This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Poppler First view 2005-12-31
Product Poppler Last view 2009-11-02
Version 0.4.2 Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:poppler:poppler

Activity : Overall

Related : CVE

  Date Alert Description
6.8 2009-11-02 CVE-2009-3605

Multiple integer overflows in Poppler 0.10.5 and earlier allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF file, related to (1) glib/poppler-page.cc; (2) ArthurOutputDev.cc, (3) CairoOutputDev.cc, (4) GfxState.cc, (5) JBIG2Stream.cc, (6) PSOutputDev.cc, and (7) SplashOutputDev.cc in poppler/; and (8) SplashBitmap.cc, (9) Splash.cc, and (10) SplashFTFont.cc in splash/. NOTE: this may overlap CVE-2009-0791.

4.3 2009-10-21 CVE-2009-3609

Integer overflow in the ImageStream::ImageStream function in Stream.cc in Xpdf before 3.02pl4 and Poppler before 0.12.1, as used in GPdf, kdegraphics KPDF, and CUPS pdftops, allows remote attackers to cause a denial of service (application crash) via a crafted PDF document that triggers a NULL pointer dereference or buffer over-read.

9.3 2009-10-21 CVE-2009-3608

Integer overflow in the ObjectStream::ObjectStream function in XRef.cc in Xpdf 3.x before 3.02pl4 and Poppler before 0.12.1, as used in GPdf, kdegraphics KPDF, CUPS pdftops, and teTeX, might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow.

9.3 2009-10-21 CVE-2009-3607

Integer overflow in the create_surface_from_thumbnail_data function in glib/poppler-page.cc in Poppler 0.x allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow. NOTE: some of these details are obtained from third party information.

9.3 2009-10-21 CVE-2009-3606

Integer overflow in the PSOutputDev::doImageL1Sep function in Xpdf before 3.02pl4, and Poppler 0.x, as used in kdegraphics KPDF, might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow.

9.3 2009-10-21 CVE-2009-3604

The Splash::drawImage function in Splash.cc in Xpdf 2.x and 3.x before 3.02pl4, and Poppler 0.x, as used in GPdf and kdegraphics KPDF, does not properly allocate memory, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document that triggers a NULL pointer dereference or a heap-based buffer overflow.

9.3 2009-10-21 CVE-2009-3603

Integer overflow in the SplashBitmap::SplashBitmap function in Xpdf 3.x before 3.02pl4 and Poppler before 0.12.1 might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow. NOTE: some of these details are obtained from third party information. NOTE: this issue reportedly exists because of an incomplete fix for CVE-2009-1188.

5 2009-04-23 CVE-2009-1188

Integer overflow in the JBIG2 decoding feature in the SplashBitmap::SplashBitmap function in SplashBitmap.cc in Xpdf 3.x before 3.02pl4 and Poppler before 0.10.6, as used in GPdf and kdegraphics KPDF, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document.

5 2009-04-23 CVE-2009-1187

Integer overflow in the JBIG2 decoding feature in Poppler before 0.10.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to CairoOutputDev (CairoOutputDev.cc).

4.3 2009-04-23 CVE-2009-1183

The JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service (infinite loop and hang) via a crafted PDF file.

7.5 2009-04-23 CVE-2009-1182

Multiple buffer overflows in the JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allow remote attackers to execute arbitrary code via a crafted PDF file.

4.3 2009-04-23 CVE-2009-1181

The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers a NULL pointer dereference.

6.8 2009-04-23 CVE-2009-1180

The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to execute arbitrary code via a crafted PDF file that triggers a free of invalid data.

6.8 2009-04-23 CVE-2009-1179

Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to execute arbitrary code via a crafted PDF file.

6.8 2009-04-23 CVE-2009-0800

Multiple "input validation flaws" in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allow remote attackers to execute arbitrary code via a crafted PDF file.

4.3 2009-04-23 CVE-2009-0799

The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers an out-of-bounds read.

4.3 2009-04-23 CVE-2009-0166

The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers a free of uninitialized memory.

5 2009-03-03 CVE-2009-0756

The JBIG2Stream::readSymbolDictSeg function in Poppler before 0.10.4 allows remote attackers to cause a denial of service (crash) via a PDF file that triggers a parsing error, which is not properly handled by JBIG2SymbolDict::~JBIG2SymbolDict and triggers an invalid memory dereference.

