Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2009-3604
Description:The Splash::drawImage function in Splash.cc in Xpdf 2.x and 3.x before 3.02pl4, and Poppler 0.x, as used in GPdf and kdegraphics KPDF, does not properly allocate memory, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document that triggers a NULL pointer dereference or a heap-based buffer overflow.
Test IDs: 1.3.6.1.4.1.25623.1.0.66140   1.3.6.1.4.1.25623.1.0.66015   1.3.6.1.4.1.25623.1.0.67264   1.3.6.1.4.1.25623.1.0.66092   1.3.6.1.4.1.25623.1.0.66017   1.3.6.1.4.1.25623.1.0.66014   1.3.6.1.4.1.25623.1.0.66943   1.3.6.1.4.1.25623.1.0.66013   1.3.6.1.4.1.25623.1.0.66012   1.3.6.1.4.1.25623.1.0.66945   1.3.6.1.4.1.25623.1.0.66139   1.3.6.1.4.1.25623.1.0.66938   1.3.6.1.4.1.25623.1.0.66094   1.3.6.1.4.1.25623.1.0.880909   1.3.6.1.4.1.25623.1.0.880700   1.3.6.1.4.1.25623.1.0.880912   1.3.6.1.4.1.25623.1.0.880906   1.3.6.1.4.1.25623.1.0.880758  
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2009-3604
BugTraq ID: 36703
http://www.securityfocus.com/bid/36703
Debian Security Information: DSA-2028 (Google Search)
http://www.debian.org/security/2010/dsa-2028
Debian Security Information: DSA-2050 (Google Search)
http://www.debian.org/security/2010/dsa-2050
https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00750.html
https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00784.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035408.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035340.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035399.html
http://www.mandriva.com/security/advisories?name=MDVSA-2009:287
http://www.mandriva.com/security/advisories?name=MDVSA-2010:087
http://www.mandriva.com/security/advisories?name=MDVSA-2011:175
http://site.pi3.com.pl/adv/xpdf.txt
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10969
RedHat Security Advisories: RHSA-2009:1500
https://rhn.redhat.com/errata/RHSA-2009-1500.html
RedHat Security Advisories: RHSA-2009:1501
https://rhn.redhat.com/errata/RHSA-2009-1501.html
RedHat Security Advisories: RHSA-2009:1502
https://rhn.redhat.com/errata/RHSA-2009-1502.html
RedHat Security Advisories: RHSA-2009:1503
https://rhn.redhat.com/errata/RHSA-2009-1503.html
RedHat Security Advisories: RHSA-2009:1512
https://rhn.redhat.com/errata/RHSA-2009-1512.html
http://securitytracker.com/id?1023029
http://secunia.com/advisories/37023
http://secunia.com/advisories/37028
http://secunia.com/advisories/37037
http://secunia.com/advisories/37042
http://secunia.com/advisories/37043
http://secunia.com/advisories/37053
http://secunia.com/advisories/37077
http://secunia.com/advisories/37079
http://secunia.com/advisories/37114
http://secunia.com/advisories/37159
http://secunia.com/advisories/39327
http://secunia.com/advisories/39938
http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1
http://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1
SuSE Security Announcement: SUSE-SR:2009:018 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html
http://www.ubuntu.com/usn/USN-850-1
http://www.ubuntu.com/usn/USN-850-3
http://www.vupen.com/english/advisories/2009/2924
http://www.vupen.com/english/advisories/2009/2928
http://www.vupen.com/english/advisories/2010/0802
http://www.vupen.com/english/advisories/2010/1040
http://www.vupen.com/english/advisories/2010/1220
XForce ISS Database: xpdf-splashdrawimage-bo(53795)
https://exchange.xforce.ibmcloud.com/vulnerabilities/53795




© 1998-2021 E-Soft Inc. All rights reserved.