CVE-2009-3606

NONECVSS 0.0

0.0

Integer overflow in the PSOutputDev::doImageL1Sep function in Xpdf before 3.02pl4, and Poppler 0.x, as used in kdegraphics KPDF, might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow.

🔗 References (84)

secalert@redhatftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl4.patch
secalert@redhathttp://cgit.freedesktop.org/poppler/poppler/diff/poppler/PSOutputDev.cc?id=7b2d314a61
secalert@redhathttp://lists.fedoraproject.org/pipermail/package-announce/2010-February/035340.html
secalert@redhathttp://lists.fedoraproject.org/pipermail/package-announce/2010-February/035399.html
secalert@redhathttp://lists.fedoraproject.org/pipermail/package-announce/2010-February/035408.html
secalert@redhathttp://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html
secalert@redhathttp://secunia.com/advisories/37023
secalert@redhathttp://secunia.com/advisories/37037
secalert@redhathttp://secunia.com/advisories/37042
secalert@redhathttp://secunia.com/advisories/37043
secalert@redhathttp://secunia.com/advisories/37053
secalert@redhathttp://secunia.com/advisories/37077
secalert@redhathttp://secunia.com/advisories/37159
secalert@redhathttp://secunia.com/advisories/39327
secalert@redhathttp://secunia.com/advisories/39938

Is Your Infrastructure Affected by CVE-2009-3606?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2009-3606

📅 Published

🔄 Last Modified

🔗 References (84)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2009-3606?