CVE-2009-3608: Buffer Overflow
First published: Thu Oct 01 2009(Updated: )
Integer overflow in the ObjectStream::ObjectStream function in XRef.cc in Xpdf 3.x before 3.02pl4 and Poppler before 0.12.1, as used in GPdf, kdegraphics KPDF, CUPS pdftops, and teTeX, might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/xpdf | <1:3.00-22.el4_8.1 | 1:3.00-22.el4_8.1 |
| redhat/gpdf | <0:2.8.2-7.7.2.el4_8.5 | 0:2.8.2-7.7.2.el4_8.5 |
| redhat/kdegraphics | <7:3.3.1-15.el4_8.2 | 7:3.3.1-15.el4_8.2 |
| redhat/kdegraphics | <7:3.5.4-15.el5_4.2 | 7:3.5.4-15.el5_4.2 |
| redhat/poppler | <0:0.5.4-4.4.el5_4.11 | 0:0.5.4-4.4.el5_4.11 |
| redhat/cups | <1:1.3.7-11.el5_4.3 | 1:1.3.7-11.el5_4.3 |
| redhat/tetex | <0:3.0-33.8.el5_5.5 | 0:3.0-33.8.el5_5.5 |
| Xpdf | =3.02pl1 | |
| Xpdf | =3.02pl2 | |
| Xpdf | =3.02pl3 | |
| Glyph & Cog XpdfReader | =3.00 | |
| Glyph & Cog XpdfReader | =3.01 | |
| Glyph & Cog XpdfReader | =3.02 | |
| Poppler Utilities | <=0.12.0 | |
| Poppler Utilities | =0.1 | |
| Poppler Utilities | =0.1.1 | |
| Poppler Utilities | =0.1.2 | |
| Poppler Utilities | =0.2.0 | |
| Poppler Utilities | =0.3.0 | |
| Poppler Utilities | =0.3.1 | |
| Poppler Utilities | =0.3.2 | |
| Poppler Utilities | =0.3.3 | |
| Poppler Utilities | =0.4.0 | |
| Poppler Utilities | =0.4.1 | |
| Poppler Utilities | =0.4.2 | |
| Poppler Utilities | =0.4.3 | |
| Poppler Utilities | =0.4.4 | |
| Poppler Utilities | =0.5.0 | |
| Poppler Utilities | =0.5.1 | |
| Poppler Utilities | =0.5.2 | |
| Poppler Utilities | =0.5.3 | |
| Poppler Utilities | =0.5.4 | |
| Poppler Utilities | =0.5.9 | |
| Poppler Utilities | =0.6.0 | |
| Poppler Utilities | =0.6.1 | |
| Poppler Utilities | =0.6.2 | |
| Poppler Utilities | =0.6.3 | |
| Poppler Utilities | =0.6.4 | |
| Poppler Utilities | =0.7.0 | |
| Poppler Utilities | =0.7.1 | |
| Poppler Utilities | =0.7.2 | |
| Poppler Utilities | =0.7.3 | |
| Poppler Utilities | =0.8.0 | |
| Poppler Utilities | =0.8.1 | |
| Poppler Utilities | =0.8.2 | |
| Poppler Utilities | =0.8.3 | |
| Poppler Utilities | =0.8.4 | |
| Poppler Utilities | =0.8.6 | |
| Poppler Utilities | =0.8.7 | |
| Poppler Utilities | =0.9.0 | |
| Poppler Utilities | =0.9.1 | |
| Poppler Utilities | =0.9.2 | |
| Poppler Utilities | =0.9.3 | |
| Poppler Utilities | =0.10.0 | |
| Poppler Utilities | =0.10.1 | |
| Poppler Utilities | =0.10.2 | |
| Poppler Utilities | =0.10.3 | |
| Poppler Utilities | =0.10.4 | |
| Poppler Utilities | =0.10.5 | |
| Poppler Utilities | =0.10.6 | |
| Poppler Utilities | =0.10.7 | |
| Poppler Utilities | =0.11.0 | |
| Poppler Utilities | =0.11.1 | |
| Poppler Utilities | =0.11.2 | |
| Poppler Utilities | =0.11.3 | |
| Glyph & Cog pdftops | ||
| GNOME GPDF | ||
| KDE KPDF | ||
| teTeX |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://secunia.com/advisories/37034
- http://www.securityfocus.com/bid/36703
- http://www.vupen.com/english/advisories/2009/2925
- http://www.vupen.com/english/advisories/2009/2926
- http://secunia.com/advisories/37054
- http://secunia.com/advisories/37053
- http://poppler.freedesktop.org/
- https://rhn.redhat.com/errata/RHSA-2009-1512.html
- https://rhn.redhat.com/errata/RHSA-2009-1503.html
- http://secunia.com/advisories/37051
- http://secunia.com/advisories/37061
- http://securitytracker.com/id?1023029
- http://secunia.com/advisories/37028
- https://rhn.redhat.com/errata/RHSA-2009-1504.html
- http://www.vupen.com/english/advisories/2009/2928
- https://bugzilla.redhat.com/show_bug.cgi?id=526637
- http://www.vupen.com/english/advisories/2009/2924
- https://rhn.redhat.com/errata/RHSA-2009-1513.html
- https://rhn.redhat.com/errata/RHSA-2009-1501.html
- http://secunia.com/advisories/37037
- http://secunia.com/advisories/37043
