Integer Overflow Vulnerability in Xpdf and Poppler Products
CVE-2009-3603

Currently unrated

Key Information:

Vendor

Poppler

Status
Poppler
XPDF
XPDFreader
Vendor
CVE Published:
21 October 2009

What is CVE-2009-3603?

An integer overflow exists in the SplashBitmap::SplashBitmap function within Xpdf versions prior to 3.02pl4 and Poppler versions earlier than 0.12.1. This vulnerability can be exploited by remote attackers through the use of specially crafted PDF documents, leading to a potential heap-based buffer overflow. The root of the issue is attributed to an incomplete fix related to previous vulnerabilities, allowing unintended code execution.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://secunia.com/advisories/39938
third-party-advisoryx_refsource_SECUNIA
https://rhn.redhat.com/errata/RHSA-2009-1504.html
vendor-advisoryx_refsource_REDHAT
ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl4.patch
x_refsource_CONFIRM

EPSS Score

6% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.