Описание
Integer overflow in the SplashBitmap::SplashBitmap function in Xpdf 3.x before 3.02pl4 and Poppler before 0.12.1 might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow. NOTE: some of these details are obtained from third party information. NOTE: this issue reportedly exists because of an incomplete fix for CVE-2009-1188.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | DNE | |
| bionic | DNE | |
| cosmic | DNE | |
| dapper | ignored | end of life |
| devel | DNE | |
| disco | DNE | |
| eoan | DNE | |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/focal | DNE | |
| focal | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | ignored | end of life |
| bionic | ignored | end of standard support, was needs-triage |
| cosmic | ignored | end of life |
| dapper | ignored | end of life |
| devel | needs-triage | |
| disco | ignored | end of life |
| eoan | ignored | end of life |
| esm-apps/bionic | needs-triage | |
| esm-apps/focal | needs-triage | |
| esm-apps/jammy | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | DNE | |
| bionic | DNE | |
| cosmic | DNE | |
| dapper | not-affected | linked to poppler |
| devel | DNE | |
| disco | DNE | |
| eoan | DNE | |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/focal | DNE | |
| focal | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | DNE | |
| bionic | DNE | |
| cosmic | DNE | |
| dapper | ignored | end of life |
| devel | DNE | |
| disco | DNE | |
| eoan | DNE | |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/focal | DNE | |
| focal | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | ignored | end of life |
| bionic | not-affected | does not use xpdf anymore |
| cosmic | ignored | end of life |
| dapper | ignored | end of life |
| devel | not-affected | does not use xpdf anymore |
| disco | ignored | end of life |
| eoan | ignored | end of life |
| esm-apps/bionic | not-affected | does not use xpdf anymore |
| esm-apps/focal | not-affected | does not use xpdf anymore |
| esm-apps/jammy | not-affected | does not use xpdf anymore |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | DNE | |
| bionic | DNE | |
| cosmic | DNE | |
| dapper | ignored | end of life |
| devel | DNE | |
| disco | DNE | |
| eoan | DNE | |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/focal | DNE | |
| focal | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | DNE | |
| bionic | DNE | |
| cosmic | DNE | |
| dapper | ignored | end of life |
| devel | DNE | |
| disco | DNE | |
| eoan | DNE | |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/focal | DNE | |
| focal | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | released | 0.12.2-2.1ubuntu1 |
| bionic | released | 0.12.2-2.1ubuntu1 |
| cosmic | released | 0.12.2-2.1ubuntu1 |
| dapper | released | 0.5.1-0ubuntu7.6 |
| devel | released | 0.12.2-2.1ubuntu1 |
| disco | released | 0.12.2-2.1ubuntu1 |
| eoan | released | 0.12.2-2.1ubuntu1 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was released [0.12.2-2.1ubuntu1]] |
| esm-infra/bionic | released | 0.12.2-2.1ubuntu1 |
| esm-infra/focal | released | 0.12.2-2.1ubuntu1 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | DNE | |
| bionic | DNE | |
| cosmic | DNE | |
| dapper | not-affected | linked to poppler |
| devel | DNE | |
| disco | DNE | |
| eoan | DNE | |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/focal | DNE | |
| focal | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | not-affected | linked to poppler |
| bionic | not-affected | linked to poppler |
| cosmic | not-affected | linked to poppler |
| dapper | DNE | |
| devel | not-affected | linked to poppler |
| disco | not-affected | linked to poppler |
| eoan | not-affected | linked to poppler |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was not-affected [linked to poppler]] |
| esm-infra/bionic | not-affected | linked to poppler |
| esm-infra/focal | not-affected | linked to poppler |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | not-affected | 3.02-2 |
| bionic | not-affected | 3.02-2 |
| cosmic | not-affected | 3.02-2 |
| dapper | ignored | end of life |
| devel | not-affected | |
| disco | not-affected | 3.02-2 |
| eoan | not-affected | 3.02-2 |
| esm-apps/bionic | not-affected | 3.02-2 |
| esm-apps/jammy | not-affected | |
| esm-apps/noble | not-affected |
Показывать по
EPSS
9.3 Critical
CVSS2
Связанные уязвимости
Integer overflow in the SplashBitmap::SplashBitmap function in Xpdf 3.x before 3.02pl4 and Poppler before 0.12.1 might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow. NOTE: some of these details are obtained from third party information. NOTE: this issue reportedly exists because of an incomplete fix for CVE-2009-1188.
Integer overflow in the SplashBitmap::SplashBitmap function in Xpdf 3.x before 3.02pl4 and Poppler before 0.12.1 might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow. NOTE: some of these details are obtained from third party information. NOTE: this issue reportedly exists because of an incomplete fix for CVE-2009-1188.
Integer overflow in the SplashBitmap::SplashBitmap function in Xpdf 3. ...
Integer overflow in the SplashBitmap::SplashBitmap function in Xpdf 3.x before 3.02pl4 and Poppler before 0.12.1 might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow. NOTE: some of these details are obtained from third party information. NOTE: this issue reportedly exists because of an incomplete fix for CVE-2009-1188.
ELSA-2009-1504: poppler security and bug fix update (IMPORTANT)
EPSS
9.3 Critical
CVSS2