PT-2009-3369 · Poppler · Poppler

Pinar Yanardag

Publicado

2009-03-03

Atualizado

2018-10-10

CVE-2009-0756

CVSS v2.0

5.0

Média

Vetor

AV:N/AC:L/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions Poppler versions prior to 0.10.4

Description The issue allows remote attackers to cause a denial of service (crash) via a PDF file that triggers a parsing error. This error is not properly handled by the JBIG2SymbolDict destructor and triggers an invalid memory dereference in the JBIG2Stream::readSymbolDictSeg function.

Recommendations For versions prior to 0.10.4, update to version 0.10.4 or later to resolve the issue.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2009-0756

Produtos afetados

Poppler

PT-2009-3369 · Poppler · Poppler

CVE-2009-0756

Identificadores relacionados

Produtos afetados

Referências · 15