CVE-2009-3938

Name of the Vulnerable Software and Affected Versions Poppler (aka libpoppler) versions 0.10.6 through 0.12.0

Description The issue is related to a buffer overflow in the ABWOutputDev::endWord function, which can be triggered by a crafted PDF file. This can lead to a denial of service and potentially allow the execution of arbitrary code. The Abiword pdftoabw utility is affected.

Recommendations For Poppler (aka libpoppler) versions 0.10.6 through 0.12.0, update to a version that fixes the buffer overflow issue in the ABWOutputDev::endWord function. At the moment, there is no information about a newer version that contains a fix for this vulnerability.