Upstream information

CVE-2009-3605 at MITRE


Multiple integer overflows in Poppler 0.10.5 and earlier allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF file, related to (1) glib/; (2), (3), (4), (5), (6), and (7) in poppler/; and (8), (9), and (10) in splash/. NOTE: this may overlap CVE-2009-0791.

SUSE information

Overall state of this security issue: Resolved

This issue is currently rated as having moderate severity.

CVSS v2 Scores
  National Vulnerability Database
Base Score 6.8
Vector AV:N/AC:M/Au:N/C:P/I:P/A:P
Access Vector Network
Access Complexity Medium
Authentication None
Confidentiality Impact Partial
Integrity Impact Partial
Availability Impact Partial
SUSE Bugzilla entries: 539875 [RESOLVED / FIXED], 546400 [RESOLVED / FIXED], 546404 [RESOLVED / FIXED]

SUSE Security Advisories:

SUSE Timeline for this CVE

CVE page created: Fri Jun 28 06:59:09 2013
CVE page last modified: Mon Feb 13 11:26:51 2023