Multiple integer overflows in Poppler 0.10.5 and earlier allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF file, related to (1) glib/poppler-page.cc; (2) ArthurOutputDev.cc, (3) CairoOutputDev.cc, (4) GfxState.cc, (5) JBIG2Stream.cc, (6) PSOutputDev.cc, and (7) SplashOutputDev.cc in poppler/; and (8) SplashBitmap.cc, (9) Splash.cc, and (10) SplashFTFont.cc in splash/. NOTE: this may overlap CVE-2009-0791.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2009-11-02T15:00:00

Updated: 2024-08-07T06:31:10.587Z

Reserved: 2009-10-09T00:00:00

Link: CVE-2009-3605

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2009-11-02T15:30:00.483

Modified: 2024-11-21T01:07:47.103

Link: CVE-2009-3605

cve-icon Redhat

Severity : Moderate

Publid Date: 2009-05-19T00:00:00Z

Links: CVE-2009-3605 - Bugzilla