5 2009-03-03 CVE-2009-0755

The FormWidgetChoice::loadDefaults function in Poppler before 0.10.4 allows remote attackers to cause a denial of service (crash) via a PDF file with an invalid Form Opt entry.

7.5 2008-07-07 CVE-2008-2950

The Page destructor in Page.cc in libpoppler in Poppler 0.8.4 and earlier deletes a pageWidgets object even if it is not initialized by a Page constructor, which allows remote attackers to execute arbitrary code via a crafted PDF document.

6.8 2008-04-18 CVE-2008-1693

The CairoFont::create function in CairoFontEngine.cc in Poppler, possibly before 0.8.0, as used in Xpdf, Evince, ePDFview, KWord, and other applications, does not properly handle embedded fonts in PDF files, which allows remote attackers to execute arbitrary code via a crafted font object, related to dereferencing a function pointer associated with the type of this font object.

6.8 2007-07-30 CVE-2007-3387

Integer overflow in the StreamPredictor::StreamPredictor function in xpdf 3.02, as used in (1) poppler before 0.5.91, (2) gpdf before 2.8.2, (3) kpdf, (4) kdegraphics, (5) CUPS, (6) PDFedit, and other products, might allow remote attackers to execute arbitrary code via a crafted PDF file that triggers a stack-based buffer overflow in the StreamPredictor::getNextLine function.

5 2005-12-31 CVE-2005-3626

Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference.

10 2005-12-31 CVE-2005-3625

Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka "Infinite CPU spins."

5 2005-12-31 CVE-2005-3624

The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows.

CWE : Common Weakness Enumeration

%idName
47% (11) CWE-189 Numeric Errors
30% (7) CWE-399 Resource Management Errors
8% (2) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
8% (2) CWE-20 Improper Input Validation
4% (1) CWE-94 Failure to Control Generation of Code ('Code Injection')

Open Source Vulnerability Database (OSVDB)

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
59825 Poppler PDF Handling Multiple Unspecified Overflows
59184 Poppler XRef.cc ObjectStream::ObjectStream Function PDF Handling Overflow
59183 Xpdf XRef.cc ObjectStream::ObjectStream Function PDF Handling Overflow
59182 Poppler PSOutputDev::doImageL1Sep Function PDF Handling Overflow
59181 Xpdf PSOutputDev::doImageL1Sep Function PDF Handling Overflow
59180 Poppler Stream.cc ImageStream::ImageStream Function PDF Handling Overflow
59179 Xpdf Stream.cc ImageStream::ImageStream Function PDF Handling Overflow
59178 Poppler SplashBitmap::SplashBitmap Function PDF Handling Overflow
59177 Xpdf SplashBitmap::SplashBitmap Function PDF Handling Overflow
59176 Poppler Splash.cc Splash::drawImage Function PDF Handling Arbitrary Code Exec...
59175 Xpdf Splash.cc Splash::drawImage Function PDF Handling Arbitrary Code Execution
59143 Poppler glib/poppler-page.cc create_surface_from_thumbnail_data Function Over...
54808 Poppler JBIG2 Decoder SplashBitmap Handling Overflow
54807 Poppler JBIG2 Decoder CairoOutputDev Handling Overflow
54489 Xpdf JBIG2 Decoder PDF File Handling Unitialized Memory Free DoS
54488 CUPS JBIG2 Decoder PDF File Handling Unitialized Memory Free DoS
54487 Poppler JBIG2 Decoder PDF File Handling Out-of-bounds Read DoS
54486 Xpdf JBIG2 Decoder PDF File Handling Out-of-bounds Read DoS
54485 CUPS JBIG2 Decoder PDF File Handling Out-of-bounds Read DoS
54484 Poppler JBIG2 Decoder PDF File Handling NULL Dereference DoS
54483 Xpdf JBIG2 Decoder PDF File Handling NULL Dereference DoS
54482 CUPS JBIG2 Decoder PDF File Handling NULL Dereference DoS
54481 Poppler JBIG2 Decoder PDF File Handling Invalid Free Arbitrary Code Execution
54480 Xpdf JBIG2 Decoder PDF File Handling Invalid Free Arbitrary Code Execution
54479 CUPS JBIG2 Decoder PDF File Handling Invalid Free Arbitrary Code Execution

