Novell Home

CVE-2009-3607

Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

Upstream information

CVE-2009-3607 at MITRE

Description

Integer overflow in the create_surface_from_thumbnail_data function in glib/poppler-page.cc in Poppler 0.x allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow. NOTE: some of these details are obtained from third party information.

NVD CVSS v2 Base Score: 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)

Novell/SUSE information

Novell Bugzilla entry: 546393, 566697

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
openSUSE 11.1
  • poppler-debuginfo >= 0.10.1-1.7.1
  • poppler-debugsource >= 0.10.1-1.7.1
openSUSE 11.1
  • libpoppler-devel >= 0.10.1-1.7.1
  • libpoppler-doc >= 0.10.1-1.7.1
  • libpoppler-glib-devel >= 0.10.1-1.7.1
  • libpoppler-glib4 >= 0.10.1-1.7.1
  • libpoppler-qt2 >= 0.10.1-1.7.1
  • libpoppler-qt3-devel >= 0.10.1-1.7.1
  • libpoppler-qt4-3 >= 0.10.1-1.7.1
  • libpoppler-qt4-devel >= 0.10.1-1.7.1
  • libpoppler4 >= 0.10.1-1.7.1
  • poppler-tools >= 0.10.1-1.7.1
SUSE Linux Enterprise 11 Moblin 2.0
  • poppler-debuginfo >= 0.11.2-1.7.1
  • poppler-debugsource >= 0.11.2-1.7.1
SAT Patch Nr: 1932
SUSE Linux Enterprise 11 Moblin 2.0
  • libpoppler-glib4 >= 0.11.2-1.7.1
  • libpoppler4 >= 0.10.1-1.34.3
  • libpoppler5 >= 0.11.2-1.7.1
SAT Patch Nr: 1932
openSUSE 11.2
  • libpoppler-qt2-debuginfo >= 0.12.0-2.1.1
  • poppler-debugsource >= 0.12.0-2.1.1
openSUSE 11.2
  • libpoppler-devel >= 0.12.0-2.1.1
  • libpoppler-doc >= 0.12.0-2.1.1
  • libpoppler-glib-devel >= 0.12.0-2.1.1
  • libpoppler-glib4 >= 0.12.0-2.1.1
  • libpoppler-qt2 >= 0.12.0-2.1.1
  • libpoppler-qt3-devel >= 0.12.0-2.1.1
  • libpoppler-qt4-3 >= 0.12.0-2.1.1
  • libpoppler-qt4-devel >= 0.12.0-2.1.1
  • libpoppler5 >= 0.12.0-2.1.1
  • poppler-tools >= 0.12.0-2.1.1
SUSE Linux Enterprise 11 GA DEBUGINFO
  • poppler-debuginfo >= 0.10.1-1.31.1
  • poppler-debugsource >= 0.10.1-1.31.1
sle11-sdk.ia64
sle11-debuginfo.x86-64
sle11-sdk.x86-64
sles11.x86-64
sle11-debuginfo.s390x
sled11.x86
sles11.x86
sle11-sdk.ppc
sles11.s390x
sle11-debuginfo.x86
sle11-debuginfo.ppc
sle11-debuginfo.ia64
sles11.ia64
sled11.x86-64
sle11-sdk.x86
sles11.ppc
sle11-sdk.s390x
SAT Patch Nr: 1731
SUSE Linux Enterprise SDK 11 GA
  • libpoppler-devel >= 0.10.1-1.31.1
  • libpoppler-glib-devel >= 0.10.1-1.31.1
  • libpoppler-qt2 >= 0.10.1-1.31.1
  • libpoppler-qt3-devel >= 0.10.1-1.31.1
  • libpoppler-qt4-devel >= 0.10.1-1.31.1
  • poppler-tools >= 0.10.1-1.31.1
sle11-sdk.ia64
sle11-debuginfo.x86-64
sle11-sdk.x86-64
sles11.x86-64
sle11-debuginfo.s390x
sled11.x86
sles11.x86
sle11-sdk.ppc
sles11.s390x
sle11-debuginfo.x86
sle11-debuginfo.ppc
sle11-debuginfo.ia64
sles11.ia64
sled11.x86-64
sle11-sdk.x86
sles11.ppc
sle11-sdk.s390x
SAT Patch Nr: 1731
SUSE Linux Enterprise SDK 11 GA
  • libpoppler-devel >= 0.10.1-1.31.1
  • libpoppler-glib-devel >= 0.10.1-1.31.1
  • libpoppler-qt2 >= 0.10.1-1.31.1
  • libpoppler-qt3-devel >= 0.10.1-1.31.1
  • libpoppler-qt4-devel >= 0.10.1-1.31.1
sle11-sdk.ia64
sle11-debuginfo.x86-64
sle11-sdk.x86-64
sles11.x86-64
sle11-debuginfo.s390x
sled11.x86
sles11.x86
sle11-sdk.ppc
sles11.s390x
sle11-debuginfo.x86
sle11-debuginfo.ppc
sle11-debuginfo.ia64
sles11.ia64
sled11.x86-64
sle11-sdk.x86
sles11.ppc
sle11-sdk.s390x
SAT Patch Nr: 1731
SUSE Linux Enterprise Desktop 11 GA
  • libpoppler-glib4 >= 0.10.1-1.31.1
  • libpoppler-qt4-3 >= 0.10.1-1.31.1
  • libpoppler4 >= 0.10.1-1.31.1
sle11-sdk.ia64
sle11-debuginfo.x86-64
sle11-sdk.x86-64
sles11.x86-64
sle11-debuginfo.s390x
sled11.x86
sles11.x86
sle11-sdk.ppc
sles11.s390x
sle11-debuginfo.x86
sle11-debuginfo.ppc
sle11-debuginfo.ia64
sles11.ia64
sled11.x86-64
sle11-sdk.x86
sles11.ppc
sle11-sdk.s390x
SAT Patch Nr: 1731
SUSE Linux Enterprise Server 11 GA
  • libpoppler-glib4 >= 0.10.1-1.31.1
  • libpoppler-qt4-3 >= 0.10.1-1.31.1
  • libpoppler4 >= 0.10.1-1.31.1
  • poppler-tools >= 0.10.1-1.31.1
sle11-sdk.ia64
sle11-debuginfo.x86-64
sle11-sdk.x86-64
sles11.x86-64
sle11-debuginfo.s390x
sled11.x86
sles11.x86
sle11-sdk.ppc
sles11.s390x
sle11-debuginfo.x86
sle11-debuginfo.ppc
sle11-debuginfo.ia64
sles11.ia64
sled11.x86-64
sle11-sdk.x86
sles11.ppc
sle11-sdk.s390x
SAT Patch Nr: 1731
openSUSE 11.0
  • poppler-debuginfo >= 0.8.2-1.5
  • poppler-debugsource >= 0.8.2-1.5
openSUSE 11.0
  • libpoppler-devel >= 0.8.2-1.5
  • libpoppler-doc >= 0.8.2-1.5
  • libpoppler-glib-devel >= 0.8.2-1.5
  • libpoppler-glib3 >= 0.8.2-1.5
  • libpoppler-qt2 >= 0.8.2-1.5
  • libpoppler-qt3-devel >= 0.8.2-1.5
  • libpoppler-qt4-3 >= 0.8.2-1.5
  • libpoppler-qt4-devel >= 0.8.2-1.5
  • libpoppler3 >= 0.8.2-1.5
  • poppler-tools >= 0.8.2-1.5

© 2014 Novell