The Splash::drawImage function in Splash.cc in Xpdf 2.x and 3.x before 3.02pl4, and Poppler 0.x, as used in GPdf and kdegraphics KPDF, does not properly allocate memory, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document that triggers a NULL pointer dereference or a heap-based buffer overflow.
References
Link Providers
ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl4.patch cve-icon cve-icon
http://cgit.freedesktop.org/poppler/poppler/commit/?id=9cf2325fb2 cve-icon cve-icon
http://cgit.freedesktop.org/poppler/poppler/diff/?id=284a928996&id2=75c3466ba2 cve-icon cve-icon
http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035340.html cve-icon cve-icon
http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035399.html cve-icon cve-icon
http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035408.html cve-icon cve-icon
http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html cve-icon cve-icon
http://secunia.com/advisories/37023 cve-icon cve-icon
http://secunia.com/advisories/37028 cve-icon cve-icon
http://secunia.com/advisories/37037 cve-icon cve-icon
http://secunia.com/advisories/37042 cve-icon cve-icon
http://secunia.com/advisories/37043 cve-icon cve-icon
http://secunia.com/advisories/37053 cve-icon cve-icon
http://secunia.com/advisories/37077 cve-icon cve-icon
http://secunia.com/advisories/37079 cve-icon cve-icon
http://secunia.com/advisories/37114 cve-icon cve-icon
http://secunia.com/advisories/37159 cve-icon cve-icon
http://secunia.com/advisories/39327 cve-icon cve-icon
http://secunia.com/advisories/39938 cve-icon cve-icon
http://securitytracker.com/id?1023029 cve-icon cve-icon
http://site.pi3.com.pl/adv/xpdf.txt cve-icon cve-icon
http://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1 cve-icon cve-icon
http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1 cve-icon cve-icon
http://www.debian.org/security/2010/dsa-2028 cve-icon cve-icon
http://www.debian.org/security/2010/dsa-2050 cve-icon cve-icon
http://www.mandriva.com/security/advisories?name=MDVSA-2009:287 cve-icon cve-icon
http://www.mandriva.com/security/advisories?name=MDVSA-2010:087 cve-icon cve-icon
http://www.mandriva.com/security/advisories?name=MDVSA-2011:175 cve-icon cve-icon
http://www.securityfocus.com/bid/36703 cve-icon cve-icon
http://www.ubuntu.com/usn/USN-850-1 cve-icon cve-icon
http://www.ubuntu.com/usn/USN-850-3 cve-icon cve-icon
http://www.vupen.com/english/advisories/2009/2924 cve-icon cve-icon
http://www.vupen.com/english/advisories/2009/2928 cve-icon cve-icon
http://www.vupen.com/english/advisories/2010/0802 cve-icon cve-icon
http://www.vupen.com/english/advisories/2010/1040 cve-icon cve-icon
http://www.vupen.com/english/advisories/2010/1220 cve-icon cve-icon
https://bugzilla.redhat.com/show_bug.cgi?id=526911 cve-icon cve-icon
https://exchange.xforce.ibmcloud.com/vulnerabilities/53795 cve-icon cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2009-3604 cve-icon
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10969 cve-icon cve-icon
https://rhn.redhat.com/errata/RHSA-2009-1500.html cve-icon cve-icon
https://rhn.redhat.com/errata/RHSA-2009-1501.html cve-icon cve-icon
https://rhn.redhat.com/errata/RHSA-2009-1502.html cve-icon cve-icon
https://rhn.redhat.com/errata/RHSA-2009-1503.html cve-icon cve-icon
https://rhn.redhat.com/errata/RHSA-2009-1512.html cve-icon cve-icon
https://www.cve.org/CVERecord?id=CVE-2009-3604 cve-icon
https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00750.html cve-icon cve-icon
https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00784.html cve-icon cve-icon
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2009-10-21T17:00:00

Updated: 2024-08-07T06:31:10.557Z

Reserved: 2009-10-09T00:00:00

Link: CVE-2009-3604

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2009-10-21T17:30:00.313

Modified: 2024-11-21T01:07:46.920

Link: CVE-2009-3604

cve-icon Redhat

Severity : Important

Publid Date: 2009-10-14T00:00:00Z

Links: CVE-2009-3604 - Bugzilla