PT-2009-3369 · Poppler · Poppler

Pinar Yanardag

Published

2009-03-03

Updated

2018-10-10

CVE-2009-0756

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions Poppler versions prior to 0.10.4

Description The issue allows remote attackers to cause a denial of service (crash) via a PDF file that triggers a parsing error. This error is not properly handled by the JBIG2SymbolDict destructor and triggers an invalid memory dereference in the JBIG2Stream::readSymbolDictSeg function.

Recommendations For versions prior to 0.10.4, update to version 0.10.4 or later to resolve the issue.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2009-0756

Affected Products

Poppler

PT-2009-3369 · Poppler · Poppler

CVE-2009-0756

Related Identifiers

Affected Products

References · 15