Integer Overflow Vulnerability in Poppler PDF Rendering Library
CVE-2009-3607

Currently unrated

Key Information:

Vendor

Poppler

Status
Poppler
Vendor
CVE Published:
21 October 2009

What is CVE-2009-3607?

The Poppler PDF rendering library contains an integer overflow vulnerability in the create_surface_from_thumbnail_data function. This flaw can be exploited by remote attackers to induce a denial of service through memory corruption or potentially allow arbitrary code execution by crafting a malicious PDF document, which triggers a heap-based buffer overflow during the processing of thumbnail data.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.debian.org/security/2009/dsa-1941
vendor-advisoryx_refsource_DEBIAN
http://www.openwall.com/lists/oss-security/2009/12/01/6
mailing-listx_refsource_MLIST
https://www.redhat.com/archives/fedora-package-announce/2...
vendor-advisoryx_refsource_FEDORA

EPSS Score

6% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.