Oval Definition:	oval:com.ubuntu.precise:def:20093608000
Revision Date: 2009-10-21 Version: 1 Title: CVE-2009-3608 on Ubuntu 12.04 LTS (precise) - medium. Description: Integer overflow in the ObjectStream::ObjectStream function in XRef.cc in Xpdf 3.x before 3.02pl4 and Poppler before 0.12.1, as used in GPdf, kdegraphics KPDF, CUPS pdftops, and teTeX, might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow. Family: unix Class: vulnerability Status: Reference(s): CVE-2009-3608 Platform(s): Ubuntu 12.04 LTS Product(s): Definition Synopsis Ubuntu 12.04 LTS (precise) is installed. AND Package Information The vulnerability of the 'ipe' package in precise is not known (status: 'needs-triage'). It is pending evaluation. OR The vulnerability of the 'libextractor' package in precise is not known (status: 'needs-triage'). It is pending evaluation. OR The 'poppler' package in precise was vulnerable but has been fixed (note: '0.12.2-2.1ubuntu1'). OR NOT While related to the CVE in some way, the 'texlive-bin' package in precise is not affected (note: 'linked to poppler'). OR NOT While related to the CVE in some way, the 'xpdf' package in precise is not affected (note: '3.02-2').
BACK