Bug 179424

Summary: CVE-2006-0301 PDF splash handling heap overflow (FC5 test2)
Product: [Fedora] Fedora Reporter: Mark J. Cox <mjc>
Component: popplerAssignee: Kristian Høgsberg <krh>
Status: CLOSED NOTABUG QA Contact:
Severity: high Docs Contact:
Priority: medium    
Version: 5CC: security-response-team
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard: impact=important,reported=20060126,source=vendorsec
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2006-02-09 20:23:29 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Mark J. Cox 2006-01-31 08:25:59 UTC 
+++ This bug was initially created as a clone of Bug #179054 +++

PDF splash handling heap overflow

Dirk Mueller told vendor-sec about a buffer overflow issue in the xpdf
codebase when handling splash images.

The proposed patch is attachment 123745 [details]

-- Additional comment from bressers on 2006-01-26 16:28 EST --
There is a repoducer for this issue in attachment 123746 [details]
Comment 1 Mark J. Cox 2006-02-06 09:22:31 UTC 
ping!  if fixed in rawhide please close this bug, otherwise please try to fix
this before FC5Test3 (Feb 13)
Comment 2 Kristian Høgsberg 2006-02-09 20:23:29 UTC 
This bug doesn't affect the rawhide build of poppler.  In rawhide, poppler use
the cairo rendering backend, so the problem doesn't affect that build.