CVE-2009-0756

The JBIG2Stream::readSymbolDictSeg function in Poppler before 0.10.4 allows remote attackers to cause a denial of service (crash) via a PDF file that triggers a parsing error, which is not properly handled by JBIG2SymbolDict::~JBIG2SymbolDict and triggers an invalid memory dereference.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:poppler:poppler:*:*:*:*:*:*:*:*
cpe:2.3:a:poppler:poppler:0.1:*:*:*:*:*:*:*
cpe:2.3:a:poppler:poppler:0.1.1:*:*:*:*:*:*:*
cpe:2.3:a:poppler:poppler:0.1.2:*:*:*:*:*:*:*
cpe:2.3:a:poppler:poppler:0.2.0:*:*:*:*:*:*:*
cpe:2.3:a:poppler:poppler:0.3.0:*:*:*:*:*:*:*
cpe:2.3:a:poppler:poppler:0.3.1:*:*:*:*:*:*:*
cpe:2.3:a:poppler:poppler:0.3.2:*:*:*:*:*:*:*
cpe:2.3:a:poppler:poppler:0.3.3:*:*:*:*:*:*:*
cpe:2.3:a:poppler:poppler:0.4.0:*:*:*:*:*:*:*
cpe:2.3:a:poppler:poppler:0.4.1:*:*:*:*:*:*:*
cpe:2.3:a:poppler:poppler:0.4.2:*:*:*:*:*:*:*
cpe:2.3:a:poppler:poppler:0.4.3:*:*:*:*:*:*:*
cpe:2.3:a:poppler:poppler:0.4.4:*:*:*:*:*:*:*
cpe:2.3:a:poppler:poppler:0.5.0:*:*:*:*:*:*:*
cpe:2.3:a:poppler:poppler:0.5.1:*:*:*:*:*:*:*
cpe:2.3:a:poppler:poppler:0.5.2:*:*:*:*:*:*:*
cpe:2.3:a:poppler:poppler:0.5.3:*:*:*:*:*:*:*
cpe:2.3:a:poppler:poppler:0.5.4:*:*:*:*:*:*:*
cpe:2.3:a:poppler:poppler:0.5.9:*:*:*:*:*:*:*
cpe:2.3:a:poppler:poppler:0.5.90:*:*:*:*:*:*:*
cpe:2.3:a:poppler:poppler:0.5.91:*:*:*:*:*:*:*
cpe:2.3:a:poppler:poppler:0.6.0:*:*:*:*:*:*:*
cpe:2.3:a:poppler:poppler:0.6.1:*:*:*:*:*:*:*
cpe:2.3:a:poppler:poppler:0.6.2:*:*:*:*:*:*:*
cpe:2.3:a:poppler:poppler:0.6.3:*:*:*:*:*:*:*
cpe:2.3:a:poppler:poppler:0.6.4:*:*:*:*:*:*:*
cpe:2.3:a:poppler:poppler:0.7.0:*:*:*:*:*:*:*
cpe:2.3:a:poppler:poppler:0.7.1:*:*:*:*:*:*:*
cpe:2.3:a:poppler:poppler:0.7.2:*:*:*:*:*:*:*
cpe:2.3:a:poppler:poppler:0.7.3:*:*:*:*:*:*:*
cpe:2.3:a:poppler:poppler:0.8.4:*:*:*:*:*:*:*
cpe:2.3:a:poppler:poppler:0.10.1:*:*:*:*:*:*:*
cpe:2.3:a:poppler:poppler:0.10.2:*:*:*:*:*:*:*

History

21 Nov 2024, 01:00

Type Values Removed Values Added
References () http://bugs.freedesktop.org/show_bug.cgi?id=19702 - Exploit () http://bugs.freedesktop.org/show_bug.cgi?id=19702 - Exploit
References () http://lists.freedesktop.org/archives/poppler/2009-January/004403.html - Exploit () http://lists.freedesktop.org/archives/poppler/2009-January/004403.html - Exploit
References () http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html - () http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html -
References () http://secunia.com/advisories/33853 - Vendor Advisory () http://secunia.com/advisories/33853 - Vendor Advisory
References () http://secunia.com/advisories/35685 - () http://secunia.com/advisories/35685 -
References () http://wiki.rpath.com/Advisories:rPSA-2009-0059 - () http://wiki.rpath.com/Advisories:rPSA-2009-0059 -
References () http://www.openwall.com/lists/oss-security/2009/02/13/1 - () http://www.openwall.com/lists/oss-security/2009/02/13/1 -
References () http://www.openwall.com/lists/oss-security/2009/02/19/2 - () http://www.openwall.com/lists/oss-security/2009/02/19/2 -
References () http://www.securityfocus.com/archive/1/502761/100/0/threaded - () http://www.securityfocus.com/archive/1/502761/100/0/threaded -
References () http://www.securityfocus.com/bid/33749 - () http://www.securityfocus.com/bid/33749 -

Information

Published : 2009-03-03 16:30

Updated : 2024-11-21 01:00


NVD link : CVE-2009-0756

Mitre link : CVE-2009-0756

CVE.ORG link : CVE-2009-0756


JSON object : View

Products Affected

poppler

  • poppler