Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2009-3608

Integer overflow in the ObjectStream::ObjectStream function in XRef.cc in Xpdf 3.x before 3.02pl4 and Poppler before 0.12.1, as used in GPdf, kdegraphics KPDF, CUPS pdftops, and teTeX, might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow.

Related bugs and status

CVE-2009-3608 (Candidate) is related to these bugs:

Bug #556483: Merge xpdf 3.02-2 from Debian Unstable

Summary				In	Importance	Status
	556483	Merge xpdf 3.02-2 from Debian Unstable		xpdf (Ubuntu)	Wishlist	Fix Released

See the

CVE page on Mitre.org for more details.

References

MISC: http://www.ocert.org/a...
MISC: http://sunsolve.sun.co...
MISC: http://securitytracker...
MISC: http://sunsolve.sun.co...
MISC: http://www.securityfoc...
MISC: http://secunia.com/adv...
MISC: http://secunia.com/adv...
MISC: http://secunia.com/adv...
MISC: http://secunia.com/adv...
MISC: http://secunia.com/adv...
MISC: http://secunia.com/adv...
MISC: http://secunia.com/adv...
MISC: http://secunia.com/adv...
MISC: http://secunia.com/adv...
MISC: http://secunia.com/adv...
MISC: http://secunia.com/adv...
MISC: http://secunia.com/adv...
MISC: http://secunia.com/adv...
MISC: http://secunia.com/adv...
MISC: http://www.vupen.com/e...
MISC: http://www.vupen.com/e...
MISC: http://www.vupen.com/e...
MISC: http://www.vupen.com/e...
MISC: http://www.vupen.com/e...
MISC: http://www.vupen.com/e...
MISC: http://www.debian.org/...
MISC: http://www.debian.org/...
MISC: http://www.debian.org/...
MISC: https://www.redhat.com...
MISC: https://www.redhat.com...
MISC: http://lists.fedorapro...
MISC: http://lists.fedorapro...
MISC: http://lists.fedorapro...
MISC: http://www.mandriva.co...
MISC: http://www.mandriva.co...
MISC: http://www.mandriva.co...
MISC: https://bugzilla.redha...
MISC: https://rhn.redhat.com...
MISC: https://rhn.redhat.com...
MISC: https://rhn.redhat.com...
MISC: https://rhn.redhat.com...
MISC: https://rhn.redhat.com...
MISC: https://rhn.redhat.com...
MISC: http://lists.opensuse....
MISC: http://www.ubuntu.com/...
MISC: http://www.ubuntu.com/...
MISC: http://www.openwall.co...
MISC: http://www.openwall.co...
MISC: http://www.openwall.co...
MISC: ftp://ftp.foolabs.com/...
MISC: http://poppler.freedes...
MISC: https://oval.cisecurit...
MISC: https://exchange.xforc...