Red Hat Bugzilla – Bug 488337
CVE-2009-0755 poppler/evince: DoS via crafted PDF file
Last modified: 2009-12-04 09:55:28 EST
Common Vulnerabilities and Exposures assigned an identifier CVE-2009-0755 to
the following vulnerability:
Reference: MLIST:[oss-security] 20090213 CVE Request: Poppler -Two Denial of Service Vulnerabilities
Reference: URL: http://www.openwall.com/lists/oss-security/2009/02/13/1
Reference: MLIST:[oss-security] 20090219 Re: CVE Request: Poppler -Two Denial of Service Vulnerabilities
Reference: URL: http://www.openwall.com/lists/oss-security/2009/02/19/2
Reference: MLIST:[poppler] 20090128 poppler/Form.cc
Reference: URL: http://lists.freedesktop.org/archives/poppler/2009-January/004406.html
Reference: CONFIRM: http://bugs.freedesktop.org/show_bug.cgi?id=19790
Reference: URL: http://secunia.com/advisories/33853
The FormWidgetChoice::loadDefaults function in Poppler before 0.10.4
allows remote attackers to cause a denial of service (crash) via a PDF
file with an invalid Form Opt entry.
Upstream commit is:
This causes out of bounds read and crash.
Affected code is not part of poppler shipped in Red Hat Enterprise Linux 5, any xpdf version (including latest upstream 3.02pl3), or any other xpdf-based reader shipped in Red Hat Enterprise Linux 3, 4, or 5.
Fedora 11 and later currently includes poppler 0.10.5 or later, which already contains the fix. This flaw only exists in Fedora 10 at the moment. So possible candidate for inclusion in future F10 poppler update, if any.
As noted above, this currently only affect poppler version in F10. As F10 will reach EOL soon and no other poppler update is planned for more important bug or security fix, this will remain unfixed in F10.