Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-3938

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2009-3938
Last Modified 18 Jan 2012 10:42:32
Published 13 Nov 2009 11:30:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2009-3938

Summary

Buffer overflow in the ABWOutputDev::endWord function in poppler/ABWOutputDev.cc in Poppler (aka libpoppler) 0.10.6, 0.12.0, and possibly other versions, as used by the Abiword pdftoabw utility, allows user-assisted remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted PDF file.

Vulnerable Systems

Application

  • Poppler 0.10.6

  • Poppler 0.12.0


References

MISC - http://bugs.freedesktop.org/attachment.cgi?id=30599&action=edit

XF - poppler-abwoutputdev-bo(54215)

VUPEN - ADV-2009-3227

BID - 36976

DEBIAN - DSA-1941

SECUNIA - 37333

CONFIRM - http://bugs.freedesktop.org/show_bug.cgi?id=23074

CONFIRM - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=534680

MANDRIVA - MDVSA-2011:175


Last Updated: 27 May 2016 10:57:20