Vulnerability Details : CVE-2009-3604
The Splash::drawImage function in Splash.cc in Xpdf 2.x and 3.x before 3.02pl4, and Poppler 0.x, as used in GPdf and kdegraphics KPDF, does not properly allocate memory, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document that triggers a NULL pointer dereference or a heap-based buffer overflow.
Vulnerability category: OverflowMemory CorruptionExecute codeDenial of service
Products affected by CVE-2009-3604
- cpe:2.3:a:poppler:poppler:0.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:poppler:poppler:0.1:*:*:*:*:*:*:*
- cpe:2.3:a:poppler:poppler:0.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:poppler:poppler:0.4.0:*:*:*:*:*:*:*
- cpe:2.3:a:poppler:poppler:0.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:poppler:poppler:0.5.3:*:*:*:*:*:*:*
- cpe:2.3:a:poppler:poppler:0.5.4:*:*:*:*:*:*:*
- cpe:2.3:a:poppler:poppler:0.7.0:*:*:*:*:*:*:*
- cpe:2.3:a:poppler:poppler:0.7.1:*:*:*:*:*:*:*
- cpe:2.3:a:poppler:poppler:0.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:poppler:poppler:0.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:poppler:poppler:0.4.3:*:*:*:*:*:*:*
- cpe:2.3:a:poppler:poppler:0.5.9:*:*:*:*:*:*:*
- cpe:2.3:a:poppler:poppler:0.5.91:*:*:*:*:*:*:*
- cpe:2.3:a:poppler:poppler:0.7.2:*:*:*:*:*:*:*
- cpe:2.3:a:poppler:poppler:0.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:poppler:poppler:0.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:poppler:poppler:0.4.4:*:*:*:*:*:*:*
- cpe:2.3:a:poppler:poppler:0.5.0:*:*:*:*:*:*:*
- cpe:2.3:a:poppler:poppler:0.6.0:*:*:*:*:*:*:*
- cpe:2.3:a:poppler:poppler:0.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:poppler:poppler:0.6.2:*:*:*:*:*:*:*
- cpe:2.3:a:poppler:poppler:0.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:poppler:poppler:0.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:poppler:poppler:0.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:poppler:poppler:0.5.2:*:*:*:*:*:*:*
- cpe:2.3:a:poppler:poppler:0.6.3:*:*:*:*:*:*:*
- cpe:2.3:a:poppler:poppler:0.6.4:*:*:*:*:*:*:*
- cpe:2.3:a:poppler:poppler:0.10.4:*:*:*:*:*:*:*
- cpe:2.3:a:poppler:poppler:0.5.90:*:*:*:*:*:*:*
- cpe:2.3:a:poppler:poppler:0.8.5:*:*:*:*:*:*:*
- cpe:2.3:a:poppler:poppler:0.8.6:*:*:*:*:*:*:*
- cpe:2.3:a:poppler:poppler:0.8.7:*:*:*:*:*:*:*
- cpe:2.3:a:poppler:poppler:0.8.3:*:*:*:*:*:*:*
- cpe:2.3:a:poppler:poppler:0.8.4:*:*:*:*:*:*:*
- cpe:2.3:a:poppler:poppler:0.10.1:*:*:*:*:*:*:*
- cpe:2.3:a:poppler:poppler:0.10.0:*:*:*:*:*:*:*
- cpe:2.3:a:poppler:poppler:0.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:poppler:poppler:0.8.2:*:*:*:*:*:*:*
- cpe:2.3:a:poppler:poppler:0.9.2:*:*:*:*:*:*:*
- cpe:2.3:a:poppler:poppler:0.9.3:*:*:*:*:*:*:*
- cpe:2.3:a:poppler:poppler:0.10.3:*:*:*:*:*:*:*
- cpe:2.3:a:poppler:poppler:0.10.2:*:*:*:*:*:*:*
- cpe:2.3:a:poppler:poppler:0.7.3:*:*:*:*:*:*:*
- cpe:2.3:a:poppler:poppler:0.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:poppler:poppler:0.9.0:*:*:*:*:*:*:*
- cpe:2.3:a:poppler:poppler:0.9.1:*:*:*:*:*:*:*
- cpe:2.3:a:poppler:poppler:0.10.5:*:*:*:*:*:*:*
- cpe:2.3:a:poppler:poppler:0.10.6:*:*:*:*:*:*:*
- cpe:2.3:a:poppler:poppler:0.11.2:*:*:*:*:*:*:*
- cpe:2.3:a:poppler:poppler:0.11.3:*:*:*:*:*:*:*
- cpe:2.3:a:poppler:poppler:0.11.0:*:*:*:*:*:*:*
- cpe:2.3:a:poppler:poppler:0.10.7:*:*:*:*:*:*:*
- cpe:2.3:a:poppler:poppler:0.11.1:*:*:*:*:*:*:*
- cpe:2.3:a:poppler:poppler:0.12.0:*:*:*:*:*:*:*
- cpe:2.3:a:foolabs:xpdf:3.02pl2:*:*:*:*:*:*:*
- cpe:2.3:a:foolabs:xpdf:3.02pl1:*:*:*:*:*:*:*
- cpe:2.3:a:foolabs:xpdf:3.02pl3:*:*:*:*:*:*:*
- cpe:2.3:a:glyphandcog:xpdfreader:3.01:*:*:*:*:*:*:*
- cpe:2.3:a:glyphandcog:xpdfreader:2.03:*:*:*:*:*:*:*
- cpe:2.3:a:glyphandcog:xpdfreader:2.02:*:*:*:*:*:*:*
- cpe:2.3:a:glyphandcog:xpdfreader:3.00:*:*:*:*:*:*:*