OpenVAS Exploits

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2011-11-18 Name : Mandriva Update for poppler MDVSA-2011:175 (poppler)
File : nvt/gb_mandriva_MDVSA_2011_175.nasl
2011-08-09 Name : CentOS Update for cups CESA-2009:0429 centos4 i386
File : nvt/gb_CESA-2009_0429_cups_centos4_i386.nasl
2011-08-09 Name : CentOS Update for cups CESA-2009:0429 centos5 i386
File : nvt/gb_CESA-2009_0429_cups_centos5_i386.nasl
2011-08-09 Name : CentOS Update for xpdf CESA-2009:0430 centos3 i386
File : nvt/gb_CESA-2009_0430_xpdf_centos3_i386.nasl
2011-08-09 Name : CentOS Update for xpdf CESA-2009:0430 centos4 i386
File : nvt/gb_CESA-2009_0430_xpdf_centos4_i386.nasl
2011-08-09 Name : CentOS Update for kdegraphics CESA-2009:0431 centos4 i386
File : nvt/gb_CESA-2009_0431_kdegraphics_centos4_i386.nasl
2011-08-09 Name : CentOS Update for kdegraphics CESA-2009:0431 centos5 i386
File : nvt/gb_CESA-2009_0431_kdegraphics_centos5_i386.nasl
2011-08-09 Name : CentOS Update for gpdf CESA-2009:0458 centos4 i386
File : nvt/gb_CESA-2009_0458_gpdf_centos4_i386.nasl
2011-08-09 Name : CentOS Update for poppler CESA-2009:0480 centos5 i386
File : nvt/gb_CESA-2009_0480_poppler_centos5_i386.nasl
2011-08-09 Name : CentOS Update for xpdf CESA-2009:1500 centos3 i386
File : nvt/gb_CESA-2009_1500_xpdf_centos3_i386.nasl
2011-08-09 Name : CentOS Update for xpdf CESA-2009:1501 centos4 i386
File : nvt/gb_CESA-2009_1501_xpdf_centos4_i386.nasl
2011-08-09 Name : CentOS Update for kdegraphics CESA-2009:1502 centos5 i386
File : nvt/gb_CESA-2009_1502_kdegraphics_centos5_i386.nasl
2011-08-09 Name : CentOS Update for gpdf CESA-2009:1503 centos4 i386
File : nvt/gb_CESA-2009_1503_gpdf_centos4_i386.nasl
2011-08-09 Name : CentOS Update for poppler CESA-2009:1504 centos5 i386
File : nvt/gb_CESA-2009_1504_poppler_centos5_i386.nasl
2011-08-09 Name : CentOS Update for kdegraphics CESA-2009:1512 centos4 i386
File : nvt/gb_CESA-2009_1512_kdegraphics_centos4_i386.nasl
2011-08-09 Name : CentOS Update for cups CESA-2009:1513 centos5 i386
File : nvt/gb_CESA-2009_1513_cups_centos5_i386.nasl
2011-08-09 Name : CentOS Update for tetex CESA-2010:0400 centos5 i386
File : nvt/gb_CESA-2010_0400_tetex_centos5_i386.nasl
2010-10-19 Name : CentOS Update for cups CESA-2010:0755 centos4 i386
File : nvt/gb_CESA-2010_0755_cups_centos4_i386.nasl
2010-10-19 Name : RedHat Update for cups RHSA-2010:0755-01
File : nvt/gb_RHSA-2010_0755-01_cups.nasl
2010-08-20 Name : Ubuntu Update for koffice vulnerabilities USN-973-1
File : nvt/gb_ubuntu_USN_973_1.nasl
2010-06-03 Name : Debian Security Advisory DSA 2050-1 (kdegraphics)
File : nvt/deb_2050_1.nasl
2010-05-17 Name : CentOS Update for tetex CESA-2010:0399 centos4 i386
File : nvt/gb_CESA-2010_0399_tetex_centos4_i386.nasl
2010-05-17 Name : CentOS Update for tetex CESA-2010:0401 centos3 i386
File : nvt/gb_CESA-2010_0401_tetex_centos3_i386.nasl
2010-05-17 Name : Mandriva Update for tetex MDVSA-2010:094 (tetex)
File : nvt/gb_mandriva_MDVSA_2010_094.nasl
2010-05-07 Name : RedHat Update for tetex RHSA-2010:0399-01
File : nvt/gb_RHSA-2010_0399-01_tetex.nasl

Snort® IPS/IDS

Date Description
2014-01-10 xpdf ObjectStream integer overflow
RuleID : 24266 - Type : FILE-PDF - Revision : 4
2014-01-10 Xpdf Splash DrawImage integer overflow attempt
RuleID : 16355 - Type : FILE-PDF - Revision : 10
2014-01-10 XPDF ObjectStream integer overflow
RuleID : 16335 - Type : FILE-PDF - Revision : 9

