Multiple integer overflows in Poppler 0.10.5 and earlier allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF file, related to (1) glib/poppler-page.cc; (2) ArthurOutputDev.cc, (3) CairoOutputDev.cc, (4) GfxState.cc, (5) JBIG2Stream.cc, (6) PSOutputDev.cc, and (7) SplashOutputDev.cc in poppler/; and (8) SplashBitmap.cc, (9) Splash.cc, and (10) SplashFTFont.cc in splash/. NOTE: this may overlap CVE-2009-0791.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: redhat
Published: 2009-11-02T15:00:00
Updated: 2024-08-07T06:31:10.587Z
Reserved: 2009-10-09T00:00:00
Link: CVE-2009-3605
Vulnrichment
No data.
NVD
Status : Modified
Published: 2009-11-02T15:30:00.483
Modified: 2024-11-21T01:07:47.103
Link: CVE-2009-3605
Redhat