Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2009-4035
Description:The FoFiType1::parse function in fofi/ in Xpdf 3.0.0, gpdf 2.8.2, kpdf in kdegraphics 3.3.1, and possibly other libraries and versions, does not check the return value of the getNextLine function, which allows context-dependent attackers to execute arbitrary code via a PDF file with a crafted Type 1 font that can produce a negative value, leading to a signed-to-unsigned integer conversion error and a buffer overflow.
Test IDs:  
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2009-4035
BugTraq ID: 37350
RedHat Security Advisories: RHSA-2009:1680
RedHat Security Advisories: RHSA-2009:1681
RedHat Security Advisories: RHSA-2009:1682
SuSE Security Announcement: SUSE-SR:2010:003 (Google Search)
XForce ISS Database: xpdf-fofitype1parse-bo(54831)

© 1998-2021 E-Soft Inc. All rights reserved.