{ "threat_severity" : "Important", "public_date" : "2009-04-16T00:00:00Z", "bugzilla" : { "description" : "xpdf/poppler: SplashBitmap integer overflow", "id" : "495907", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=495907" }, "cvss" : { "cvss_base_score" : "6.8", "cvss_scoring_vector" : "AV:N/AC:M/Au:N/C:P/I:P/A:P", "status" : "verified" }, "cwe" : "CWE-190", "details" : [ "Integer overflow in the JBIG2 decoding feature in the SplashBitmap::SplashBitmap function in SplashBitmap.cc in Xpdf 3.x before 3.02pl4 and Poppler before 0.10.6, as used in GPdf and kdegraphics KPDF, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document." ], "acknowledgement" : "Red Hat would like to thank Will Dormann (CERT/CC) for reporting this issue.", "affected_release" : [ { "product_name" : "Red Hat Enterprise Linux 4", "release_date" : "2009-10-15T00:00:00Z", "advisory" : "RHSA-2009:1501", "cpe" : "cpe:/o:redhat:enterprise_linux:4", "package" : "xpdf-1:3.00-22.el4_8.1" }, { "product_name" : "Red Hat Enterprise Linux 4", "release_date" : "2009-10-15T00:00:00Z", "advisory" : "RHSA-2009:1503", "cpe" : "cpe:/o:redhat:enterprise_linux:4", "package" : "gpdf-0:2.8.2-7.7.2.el4_8.5" }, { "product_name" : "Red Hat Enterprise Linux 4", "release_date" : "2009-10-15T00:00:00Z", "advisory" : "RHSA-2009:1512", "cpe" : "cpe:/o:redhat:enterprise_linux:4", "package" : "kdegraphics-7:3.3.1-15.el4_8.2" }, { "product_name" : "Red Hat Enterprise Linux 5", "release_date" : "2009-05-13T00:00:00Z", "advisory" : "RHSA-2009:0480", "cpe" : "cpe:/o:redhat:enterprise_linux:5", "package" : "poppler-0:0.5.4-4.4.el5_3.9" }, { "product_name" : "Red Hat Enterprise Linux 5", "release_date" : "2009-10-15T00:00:00Z", "advisory" : "RHSA-2009:1502", "cpe" : "cpe:/o:redhat:enterprise_linux:5", "package" : "kdegraphics-7:3.5.4-15.el5_4.2" } ], "references" : [ "https://www.cve.org/CVERecord?id=CVE-2009-1188\nhttps://nvd.nist.gov/vuln/detail/CVE-2009-1188" ], "name" : "CVE-2009-1188", "csaw" : false }