QwikSec

Security Database

CVE

CWE

Training

CVE-2009-4035

Published: Dec 21, 2009

Modified: Aug 7, 2024

PUBLISHED

Description

The FoFiType1::parse function in fofi/FoFiType1.cc in Xpdf 3.0.0, gpdf 2.8.2, kpdf in kdegraphics 3.3.1, and possibly other libraries and versions, does not check the return value of the getNextLine function, which allows context-dependent attackers to execute arbitrary code via a PDF file with a crafted Type 1 font that can produce a negative value, leading to a signed-to-unsigned integer conversion error and a buffer overflow.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

vdb-entry

x_refsource_SECTRACK

vendor-advisory

x_refsource_REDHAT

vdb-entry

x_refsource_BID

http://cgit.freedesktop.org/poppler/poppler/tree/fofi/FoFiType1.cc?id=4b4fc5c017bf147c9069bbce32fc14467bd2a81a

x_refsource_MISC

third-party-advisory

x_refsource_SECUNIA

third-party-advisory

x_refsource_SECUNIA

xpdf-fofitype1parse-bo(54831)

vdb-entry

x_refsource_XF

third-party-advisory

x_refsource_SECUNIA

vendor-advisory

x_refsource_REDHAT

oval:org.mitre.oval:def:10996

vdb-entry

signature

x_refsource_OVAL

SUSE-SR:2010:003

vendor-advisory

x_refsource_SUSE

http://cgit.freedesktop.org/poppler/poppler/diff/fofi/FoFiType1.cc?id=4b4fc5c0

x_refsource_CONFIRM

vendor-advisory

x_refsource_REDHAT

third-party-advisory

x_refsource_SECUNIA

https://bugzilla.redhat.com/show_bug.cgi?id=541614

x_refsource_CONFIRM

vdb-entry

x_refsource_VUPEN

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.