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2013-10-07 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-201310-03.nasl - Type: ACT_GATHER_INFO
2013-07-12 Name: The remote Oracle Linux host is missing one or more security updates.
File: oraclelinux_ELSA-2007-0720.nasl - Type: ACT_GATHER_INFO
2013-07-12 Name: The remote Oracle Linux host is missing one or more security updates.
File: oraclelinux_ELSA-2007-0729.nasl - Type: ACT_GATHER_INFO
2013-07-12 Name: The remote Oracle Linux host is missing a security update.
File: oraclelinux_ELSA-2007-0730.nasl - Type: ACT_GATHER_INFO
2013-07-12 Name: The remote Oracle Linux host is missing one or more security updates.
File: oraclelinux_ELSA-2007-0731.nasl - Type: ACT_GATHER_INFO
2013-07-12 Name: The remote Oracle Linux host is missing one or more security updates.
File: oraclelinux_ELSA-2007-0732.nasl - Type: ACT_GATHER_INFO
2013-07-12 Name: The remote Oracle Linux host is missing a security update.
File: oraclelinux_ELSA-2007-0735.nasl - Type: ACT_GATHER_INFO
2013-07-12 Name: The remote Oracle Linux host is missing one or more security updates.
File: oraclelinux_ELSA-2008-0238.nasl - Type: ACT_GATHER_INFO
2013-07-12 Name: The remote Oracle Linux host is missing one or more security updates.
File: oraclelinux_ELSA-2008-0239.nasl - Type: ACT_GATHER_INFO
2013-07-12 Name: The remote Oracle Linux host is missing a security update.
File: oraclelinux_ELSA-2008-0240.nasl - Type: ACT_GATHER_INFO
2013-07-12 Name: The remote Oracle Linux host is missing a security update.
File: oraclelinux_ELSA-2008-0262.nasl - Type: ACT_GATHER_INFO
2013-07-12 Name: The remote Oracle Linux host is missing one or more security updates.
File: oraclelinux_ELSA-2009-0429.nasl - Type: ACT_GATHER_INFO
2013-07-12 Name: The remote Oracle Linux host is missing a security update.
File: oraclelinux_ELSA-2009-0430.nasl - Type: ACT_GATHER_INFO
2013-07-12 Name: The remote Oracle Linux host is missing one or more security updates.
File: oraclelinux_ELSA-2009-0431.nasl - Type: ACT_GATHER_INFO
2013-07-12 Name: The remote Oracle Linux host is missing a security update.
File: oraclelinux_ELSA-2009-0458.nasl - Type: ACT_GATHER_INFO
2013-07-12 Name: The remote Oracle Linux host is missing one or more security updates.
File: oraclelinux_ELSA-2009-0480.nasl - Type: ACT_GATHER_INFO
2013-07-12 Name: The remote Oracle Linux host is missing a security update.
File: oraclelinux_ELSA-2009-1500.nasl - Type: ACT_GATHER_INFO
2013-07-12 Name: The remote Oracle Linux host is missing a security update.
File: oraclelinux_ELSA-2009-1501.nasl - Type: ACT_GATHER_INFO
2013-07-12 Name: The remote Oracle Linux host is missing a security update.
File: oraclelinux_ELSA-2009-1503.nasl - Type: ACT_GATHER_INFO
2013-07-12 Name: The remote Oracle Linux host is missing one or more security updates.
File: oraclelinux_ELSA-2009-1504.nasl - Type: ACT_GATHER_INFO
2013-07-12 Name: The remote Oracle Linux host is missing one or more security updates.
File: oraclelinux_ELSA-2009-1512.nasl - Type: ACT_GATHER_INFO
2013-07-12 Name: The remote Oracle Linux host is missing one or more security updates.
File: oraclelinux_ELSA-2009-1513.nasl - Type: ACT_GATHER_INFO
2013-07-12 Name: The remote Oracle Linux host is missing one or more security updates.
File: oraclelinux_ELSA-2010-0399.nasl - Type: ACT_GATHER_INFO
2013-07-12 Name: The remote Oracle Linux host is missing one or more security updates.
File: oraclelinux_ELSA-2010-0400.nasl - Type: ACT_GATHER_INFO
2013-07-12 Name: The remote Oracle Linux host is missing one or more security updates.
File: oraclelinux_ELSA-2010-0401.nasl - Type: ACT_GATHER_INFO