd87175685c6a4097b829e30b8a856f02481856b
Mandriva Linux Security Advisory 2010-055
Posted Mar 6, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-055 - Denial of service, buffer overflows, integer overflows and other issues have been addressed in Poppler.

tags | advisory, denial of service, overflow
systems | linux, mandriva
advisories | CVE-2009-0799, CVE-2009-0800, CVE-2009-1179, CVE-2009-1180, CVE-2009-1181, CVE-2009-1182, CVE-2009-1183, CVE-2009-1188, CVE-2009-3603, CVE-2009-3604, CVE-2009-3605, CVE-2009-3606, CVE-2009-3607, CVE-2009-3608, CVE-2009-3609, CVE-2009-3938
SHA-256 | c1f39ccb7ae4691e51e96d2b4dda262462f9738eabe92c6b916c22a54e98557d
Mandriva Linux Security Advisory 2009-287
Posted Dec 4, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-287 - Multiple vulnerabilities have been found and corrected in xpdf.

tags | advisory, vulnerability
systems | linux, mandriva
advisories | CVE-2009-3603, CVE-2009-3604, CVE-2009-3606, CVE-2009-3608, CVE-2009-3609
SHA-256 | b7df1aa36ed4c7cf25a57942409eb64263e9e0ae6b9559c1f0ed8dd9d8b1cfad
Ubuntu Security Notice 850-3
Posted Nov 3, 2009
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 850-3 - USN-850-1 fixed vulnerabilities in poppler. This update provides the corresponding updates for Ubuntu 9.10. Original advisory details: It was discovered that poppler contained multiple security issues when parsing malformed PDF documents. If a user or automated system were tricked into opening a crafted PDF file, an attacker could cause a denial of service or execute arbitrary code with privileges of the user invoking the program.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2009-3603, CVE-2009-3604, CVE-2009-3607, CVE-2009-3608, CVE-2009-3609
SHA-256 | 63c3ccfbae71b61e42605e0cd81a7cff6e1cf05926b86d413a70fe812affcec3
Mandriva Linux Security Advisory 2009-287
Posted Oct 23, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-287 - Integer overflows and memory allocation issues that could result in a denial of service or code execution via xpdf have been resolved.

tags | advisory, denial of service, overflow, code execution
systems | linux, mandriva
advisories | CVE-2009-3603, CVE-2009-3604, CVE-2009-3606, CVE-2009-3608, CVE-2009-3609
SHA-256 | 80c75bcffe938ef51c3cc7bd64b8ca3f8e8d9e264e1804fcd8c23a453cc6e0ff
Ubuntu Security Notice 850-1
Posted Oct 21, 2009
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 850-1 - It was discovered that poppler contained multiple security issues when parsing malformed PDF documents. If a user or automated system were tricked into opening a crafted PDF file, an attacker could cause a denial of service or execute arbitrary code with privileges of the user invoking the program.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2009-0755, CVE-2009-3603, CVE-2009-3604, CVE-2009-3605, CVE-2009-3607, CVE-2009-3608, CVE-2009-3609
SHA-256 | 2f82b6f88a4cf4427aa354e47da6d119543a06f31b58f73dfeef3c7d9b2a663b
Page 1 of 1
Back1Next

File Archive:

October 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    39 Files
  • 2
    Oct 2nd
    23 Files
  • 3
    Oct 3rd
    18 Files
  • 4
    Oct 4th
    20 Files
  • 5
    Oct 5th
    0 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    17 Files
  • 8
    Oct 8th
    66 Files
  • 9
    Oct 9th
    25 Files
  • 10
    Oct 10th
    20 Files
  • 11
    Oct 11th
    21 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close