9.3

CVE-2009-3608

Exploit

Integer overflow in the ObjectStream::ObjectStream function in XRef.cc in Xpdf 3.x before 3.02pl4 and Poppler before 0.12.1, as used in GPdf, kdegraphics KPDF, CUPS pdftops, and teTeX, might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)
FoolabsXpdf Version3.02pl1
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
   TetexTetex
FoolabsXpdf Version3.02pl2
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
   TetexTetex
FoolabsXpdf Version3.02pl3
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
   TetexTetex
GlyphandcogXpdfreader Version3.00
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
   TetexTetex
GlyphandcogXpdfreader Version3.01
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
   TetexTetex
GlyphandcogXpdfreader Version3.02
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
   TetexTetex
PopplerPoppler Version <= 0.12.0
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
   TetexTetex
PopplerPoppler Version0.1
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
   TetexTetex
PopplerPoppler Version0.1.1
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
   TetexTetex
PopplerPoppler Version0.1.2
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
   TetexTetex
PopplerPoppler Version0.2.0
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
   TetexTetex
PopplerPoppler Version0.3.0
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
   TetexTetex
PopplerPoppler Version0.3.1
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
   TetexTetex
PopplerPoppler Version0.3.2
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
   TetexTetex
PopplerPoppler Version0.3.3
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
   TetexTetex
PopplerPoppler Version0.4.0
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
   TetexTetex
PopplerPoppler Version0.4.1
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
   TetexTetex
PopplerPoppler Version0.4.2
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
   TetexTetex
PopplerPoppler Version0.4.3
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
   TetexTetex
PopplerPoppler Version0.4.4
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
   TetexTetex
PopplerPoppler Version0.5.0
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
   TetexTetex
PopplerPoppler Version0.5.1
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
   TetexTetex
PopplerPoppler Version0.5.2
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
   TetexTetex
PopplerPoppler Version0.5.3
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
   TetexTetex
PopplerPoppler Version0.5.4
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
   TetexTetex
PopplerPoppler Version0.5.9
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
   TetexTetex
PopplerPoppler Version0.6.0
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
   TetexTetex
PopplerPoppler Version0.6.1
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
   TetexTetex
PopplerPoppler Version0.6.2
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
   TetexTetex
PopplerPoppler Version0.6.3
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
   TetexTetex
PopplerPoppler Version0.6.4
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
   TetexTetex
PopplerPoppler Version0.7.0
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
   TetexTetex
PopplerPoppler Version0.7.1
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
   TetexTetex
PopplerPoppler Version0.7.2
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
   TetexTetex
PopplerPoppler Version0.7.3
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
   TetexTetex
PopplerPoppler Version0.8.0
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
   TetexTetex
PopplerPoppler Version0.8.1
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
   TetexTetex
PopplerPoppler Version0.8.2
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
   TetexTetex
PopplerPoppler Version0.8.3
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
   TetexTetex
PopplerPoppler Version0.8.4
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
   TetexTetex
PopplerPoppler Version0.8.6
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
   TetexTetex
PopplerPoppler Version0.8.7
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
   TetexTetex
PopplerPoppler Version0.9.0
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
   TetexTetex
PopplerPoppler Version0.9.1
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
   TetexTetex
PopplerPoppler Version0.9.2
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
   TetexTetex
PopplerPoppler Version0.9.3
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
   TetexTetex
PopplerPoppler Version0.10.0
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
   TetexTetex
PopplerPoppler Version0.10.1
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
   TetexTetex
PopplerPoppler Version0.10.2
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
   TetexTetex
PopplerPoppler Version0.10.3
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
   TetexTetex
PopplerPoppler Version0.10.4
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
   TetexTetex
PopplerPoppler Version0.10.5
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
   TetexTetex
PopplerPoppler Version0.10.6
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
   TetexTetex
PopplerPoppler Version0.10.7
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
   TetexTetex
PopplerPoppler Version0.11.0
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
   TetexTetex
PopplerPoppler Version0.11.1
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
   TetexTetex
PopplerPoppler Version0.11.2
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
   TetexTetex
PopplerPoppler Version0.11.3
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
   TetexTetex
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 6.22% 0.899
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 9.3 8.6 10
AV:N/AC:M/Au:N/C:C/I:C/A:C
http://poppler.freedesktop.org/
Patch
Vendor Advisory