Oval Definition:	oval:com.ubuntu.xenial:def:20093608000
Revision Date: 2009-10-21 Version: 1 Title: CVE-2009-3608 on Ubuntu 16.04 LTS (xenial) - medium. Description: Integer overflow in the ObjectStream::ObjectStream function in XRef.cc in Xpdf 3.x before 3.02pl4 and Poppler before 0.12.1, as used in GPdf, kdegraphics KPDF, CUPS pdftops, and teTeX, might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow. Family: unix Class: vulnerability Status: Reference(s): CVE-2009-3608 Platform(s): Ubuntu 16.04 LTS Product(s): Definition Synopsis Ubuntu 16.04 LTS (xenial) is installed. AND Package Information The vulnerability of the 'ipe' package in xenial is not known (status: 'needs-triage'). It is pending evaluation. OR The vulnerability of the 'libextractor' package in xenial is not known (status: 'needs-triage'). It is pending evaluation. OR The 'poppler' package in xenial was vulnerable but has been fixed (note: '0.12.2-2.1ubuntu1'). OR NOT While related to the CVE in some way, the 'texlive-bin' package in xenial is not affected (note: 'linked to poppler'). OR NOT While related to the CVE in some way, the 'xpdf' package in xenial is not affected (note: '3.02-2').
BACK