CVE-2009-1144

Name of the Vulnerable Software and Affected Versions Xpdf versions prior to 3.02-r2

Description The issue is related to an untrusted search path vulnerability in the Gentoo package of Xpdf. This vulnerability allows local users to gain privileges via a Trojan horse xpdfrc file in the current working directory. The problem is connected to an unset SYSTEM XPDFRC macro in a Gentoo build process that utilizes the poppler library.

Recommendations For Xpdf versions prior to 3.02-r2, update to version 3.02-r2 or later to resolve the issue.