- https://rhn.redhat.com/errata/RHSA-2009-1502.html
- http://secunia.com/advisories/37077
- http://www.ocert.org/advisories/ocert-2009-016.html
- http://secunia.com/advisories/37079
- http://www.mandriva.com/security/advisories?name=MDVSA-2009:287
- http://secunia.com/advisories/37159
- https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00750.html
- https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00784.html
- http://www.ubuntu.com/usn/USN-850-1
- http://secunia.com/advisories/37114
- http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html
- http://www.debian.org/security/2009/dsa-1941
- http://www.openwall.com/lists/oss-security/2009/12/01/5
- http://www.openwall.com/lists/oss-security/2009/12/01/1
- http://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1
- http://www.openwall.com/lists/oss-security/2009/12/01/6
- http://www.ubuntu.com/usn/USN-850-3
- http://www.mandriva.com/security/advisories?name=MDVSA-2009:334
- http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035340.html
- http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035399.html
- http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035408.html
- http://www.vupen.com/english/advisories/2010/0802
- http://www.debian.org/security/2010/dsa-2028
- http://secunia.com/advisories/39327
- http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1
- http://www.debian.org/security/2010/dsa-2050
- http://secunia.com/advisories/39938
- http://www.vupen.com/english/advisories/2010/1220
- http://www.mandriva.com/security/advisories?name=MDVSA-2011:175
- https://exchange.xforce.ibmcloud.com/vulnerabilities/53794
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9536
- http://gcc.gnu.org/bugzilla/show_bug.cgi?id=19351
- http://cgit.freedesktop.org/poppler/poppler/commit/?id=c36d8afc
- http://cgit.freedesktop.org/poppler/poppler/commit/?id=f41fa9ee
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=363288&action=diff
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=363288&action=edit
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=363744&action=diff
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=363744&action=edit
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=364871&action=diff
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=364871&action=edit
- https://access.redhat.com/security/cve/CVE-2009-3604
- https://access.redhat.com/security/cve/CVE-2009-3606
- https://access.redhat.com/security/cve/CVE-2009-3608
- https://access.redhat.com/security/cve/CVE-2009-3609
- https://bugzilla.redhat.com/show_bug.cgi/ftp:/ftp.foolabs.com/pub/xpdf/xpdf-3.02pl4.patch
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=526637#c15
- http://cgit.freedesktop.org/poppler/poppler/commit/?id=1082e1671a
- http://poppler.freedesktop.org/releases.html
- http://admin.fedoraproject.org/updates/poppler-0.8.7-7.fc10
- http://admin.fedoraproject.org/updates/poppler-0.10.7-3.fc11
- https://access.redhat.com/security/cve/CVE-2009-3908
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3908
- https://rhn.redhat.com/errata/RHSA-2010-0400.html
- https://www.cve.org/CVERecord?id=CVE-2009-3608 https://nvd.nist.gov/vuln/detail/CVE-2009-3608
- https://access.redhat.com/errata/RHSA-2009:1501
- https://access.redhat.com/errata/RHSA-2009:1503
- https://access.redhat.com/errata/RHSA-2009:1512
- https://access.redhat.com/errata/RHSA-2009:1502
- https://access.redhat.com/errata/RHSA-2009:1504
- https://access.redhat.com/errata/RHSA-2009:1513
- https://access.redhat.com/errata/RHSA-2010:0400
- https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3608.json
Parent vulnerabilities
(Appears in the following advisories)
Frequently Asked Questions
What is the severity of CVE-2009-3608?
CVE-2009-3608 is classified as a critical vulnerability due to its potential to allow remote code execution via crafted PDF documents.
How do I fix CVE-2009-3608?
To fix CVE-2009-3608, update Xpdf to version 3.02pl4 or later, and ensure affected software packages like Gpdf, kdegraphics, Poppler, CUPS, and teTeX are also updated to their respective fixed versions.
Which software is affected by CVE-2009-3608?
CVE-2009-3608 affects Xpdf versions prior to 3.02pl4, Poppler before 0.12.1, and various other applications like Gpdf, kdegraphics KPDF, and CUPS.
Can CVE-2009-3608 be exploited remotely?
Yes, CVE-2009-3608 can be exploited remotely through specially crafted PDF files designed to trigger the vulnerability.
What are the consequences of exploiting CVE-2009-3608?
Exploiting CVE-2009-3608 can lead to arbitrary code execution on the affected system, which may compromise its integrity and security.
- collector/nvd-historical
- agent/type
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2009-3608
- agent/remedy
- agent/first-publish-date
- agent/severity
- agent/references
- agent/author
- agent/description
- agent/weakness
- collector/redhat-cve
- agent/software-canonical-lookup
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/event
- agent/trending
- agent/source
- agent/tags
- agent/softwarecombine
- collector/nvd-index
- agent/software-canonical-lookup-request
- package-manager/redhat
- vendor/foolabs
- canonical/xpdf
- version/xpdf/3.02pl1
- version/xpdf/3.02pl2
- version/xpdf/3.02pl3
- vendor/glyphandcog
- canonical/glyph & cog xpdfreader
- version/glyph & cog xpdfreader/3.00
- version/glyph & cog xpdfreader/3.01
- version/glyph & cog xpdfreader/3.02
- vendor/poppler
- canonical/poppler utilities
- version/poppler utilities/0.12.0
- version/poppler utilities/0.1
- version/poppler utilities/0.1.1
- version/poppler utilities/0.1.2
- version/poppler utilities/0.2.0
- version/poppler utilities/0.3.0
- version/poppler utilities/0.3.1
- version/poppler utilities/0.3.2
- version/poppler utilities/0.3.3
- version/poppler utilities/0.4.0
- version/poppler utilities/0.4.1
- version/poppler utilities/0.4.2
- version/poppler utilities/0.4.3
- version/poppler utilities/0.4.4
- version/poppler utilities/0.5.0
- version/poppler utilities/0.5.1
- version/poppler utilities/0.5.2
- version/poppler utilities/0.5.3
- version/poppler utilities/0.5.4
- version/poppler utilities/0.5.9
- version/poppler utilities/0.6.0
- version/poppler utilities/0.6.1
- version/poppler utilities/0.6.2
- version/poppler utilities/0.6.3
- version/poppler utilities/0.6.4
- version/poppler utilities/0.7.0
- version/poppler utilities/0.7.1
- version/poppler utilities/0.7.2
- version/poppler utilities/0.7.3
- version/poppler utilities/0.8.0
- version/poppler utilities/0.8.1
- version/poppler utilities/0.8.2
- version/poppler utilities/0.8.3
- version/poppler utilities/0.8.4
- version/poppler utilities/0.8.6
- version/poppler utilities/0.8.7
- version/poppler utilities/0.9.0
- version/poppler utilities/0.9.1
- version/poppler utilities/0.9.2
- version/poppler utilities/0.9.3
- version/poppler utilities/0.10.0
- version/poppler utilities/0.10.1
- version/poppler utilities/0.10.2
- version/poppler utilities/0.10.3
- version/poppler utilities/0.10.4
- version/poppler utilities/0.10.5
- version/poppler utilities/0.10.6
- version/poppler utilities/0.10.7
- version/poppler utilities/0.11.0
- version/poppler utilities/0.11.1
- version/poppler utilities/0.11.2
- version/poppler utilities/0.11.3
- vendor/glyph and cog
- canonical/glyph & cog pdftops
- vendor/gnome
- canonical/gnome gpdf
- vendor/kde
- canonical/kde kpdf
- vendor/tetex
- canonical/tetex