Oval Definition:oval:org.opensuse.security:def:20094035
Revision Date:2022-05-20Version:1
Title:CVE-2009-4035
Description:

The FoFiType1::parse function in fofi/FoFiType1.cc in Xpdf 3.0.0, gpdf 2.8.2, kpdf in kdegraphics 3.3.1, and possibly other libraries and versions, does not check the return value of the getNextLine function, which allows context-dependent attackers to execute arbitrary code via a PDF file with a crafted Type 1 font that can produce a negative value, leading to a signed-to-unsigned integer conversion error and a buffer overflow.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2009-4035
Mitre CVE-2009-4035
SUSE CVE-2009-4035
SUSE-SR:2009:020
SUSE-SR:2009:020
SUSE-SR:2010:003
SUSE-SR:2010:003
SUSE-SR:2010:004
SUSE-SR:2010:004
Platform(s):openSUSE 11.0
openSUSE 11.1
openSUSE 11.2
SLES SDK 9 for IBM iSeries and IBM pSeries
SLES SDK 9 for IBM S/390 and IBM zSeries
SLES SDK 9 for IBM zSeries
SLES SDK 9 for IPF
SLES SDK 9 for x86
SLES SDK 9 for X86-64
SUSE Linux Enterprise 11 Moblin 2.0
SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T
SUSE Linux Enterprise Desktop 10 SP3 for x86
SUSE Linux Enterprise Desktop 11 GA
SUSE Linux Enterprise SDK 10 SP2
SUSE Linux Enterprise SDK 10 SP3
SUSE Linux Enterprise SDK 11 GA
SUSE Linux Enterprise Server 10 SP3
SUSE Linux Enterprise Server 11
SUSE Linux Enterprise Server 11 GA
SUSE Linux Enterprise Server for SAP 10 SP2
SUSE Linux Enterprise Server for SAP Applications 11
Product(s):
Definition Synopsis
  • Release Information
  • sles10-sp2-sap is installed
  • poppler-glib less than 0.4.4-19.25
  • OR poppler-qt less than 0.4.4-19.25
  • OR poppler less than 0.4.4-19.25
  • OR
  • sles10-sp2-sdk is installed
  • AND poppler-devel less than 0.4.4-19.25
  • OR Package Information
  • sles10-sp3 is installed
  • poppler-glib less than 0.4.4-19.26.1
  • OR poppler-qt less than 0.4.4-19.26.1
  • OR poppler less than 0.4.4-19.26.1
  • OR
  • sles10-sp3-sdk is installed
  • AND poppler-devel less than 0.4.4-19.26.1
    • Definition Synopsis
  • SUSE Linux Enterprise Server 11 is installed
  • AND Package Information
  • libpoppler-glib4-0.10.1-1.31 is installed
  • OR libpoppler-qt4-3-0.10.1-1.31 is installed
  • OR libpoppler4-0.10.1-1.31 is installed
  • OR poppler-tools-0.10.1-1.31 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 11 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 11 is installed
  • AND Package Information
  • libpoppler-glib4-0.10.1-1.31.1 is installed
  • OR libpoppler-qt4-3-0.10.1-1.31.1 is installed
  • OR libpoppler4-0.10.1-1.31.1 is installed
  • OR poppler-tools-0.10.1-1.31.1 is installed
    • BACK