Debian 5.0: DSA-2028-1 Moderate: Xpdf Remote Code Issues
debian
April 5, 2010
Several vulnerabilities have been identified in xpdf, a suite of tools for viewing and converting Portable Document Format (PDF) files
Topics Covered
Summary
Package : xpdf
Vulnerability : multiple
Problem type : local (remote)
Debian-specific: no
Debian bug : 551287
CVE ID : CVE-2009-1188 CVE-2009-3603 CVE-2009-3604 CVE-2009-3606
CVE-2009-3608 CVE-2009-3609
Several vulnerabilities have been identified in xpdf, a suite of tools for
viewing and converting Portable Document Format (PDF) files.
The Common Vulnerabilities and Exposures project identifies the following
problems:
CVE-2009-1188 and CVE-2009-3603
Integer overflow in SplashBitmap::SplashBitmap which might allow remote
attackers to execute arbitrary code or an application crash via a crafted
PDF document.
CVE-2009-3604
NULL pointer dereference or heap-based buffer overflow in
Splash::drawImage which might allow remote attackers to cause a denial
of service (application crash) or possibly execute arbitrary code via
a crafted PDF document.
CVE-2009-3606
Integer overflow in the PSOutputDev::doImageL1Sep which might allow
remote att...
PREVIOUS
NEXT
Package: xpdf
CVE ID: CVE-2009-1188 CVE-2009-3603 CVE-2009-3604 CVE-2009-3606
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!