Integer Overflow Vulnerability in PDF Decoding for Xpdf and Poppler
CVE-2009-1188

Currently unrated

Key Information:

Vendor

Poppler

Status
Poppler
Vendor
CVE Published:
23 April 2009

What is CVE-2009-1188?

An integer overflow fault exists in the JBIG2 decoding feature within the SplashBitmap::SplashBitmap function found in the SplashBitmap.cc file, affecting Xpdf versions before 3.02pl4 and Poppler versions prior to 0.10.6. This security flaw can be exploited by remote attackers through specially crafted PDF files, leading to the execution of arbitrary code or causing an application crash, which results in a denial of service.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://secunia.com/advisories/39938
third-party-advisoryx_refsource_SECUNIA
https://oval.cisecurity.org/repository/search/definition/...
vdb-entrysignaturex_refsource_OVAL
http://secunia.com/advisories/37028
third-party-advisoryx_refsource_SECUNIA

EPSS Score

21% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.