| Revision Date: | 2013-04-29 | Version: | 11 | | Title: | The FoFiType1::parse function in fofi/FoFiType1.cc in Xpdf 3.0.0, gpdf 2.8.2, kpdf in kdegraphics 3.3.1, and possibly other libraries and versions, does not check the return value of the getNextLine function, which allows context-dependent attackers to execute arbitrary code via a PDF file with a crafted Type 1 font that can produce a negative value, leading to a signed-to-unsigned integer conversion error and a buffer overflow. | | Description: | The FoFiType1::parse function in fofi/FoFiType1.cc in Xpdf 3.0.0, gpdf 2.8.2, kpdf in kdegraphics 3.3.1, and possibly other libraries and versions, does not check the return value of the getNextLine function, which allows context-dependent attackers to execute arbitrary code via a PDF file with a crafted Type 1 font that can produce a negative value, leading to a signed-to-unsigned integer conversion error and a buffer overflow. | | Family: | unix | Class: | vulnerability | | Status: | ACCEPTED | Reference(s): | CVE-2009-4035
| | Platform(s): | CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 4
| Product(s): | | | Definition Synopsis | | RHEL4, CentOS4 or Oracle Linux 4 The operating system installed on the system is Red Hat Enterprise Linux 4
OR CentOS Linux 4.x
OR Oracle Linux 4.x
AND Configuration section
kdegraphics-devel is earlier than 7:3.3.1-17.el4_8.1
OR gpdf is earlier than 0:2.8.2-7.7.2.el4_8.6
OR xpdf is earlier than 1:3.00-23.el4_8.1
OR kdegraphics is earlier than 7:3.3.1-17.el4_8.1
|
|