Oval Definition:	oval:com.ubuntu.xenial:def:20093604000
Revision Date: 2009-10-21 Version: 1 Title: CVE-2009-3604 on Ubuntu 16.04 LTS (xenial) - medium. Description: The Splash::drawImage function in Splash.cc in Xpdf 2.x and 3.x before 3.02pl4, and Poppler 0.x, as used in GPdf and kdegraphics KPDF, does not properly allocate memory, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document that triggers a NULL pointer dereference or a heap-based buffer overflow. Family: unix Class: vulnerability Status: Reference(s): CVE-2009-3604 Platform(s): Ubuntu 16.04 LTS Product(s): Definition Synopsis Ubuntu 16.04 LTS (xenial) is installed. AND Package Information The vulnerability of the 'ipe' package in xenial is not known (status: 'needs-triage'). It is pending evaluation. OR The vulnerability of the 'libextractor' package in xenial is not known (status: 'needs-triage'). It is pending evaluation. OR The 'poppler' package in xenial was vulnerable but has been fixed (note: '0.12.2-2.1ubuntu1'). OR NOT While related to the CVE in some way, the 'texlive-bin' package in xenial is not affected (note: 'linked to poppler'). OR NOT While related to the CVE in some way, the 'xpdf' package in xenial is not affected (note: '3.02-2').
BACK