4.3

CVE-2009-3609

Exploit
Integer overflow in the ImageStream::ImageStream function in Stream.cc in Xpdf before 3.02pl4 and Poppler before 0.12.1, as used in GPdf, kdegraphics KPDF, and CUPS pdftops, allows remote attackers to cause a denial of service (application crash) via a crafted PDF document that triggers a NULL pointer dereference or buffer over-read.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
FoolabsXpdf Version3.02pl1
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
FoolabsXpdf Version3.02pl2
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
FoolabsXpdf Version3.02pl3
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
GlyphandcogXpdfreader Version3.00
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
GlyphandcogXpdfreader Version3.01
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
GlyphandcogXpdfreader Version3.02
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
PopplerPoppler Version <= 0.12.0
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
PopplerPoppler Version0.1
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
PopplerPoppler Version0.1.1
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
PopplerPoppler Version0.1.2
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
PopplerPoppler Version0.2.0
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
PopplerPoppler Version0.3.0
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
PopplerPoppler Version0.3.1
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
PopplerPoppler Version0.3.2
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
PopplerPoppler Version0.3.3
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
PopplerPoppler Version0.4.0
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
PopplerPoppler Version0.4.1
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
PopplerPoppler Version0.4.2
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
PopplerPoppler Version0.4.3
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
PopplerPoppler Version0.4.4
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
PopplerPoppler Version0.5.0
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
PopplerPoppler Version0.5.1
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
PopplerPoppler Version0.5.2
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
PopplerPoppler Version0.5.3
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
PopplerPoppler Version0.5.4
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
PopplerPoppler Version0.5.9
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
PopplerPoppler Version0.6.0
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
PopplerPoppler Version0.6.1
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
PopplerPoppler Version0.6.2
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
PopplerPoppler Version0.6.3
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
PopplerPoppler Version0.6.4
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
PopplerPoppler Version0.7.0
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
PopplerPoppler Version0.7.1
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
PopplerPoppler Version0.7.2
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
PopplerPoppler Version0.7.3
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
PopplerPoppler Version0.8.0
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
PopplerPoppler Version0.8.1
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
PopplerPoppler Version0.8.2
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
PopplerPoppler Version0.8.3
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
PopplerPoppler Version0.8.4
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
PopplerPoppler Version0.8.6
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
PopplerPoppler Version0.8.7
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
PopplerPoppler Version0.9.0
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
PopplerPoppler Version0.9.1
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
PopplerPoppler Version0.9.2
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
PopplerPoppler Version0.9.3
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
PopplerPoppler Version0.10.0
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
PopplerPoppler Version0.10.1
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
PopplerPoppler Version0.10.2
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
PopplerPoppler Version0.10.3
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
PopplerPoppler Version0.10.4
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
PopplerPoppler Version0.10.5
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
PopplerPoppler Version0.10.6
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
PopplerPoppler Version0.10.7
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
PopplerPoppler Version0.11.0
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
PopplerPoppler Version0.11.1
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
PopplerPoppler Version0.11.2
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
PopplerPoppler Version0.11.3
   Glyph And CogPdftops
   GnomeGpdf
   KdeKpdf
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 5.62% 0.899
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4.3 8.6 2.9
AV:N/AC:M/Au:N/C:N/I:N/A:P
http://poppler.freedesktop.org/
Patch
Vendor Advisory