Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.8
CVSSv2

CVE-2009-3938

Published: 13/11/2009 Updated: 17/08/2017
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
VMScore: 605
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Subscribe to Poppler

Vulnerability Summary

Buffer overflow in the ABWOutputDev::endWord function in poppler/ABWOutputDev.cc in Poppler (aka libpoppler) 0.10.6, 0.12.0, and possibly other versions, as used by the Abiword pdftoabw utility, allows user-assisted remote malicious users to cause a denial of service and possibly execute arbitrary code via a crafted PDF file.

Vulnerable Product Search on Vulmon Subscribe to Product

poppler poppler 0.12.0

poppler poppler 0.10.6

Vendor Advisories

Debian CVElist Bug Report Logs: libpoppler4: buffer overflow in the Abiword backend
Debian Bug report logs - #534680 libpoppler4: buffer overflow in the Abiword backend Package: poppler; Maintainer for poppler is Debian freedesktoporg maintainers <pkg-freedesktop-maintainers@listsaliothdebianorg>; Reported by: Jakub Wilk <ubanus@userssfnet> Date: Fri, 26 Jun 2009 10:24:13 UTC Severity: importa ...
Debian Security Advisories: DSA-1941-1 poppler -- several vulnerabilities
Several integer overflows, buffer overflows and memory allocation errors were discovered in the Poppler PDF rendering library, which may lead to denial of service or the execution of arbitrary code if a user is tricked into opening a malformed PDF document An update for the old stable distribution (etch) will be issued soon as version 045-51etc ...

References

CWE-119http://secunia.com/advisories/37333http://www.securityfocus.com/bid/36976http://bugs.freedesktop.org/attachment.cgi?id=30599&action=edithttp://bugs.freedesktop.org/show_bug.cgi?id=23074http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=534680http://www.vupen.com/english/advisories/2009/3227http://www.debian.org/security/2009/dsa-1941http://www.mandriva.com/security/advisories?name=MDVSA-2011:175https://exchange.xforce.ibmcloud.com/vulnerabilities/54215https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=534680https://www.debian.org/security/./dsa-1941https://nvd.nist.gov
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
race conditionCVE-2024-4249CVE-2024-4244CVE-2023-20198TCPCVE-2022-48648CVE-2022-48636CVE-2024-21345SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook