ID CVE-2009-0755
Summary The FormWidgetChoice::loadDefaults function in Poppler before 0.10.4 allows remote attackers to cause a denial of service (crash) via a PDF file with an invalid Form Opt entry.
References
Vulnerable Configurations
  • cpe:2.3:a:poppler:poppler:0.1
    cpe:2.3:a:poppler:poppler:0.1
  • cpe:2.3:a:poppler:poppler:0.1.1
    cpe:2.3:a:poppler:poppler:0.1.1
  • cpe:2.3:a:poppler:poppler:0.1.2
    cpe:2.3:a:poppler:poppler:0.1.2
  • cpe:2.3:a:poppler:poppler:0.2.0
    cpe:2.3:a:poppler:poppler:0.2.0
  • cpe:2.3:a:poppler:poppler:0.3.0
    cpe:2.3:a:poppler:poppler:0.3.0
  • cpe:2.3:a:poppler:poppler:0.3.1
    cpe:2.3:a:poppler:poppler:0.3.1
  • cpe:2.3:a:poppler:poppler:0.3.2
    cpe:2.3:a:poppler:poppler:0.3.2
  • cpe:2.3:a:poppler:poppler:0.3.3
    cpe:2.3:a:poppler:poppler:0.3.3
  • cpe:2.3:a:poppler:poppler:0.4.0
    cpe:2.3:a:poppler:poppler:0.4.0
  • cpe:2.3:a:poppler:poppler:0.4.1
    cpe:2.3:a:poppler:poppler:0.4.1
  • cpe:2.3:a:poppler:poppler:0.4.2
    cpe:2.3:a:poppler:poppler:0.4.2
  • cpe:2.3:a:poppler:poppler:0.4.3
    cpe:2.3:a:poppler:poppler:0.4.3
  • cpe:2.3:a:poppler:poppler:0.4.4
    cpe:2.3:a:poppler:poppler:0.4.4
  • cpe:2.3:a:poppler:poppler:0.5.0
    cpe:2.3:a:poppler:poppler:0.5.0
  • cpe:2.3:a:poppler:poppler:0.5.1
    cpe:2.3:a:poppler:poppler:0.5.1
  • cpe:2.3:a:poppler:poppler:0.5.2
    cpe:2.3:a:poppler:poppler:0.5.2
  • cpe:2.3:a:poppler:poppler:0.5.3
    cpe:2.3:a:poppler:poppler:0.5.3
  • cpe:2.3:a:poppler:poppler:0.5.4
    cpe:2.3:a:poppler:poppler:0.5.4
  • cpe:2.3:a:poppler:poppler:0.5.9
    cpe:2.3:a:poppler:poppler:0.5.9
  • cpe:2.3:a:poppler:poppler:0.5.90
    cpe:2.3:a:poppler:poppler:0.5.90
  • cpe:2.3:a:poppler:poppler:0.5.91
    cpe:2.3:a:poppler:poppler:0.5.91
  • cpe:2.3:a:poppler:poppler:0.6.0
    cpe:2.3:a:poppler:poppler:0.6.0
  • cpe:2.3:a:poppler:poppler:0.6.1
    cpe:2.3:a:poppler:poppler:0.6.1
  • cpe:2.3:a:poppler:poppler:0.6.2
    cpe:2.3:a:poppler:poppler:0.6.2
  • cpe:2.3:a:poppler:poppler:0.6.3
    cpe:2.3:a:poppler:poppler:0.6.3
  • cpe:2.3:a:poppler:poppler:0.6.4
    cpe:2.3:a:poppler:poppler:0.6.4
  • cpe:2.3:a:poppler:poppler:0.7.0
    cpe:2.3:a:poppler:poppler:0.7.0
  • cpe:2.3:a:poppler:poppler:0.7.1
    cpe:2.3:a:poppler:poppler:0.7.1
  • cpe:2.3:a:poppler:poppler:0.7.2
    cpe:2.3:a:poppler:poppler:0.7.2
  • cpe:2.3:a:poppler:poppler:0.7.3
    cpe:2.3:a:poppler:poppler:0.7.3
  • cpe:2.3:a:poppler:poppler:0.8.4
    cpe:2.3:a:poppler:poppler:0.8.4
  • cpe:2.3:a:poppler:poppler:0.10.1
    cpe:2.3:a:poppler:poppler:0.10.1
  • cpe:2.3:a:poppler:poppler:0.10.2
    cpe:2.3:a:poppler:poppler:0.10.2
  • cpe:2.3:a:poppler:poppler:0.10.3
    cpe:2.3:a:poppler:poppler:0.10.3
CVSS
Base: 5.0 (as of 04-03-2009 - 09:16)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
exploit-db via4
description Poppler 0.10.3 Multiple Denial of Service Vulnerabilities. CVE-2009-0755,CVE-2009-0756. Dos exploit for linux platform
id EDB-ID:32800
last seen 2016-02-03
modified 2009-02-12
published 2009-02-12
reporter Romario
source https://www.exploit-db.com/download/32800/
title Poppler 0.10.3 - Multiple Denial of Service Vulnerabilities
nessus via4
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-1941.NASL
    description Several integer overflows, buffer overflows and memory allocation errors were discovered in the Poppler PDF rendering library, which may lead to denial of service or the execution of arbitrary code if a user is tricked into opening a malformed PDF document. An update for the old stable distribution (etch) will be issued soon as version 0.4.5-5.1etch4.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 44806
    published 2010-02-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=44806
    title Debian DSA-1941-1 : poppler - several vulnerabilities
  • NASL family Mandriva Local Security Checks
    NASL id MANDRIVA_MDVSA-2009-068.NASL
    description A crafted PDF file that triggers a parsing error allows remote attackers to cause definal of service. This bug is consequence of a wrong processing on FormWidgetChoice::loadDefaults method (CVE-2009-0755). A crafted PDF file that triggers a parsing error allows remote attackers to cause definal of service. This bug is consequence of an invalid memory dereference on JBIG2SymbolDict::~JBIG2SymbolDict destructor when JBIG2Stream::readSymbolDictSeg method is used (CVE-2009-0756). This update provides fixes for those vulnerabilities. This update does not apply for CVE-2009-0755 under Corporate Server 4.0 libpoppler0-0.4.1-3.7.20060mlcs4. Update : The previous packages were not signed, this new update fixes that issue.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 36675
    published 2009-04-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=36675
    title Mandriva Linux Security Advisory : poppler (MDVSA-2009:068-1)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-850-1.NASL
    description It was discovered that poppler contained multiple security issues when parsing malformed PDF documents. If a user or automated system were tricked into opening a crafted PDF file, an attacker could cause a denial of service or execute arbitrary code with privileges of the user invoking the program. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 42207
    published 2009-10-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=42207
    title Ubuntu 6.06 LTS / 8.04 LTS / 8.10 / 9.04 : poppler vulnerabilities (USN-850-1)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_LIBPOPPLER4-090622.NASL
    description This update of poppler: fix various security bugs that occur while decoding JBIG2. (CVE-2009-0146 / CVE-2009-0147 / CVE-2009-0165 / CVE-2009-0166 / CVE-2009-0799 / CVE-2009-0800 / CVE-2009-1179 / CVE-2009-1180 / CVE-2009-1181 / CVE-2009-1182 / CVE-2009-1183) Further a denial of service bug in function FormWidgetChoice::loadDefaults() (CVE-2009-0755) and JBIG2Stream::readSymbolDictSeg() (CVE-2009-0756) was closed that could be triggered via malformed PDF files.
    last seen 2019-02-21
    modified 2016-12-21
    plugin id 41427
    published 2009-09-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=41427
    title SuSE 11 Security Update : libpoppler4 (SAT Patch Number 1034)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_POPPLER-6315.NASL
    description This update of poppler: fix various security bugs that occur while decoding JBIG2. (CVE-2009-0146 / CVE-2009-0147 / CVE-2009-0165 / CVE-2009-0166 / CVE-2009-0799 / CVE-2009-0800 / CVE-2009-1179 / CVE-2009-1180 / CVE-2009-1181 / CVE-2009-1182 / CVE-2009-1183) Further a denial of service bug in function FormWidgetChoice::loadDefaults() (CVE-2009-0755) and JBIG2Stream::readSymbolDictSeg() (CVE-2009-0756) was closed that could be triggered via malformed PDF files.
    last seen 2019-02-21
    modified 2016-12-22
    plugin id 41578
    published 2009-09-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=41578
    title SuSE 10 Security Update : poppler (ZYPP Patch Number 6315)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_0_LIBPOPPLER3-090611.NASL
    description This update of poppler: fix various security bugs that occur while decoding JBIG2 (CVE-2009-0146, CVE-2009-0147, CVE-2009-0165, CVE-2009-0166, CVE-2009-0799, CVE-2009-0800, CVE-2009-1179, CVE-2009-1180, CVE-2009-1181, CVE-2009-1182, CVE-2009-1183). Further a denial of service bug in function FormWidgetChoice::loadDefaults() (CVE-2009-0755) and JBIG2Stream::readSymbolDictSeg() (CVE-2009-0756) was closed that could be triggered via malformed PDF files.
    last seen 2019-02-21
    modified 2016-12-21
    plugin id 40042
    published 2009-07-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=40042
    title openSUSE Security Update : libpoppler3 (libpoppler3-1035)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_1_LIBPOPPLER4-090622.NASL
    description This update of poppler: fix various security bugs that occur while decoding JBIG2 (CVE-2009-0146, CVE-2009-0147, CVE-2009-0165, CVE-2009-0166, CVE-2009-0799, CVE-2009-0800, CVE-2009-1179, CVE-2009-1180, CVE-2009-1181, CVE-2009-1182, CVE-2009-1183). Further a denial of service bug in function FormWidgetChoice::loadDefaults() (CVE-2009-0755) and JBIG2Stream::readSymbolDictSeg() (CVE-2009-0756) was closed that could be triggered via malformed PDF files.
    last seen 2019-02-21
    modified 2016-12-21
    plugin id 40267
    published 2009-07-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=40267
    title openSUSE Security Update : libpoppler4 (libpoppler4-1032)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_POPPLER-6319.NASL
    description This update of poppler: fix various security bugs that occur while decoding JBIG2 (CVE-2009-0146, CVE-2009-0147, CVE-2009-0165, CVE-2009-0166, CVE-2009-0799, CVE-2009-0800, CVE-2009-1179, CVE-2009-1180, CVE-2009-1181, CVE-2009-1182, CVE-2009-1183). Further a denial of service bug in function FormWidgetChoice::loadDefaults() (CVE-2009-0755) and JBIG2Stream::readSymbolDictSeg() (CVE-2009-0756) was closed that could be triggered via malformed PDF files.
    last seen 2019-02-21
    modified 2016-12-22
    plugin id 42030
    published 2009-10-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=42030
    title openSUSE 10 Security Update : poppler (poppler-6319)
refmap via4
bid 33749
bugtraq 20090417 rPSA-2009-0059-1 poppler
confirm
debian DSA-1941
mlist
  • [oss-security] 20090213 CVE Request: Poppler -Two Denial of Service Vulnerabilities
  • [oss-security] 20090219 Re: CVE Request: Poppler -Two Denial of Service Vulnerabilities
  • [poppler] 20090128 poppler/Form.cc
secunia
  • 33853
  • 35685
  • 37114
suse SUSE-SR:2009:012
ubuntu USN-850-1
statements via4
contributor Tomas Hoger
lastmodified 2009-07-15
organization Red Hat
statement Not vulnerable. This issue did not affect the versions of poppler, xpdf, gpdf and kdegraphics as shipped with Red Hat Enterprise Linux 3, 4, or 5.
Last major update 19-12-2009 - 01:53
Published 03-03-2009 - 11:30
Last modified 10-10-2018 - 15:30
Back to Top