Vulnerability & Exploit Database

Displaying entries 1 - 10 of 12 in total

Results for: CVE-2009-3606 Back to search

SUSE Linux Security Advisory: SUSE-SR:2009:018 Vulnerability

  • Severity: 9
  • Published: October 21, 2009

Integer overflow in the ObjectStream::ObjectStream function in XRef.cc in Xpdf 3.x before 3.02pl4 and Poppler before 0.12.1, as used in GPdf, kdegraphics KPDF, CUPS pdftops, and teTeX, might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow.

SUSE Linux Security Vulnerability: CVE-2009-3606 Vulnerability

  • Severity: 9
  • Published: October 21, 2009

Integer overflow in the PSOutputDev::doImageL1Sep function in Xpdf before 3.02pl4, and Poppler 0.x, as used in kdegraphics KPDF, might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow.

RHSA-2009:1502: kdegraphics security update Vulnerability

  • Severity: 9
  • Published: October 21, 2009

The kdegraphics packages contain applications for the K DesktopEnvironment, including KPDF, a viewer for Portable Document Format (PDF)files.Multiple integer overflow flaws were found in KPDF. An attacker couldcreate a malicious PDF file that would cause KPDF to crash or, potentially,execute arbitrary code when opened. (CVE-2009-0791, CV...

RHSA-2009:1501: xpdf security update Vulnerability

  • Severity: 9
  • Published: October 21, 2009

Xpdf is an X Window System based viewer for Portable Document Format (PDF)files.Multiple integer overflow flaws were found in Xpdf. An attacker couldcreate a malicious PDF file that would cause Xpdf to crash or, potentially,execute arbitrary code when opened. (CVE-2009-0791, CVE-2009-1188,CVE-2009-3604, CVE-2009-3606, CVE-2009-3608, CVE-...

RHSA-2009:1500: xpdf security update Vulnerability

  • Severity: 9
  • Published: October 21, 2009

An updated xpdf package that fixes multiple security issues is now available for Red Hat Enterprise Linux 3. This update has been rated as having important security impact by the Red Hat Security Response Team.

Xpdf is an X Window System based viewer for Portable Document Format (PDF) files. Multiple integer overflow flaws were...

RHSA-2009:0480: poppler security update Vulnerability

  • Severity: 9
  • Published: October 21, 2009

Poppler is a Portable Document Format (PDF) rendering library, used byapplications such as Evince.Multiple integer overflow flaws were found in poppler. An attacker couldcreate a malicious PDF file that would cause applications that use poppler(such as Evince) to crash or, potentially, execute arbitrary code whenopened. (CVE-2009-0147, C...

RHSA-2009:0458: gpdf security update Vulnerability

  • Severity: 9
  • Published: October 21, 2009

GPdf is a viewer for Portable Document Format (PDF) files.Multiple integer overflow flaws were found in GPdf's JBIG2 decoder. Anattacker could create a malicious PDF file that would cause GPdf to crashor, potentially, execute arbitrary code when opened. (CVE-2009-0147,CVE-2009-1179)Multiple buffer overflow flaws were found in GPdf's JBIG...

Gentoo Linux: CVE-2009-3606: Poppler: Multiple vulnerabilities Vulnerability

  • Severity: 9
  • Published: October 21, 2009

Integer overflow in the PSOutputDev::doImageL1Sep function in Xpdf before 3.02pl4, and Poppler 0.x, as used in kdegraphics KPDF, might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow.

Cent OS: CVE-2009-3606: CESA-2009:1502 (kdegraphics) Vulnerability

  • Severity: 9
  • Published: October 21, 2009

Integer overflow in the PSOutputDev::doImageL1Sep function in Xpdf before 3.02pl4, and Poppler 0.x, as used in kdegraphics KPDF, might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow.

USN-973-1: KOffice vulnerabilities Vulnerability

  • Severity: 10
  • Published: April 23, 2009

Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, as used in Poppler and other products, when running on Mac OS X, has unspecified impact, related to "g*allocn."