4.3

CVE-2009-3609

Exploit

Integer overflow in the ImageStream::ImageStream function in Stream.cc in Xpdf before 3.02pl4 and Poppler before 0.12.1, as used in GPdf, kdegraphics KPDF, and CUPS pdftops, allows remote attackers to cause a denial of service (application crash) via a crafted PDF document that triggers a NULL pointer dereference or buffer over-read.

Data is provided by the National Vulnerability Database (NVD)
FoolabsXpdf Version3.02pl1
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
FoolabsXpdf Version3.02pl2
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
FoolabsXpdf Version3.02pl3
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
GlyphandcogXpdfreader Version3.00
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
GlyphandcogXpdfreader Version3.01
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
GlyphandcogXpdfreader Version3.02
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
PopplerPoppler Version <= 0.12.0
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
PopplerPoppler Version0.1
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
PopplerPoppler Version0.1.1
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
PopplerPoppler Version0.1.2
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
PopplerPoppler Version0.2.0
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
PopplerPoppler Version0.3.0
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
PopplerPoppler Version0.3.1
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
PopplerPoppler Version0.3.2
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
PopplerPoppler Version0.3.3
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
PopplerPoppler Version0.4.0
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
PopplerPoppler Version0.4.1
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
PopplerPoppler Version0.4.2
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
PopplerPoppler Version0.4.3
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
PopplerPoppler Version0.4.4
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
PopplerPoppler Version0.5.0
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
PopplerPoppler Version0.5.1
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
PopplerPoppler Version0.5.2
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
PopplerPoppler Version0.5.3
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
PopplerPoppler Version0.5.4
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
PopplerPoppler Version0.5.9
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
PopplerPoppler Version0.6.0
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
PopplerPoppler Version0.6.1
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
PopplerPoppler Version0.6.2
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
PopplerPoppler Version0.6.3
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
PopplerPoppler Version0.6.4
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
PopplerPoppler Version0.7.0
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
PopplerPoppler Version0.7.1
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
PopplerPoppler Version0.7.2
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
PopplerPoppler Version0.7.3
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
PopplerPoppler Version0.8.0
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
PopplerPoppler Version0.8.1
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
PopplerPoppler Version0.8.2
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
PopplerPoppler Version0.8.3
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
PopplerPoppler Version0.8.4
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
PopplerPoppler Version0.8.6
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
PopplerPoppler Version0.8.7
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
PopplerPoppler Version0.9.0
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
PopplerPoppler Version0.9.1
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
PopplerPoppler Version0.9.2
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
PopplerPoppler Version0.9.3
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
PopplerPoppler Version0.10.0
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
PopplerPoppler Version0.10.1
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
PopplerPoppler Version0.10.2
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
PopplerPoppler Version0.10.3
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
PopplerPoppler Version0.10.4
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
PopplerPoppler Version0.10.5
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
PopplerPoppler Version0.10.6
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
PopplerPoppler Version0.10.7
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
PopplerPoppler Version0.11.0
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
PopplerPoppler Version0.11.1
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
PopplerPoppler Version0.11.2
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
PopplerPoppler Version0.11.3
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 5.3% 0.896
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 4.3 8.6 2.9
AV:N/AC:M/Au:N/C:N/I:N/A:P
http://poppler.freedesktop.org/
Patch
Vendor Advisory