Overview
Xpdf and poppler contain multiple vulnerabilities, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system.
Description
Xpdf is an open source viewer for Portable Document Format (PDF) files. Several PDF viewing applications and libraries, such as poppler, are based on the Xpdf code. Xpdf contains multiple vulnerabilities related to the handling of PDF files that contain JBIG2 data. The vulnerabilities include, but are not limited to, a buffer overflow, an integer overflow, a null pointer dereference, and an infinite loop. |
Impact
By convincing a user to open a malicious PDF file, an attacker may be able to execute code or cause a vulnerable PDF viewer to crash. The PDF could be emailed as an attachment or hosted on a website. |
Solution
Apply an update These issues are addressed in Xpdf 3.02-pl3 and poppler 0.10.6. Please check with your vendor for software updates. |
Vendor Information
CVSS Metrics
| Group | Score | Vector |
|---|---|---|
| Base | 9 | AV:N/AC:M/Au:N/C:C/I:C/A:P |
| Temporal | 7 | E:POC/RL:OF/RC:C |
| Environmental | 7 | CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND |
References
- http://cgit.freedesktop.org/poppler/poppler/commit/?id=9f1312f3d7dfa7e536606a7c7296b7c876b11c00
- ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl3.patch
- http://www.ubuntu.com/usn/usn-759-1
- http://blackberry.com/btsc/KB17953
- http://rhn.redhat.com/errata/RHSA-2009-0429.html
- http://rhn.redhat.com/errata/RHSA-2009-0431.html
- http://www.mandriva.com/en/security/advisories?name=MDVSA-2009:101
- http://www.debian.org/security/2009/dsa-1790
- http://support.apple.com/kb/HT3549
- http://secunia.com/advisories/34291/
- http://www.securitytracker.com/alerts/2009/Apr/1022072.html
- http://www.securityfocus.com/bid/34568
- http://jvn.jp/cert/JVNVU196617/index.html
Acknowledgements
These vulnerabilities were reported by Will Dormann of the CERT/CC.
This document was written by Will Dormann.
Other Information
| CVE IDs: | CVE-2009-0799, CVE-2009-0800, CVE-2009-1179, CVE-2009-1180, CVE-2009-1181, CVE-2009-1182, CVE-2009-1183, CVE-2009-1187, CVE-2009-1188 |
| Severity Metric: | 5.01 |
| Date Public: | 2009-04-16 |
| Date First Published: | 2009-04-16 |
| Date Last Updated: | 2012-03-28 14:29 UTC |
| Document Revision: | 42 |