CVE-2009-3603

NONECVSS 0.0

0.0

Integer overflow in the SplashBitmap::SplashBitmap function in Xpdf 3.x before 3.02pl4 and Poppler before 0.12.1 might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow. NOTE: some of these details are obtained from third party information. NOTE: this issue reportedly exists because of an incomplete fix for CVE-2009-1188.

🔗 References (70)

secalert@redhatftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl4.patch
secalert@redhathttp://lists.fedoraproject.org/pipermail/package-announce/2010-February/035340.html
secalert@redhathttp://lists.fedoraproject.org/pipermail/package-announce/2010-February/035399.html
secalert@redhathttp://lists.fedoraproject.org/pipermail/package-announce/2010-February/035408.html
secalert@redhathttp://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html
secalert@redhathttp://poppler.freedesktop.org/
secalert@redhathttp://secunia.com/advisories/37034
secalert@redhathttp://secunia.com/advisories/37053
secalert@redhathttp://secunia.com/advisories/37054
secalert@redhathttp://secunia.com/advisories/37114
secalert@redhathttp://secunia.com/advisories/37159
secalert@redhathttp://secunia.com/advisories/39327
secalert@redhathttp://secunia.com/advisories/39938
secalert@redhathttp://securitytracker.com/id?1023029
secalert@redhathttp://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1

Is Your Infrastructure Affected by CVE-2009-3603?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2009-3603

📅 Published

🔄 Last Modified

🔗 References (70)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2009-3603?