Jump to content

Advisories MDVSA-2010:055: poppler

paul

By paul
in Mandriva Security Advisories

 Share

Recommended Posts

paul Platinum

paul

Posted
Posted

An out-of-bounds reading flaw in the JBIG2 decoder allows remote

attackers to cause a denial of service (crash) via a crafted PDF file

(CVE-2009-0799).

 

Multiple input validation flaws in the JBIG2 decoder allows

remote attackers to execute arbitrary code via a crafted PDF file

(CVE-2009-0800).

 

An integer overflow in the JBIG2 decoder allows remote attackers to

execute arbitrary code via a crafted PDF file (CVE-2009-1179).

 

A free of invalid data flaw in the JBIG2 decoder allows remote

attackers to execute arbitrary code via a crafted PDF (CVE-2009-1180).

 

A NULL pointer dereference flaw in the JBIG2 decoder allows remote

attackers to cause denial of service (crash) via a crafted PDF file

(CVE-2009-1181).

 

Multiple buffer overflows in the JBIG2 MMR decoder allows remote

attackers to cause denial of service or to execute arbitrary code

via a crafted PDF file (CVE-2009-1182, CVE-2009-1183).

 

An integer overflow in the JBIG2 decoding feature allows remote

attackers to cause a denial of service (crash) and possibly execute

arbitrary code via vectors related to CairoOutputDev (CVE-2009-1187).

 

An integer overflow in the JBIG2 decoding feature allows remote

attackers to execute arbitrary code or cause a denial of service

(application crash) via a crafted PDF document (CVE-2009-1188).

 

Integer overflow in the SplashBitmap::SplashBitmap function in Xpdf 3.x

before 3.02pl4 and Poppler before 0.12.1 might allow remote attackers

to execute arbitrary code via a crafted PDF document that triggers a

heap-based buffer overflow. NOTE: some of these details are obtained

from third party information. NOTE: this issue reportedly exists

because of an incomplete fix for CVE-2009-1188 (CVE-2009-3603).

 

The Splash::drawImage function in Splash.cc in Xpdf 2.x and 3.x

before 3.02pl4, and Poppler 0.x, as used in GPdf and kdegraphics KPDF,

does not properly allocate memory, which allows remote attackers to

cause a denial of service (application crash) or possibly execute

arbitrary code via a crafted PDF document that triggers a NULL pointer

dereference or a heap-based buffer overflow (CVE-2009-3604).

 

Multiple integer overflows allow remote attackers to cause a denial

of service (application crash) or possibly execute arbitrary code

via a crafted PDF file, related to (1) glib/poppler-page.cc; (2)

ArthurOutputDev.cc, (3) CairoOutputDev.cc, (4) GfxState.cc, (5)

JBIG2Stream.cc, (6) PSOutputDev.cc, and (7) SplashOutputDev.cc

in poppler/; and (8) SplashBitmap.cc, (9) Splash.cc, and (10)

SplashFTFont.cc in splash/. NOTE: this may overlap CVE-2009-0791

(CVE-2009-3605).

 

Integer overflow in the PSOutputDev::doImageL1Sep function in Xpdf

before 3.02pl4, and Poppler 0.x, as used in kdegraphics KPDF, might

allow remote attackers to execute arbitrary code via a crafted PDF

document that triggers a heap-based buffer overflow (CVE-2009-3606).

 

Integer overflow in the create_surface_from_thumbnail_data function

in glib/poppler-page.cc allows remote attackers to cause a denial of

service (memory corruption) or possibly execute arbitrary code via a

crafted PDF document that triggers a heap-based buffer overflow. NOTE:

some of these details are obtained from third party information

(CVE-2009-3607).

 

Integer overflow in the ObjectStream::ObjectStream function in XRef.cc

in Xpdf 3.x before 3.02pl4 and Poppler before 0.12.1, as used in

GPdf, kdegraphics KPDF, CUPS pdftops, and teTeX, might allow remote

attackers to execute arbitrary code via a crafted PDF document that

triggers a heap-based buffer overflow (CVE-2009-3608).

 

Integer overflow in the ImageStream::ImageStream function in Stream.cc

in Xpdf before 3.02pl4 and Poppler before 0.12.1, as used in GPdf,

kdegraphics KPDF, and CUPS pdftops, allows remote attackers to

cause a denial of service (application crash) via a crafted PDF

document that triggers a NULL pointer dereference or buffer over-read

(CVE-2009-3609).

 

Buffer overflow in the ABWOutputDev::endWord function in

poppler/ABWOutputDev.cc as used by the Abiword pdftoabw utility,

allows user-assisted remote attackers to cause a denial of service and

possibly execute arbitrary code via a crafted PDF file (CVE-2009-3938).

This update provides fixes for that vulnerabilities.

Link to comment
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing
×
×
  • Create New...