- cpe:2.3:a:glyphandcog:xpdfreader:2.01:*:*:*:*:*:*:*
- cpe:2.3:a:glyphandcog:xpdfreader:2.00:*:*:*:*:*:*:*
- cpe:2.3:a:glyphandcog:xpdfreader:3.02:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2009-3604
43.67%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 97 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2009-3604
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
9.3
|
HIGH | AV:N/AC:M/Au:N/C:C/I:C/A:C |
8.6
|
10.0
|
NIST |
CWE ids for CVE-2009-3604
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2009-3604
-
http://cgit.freedesktop.org/poppler/poppler/diff/?id=284a928996&id2=75c3466ba2
-
http://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1
-
https://rhn.redhat.com/errata/RHSA-2009-1501.html
RHSA-2009:1501 - Security Advisory - Red Hat Customer Portal
-
https://rhn.redhat.com/errata/RHSA-2009-1503.html
RHSA-2009:1503 - Security Advisory - Red Hat Customer Portal
-
http://www.ubuntu.com/usn/USN-850-3
USN-850-3: poppler vulnerabilities | Ubuntu security notices | Ubuntu
-
https://rhn.redhat.com/errata/RHSA-2009-1512.html
RHSA-2009:1512 - Security Advisory - Red Hat Customer Portal
-
http://www.mandriva.com/security/advisories?name=MDVSA-2011:175
Mandriva
-
http://www.debian.org/security/2010/dsa-2028
[SECURITY] [DSA 2028-1] New xpdf packages fix several vulnerabilities
-
https://bugzilla.redhat.com/show_bug.cgi?id=526911
526911 – (CVE-2009-3604) CVE-2009-3604 xpdf/poppler: Splash::drawImage integer overflow and missing allocation return value checkPatch
-
http://www.ubuntu.com/usn/USN-850-1
USN-850-1: poppler vulnerabilities | Ubuntu security notices | Ubuntu
-
http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html
[security-announce] SUSE Security Summary Report: SUSE-SR:2009:018 - openSUSE Security Announce - openSUSE Mailing Lists
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/53795
Xpdf Splash::drawImage() buffer overflow CVE-2009-3604 Vulnerability Report
-
http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035408.html
403 Forbidden
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10969
404 Not Found
-
http://site.pi3.com.pl/adv/xpdf.txt
Exploit
-
http://www.securityfocus.com/bid/36703
Exploit;Patch
-
ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl4.patch
Patch
-
http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035399.html
403 Forbidden
-
http://www.vupen.com/english/advisories/2009/2928
Site en constructionPatch;Vendor Advisory
-
http://www.vupen.com/english/advisories/2010/0802
Site en construction
-
http://www.vupen.com/english/advisories/2010/1040
Site en construction
-
http://www.debian.org/security/2010/dsa-2050
[SECURITY] [DSA 2050-1] New kdegraphics packages fix several vulnerabilities
-
http://securitytracker.com/id?1023029
Access Denied
-
https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00750.html
[SECURITY] Fedora 10 Update: poppler-0.8.7-7.fc10
-
http://www.vupen.com/english/advisories/2009/2924
Site en constructionPatch;Vendor Advisory
-
https://rhn.redhat.com/errata/RHSA-2009-1502.html
RHSA-2009:1502 - Security Advisory - Red Hat Customer Portal
-
http://www.mandriva.com/security/advisories?name=MDVSA-2010:087
Mandriva
-
http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1
-
https://rhn.redhat.com/errata/RHSA-2009-1500.html
RHSA-2009:1500 - Security Advisory - Red Hat Customer Portal
-
https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00784.html
[SECURITY] Fedora 11 Update: poppler-0.10.7-3.fc11
-
http://cgit.freedesktop.org/poppler/poppler/commit/?id=9cf2325fb2
-
http://www.vupen.com/english/advisories/2010/1220
Site en construction
-
http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035340.html
403 Forbidden
-
http://www.mandriva.com/security/advisories?name=MDVSA-2009:287
Mandriva
Jump to