Oval Definition:	oval:com.ubuntu.cosmic:def:200936040000000
Revision Date: 2009-10-21 Version: 1 Title: CVE-2009-3604 on Ubuntu 18.10 (cosmic) - medium. Description: The Splash::drawImage function in Splash.cc in Xpdf 2.x and 3.x before 3.02pl4, and Poppler 0.x, as used in GPdf and kdegraphics KPDF, does not properly allocate memory, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document that triggers a NULL pointer dereference or a heap-based buffer overflow. Family: unix Class: vulnerability Status: Reference(s): CVE-2009-3604 Platform(s): Ubuntu 18.10 Product(s): Definition Synopsis Ubuntu 18.10 (cosmic) is installed. AND Package Information ipe: while related to the CVE in some way, a decision has been made to ignore this issue (note: 'reached end-of-life'). OR libextractor: while related to the CVE in some way, a decision has been made to ignore this issue (note: 'reached end-of-life'). OR poppler package in cosmic was vulnerable but has been fixed (note: '0.12.2-2.1ubuntu1'). OR xpdf package in cosmic, is related to the CVE in some way and has been fixed (note: '3.02-2').
BACK