An integer overflow was found in poppler's CairoOutputDev::drawImage
method. A malicious PDF file could cause poppler to execute with
permissions of the user calling the library.
Will Dormann of the CERT/CC created the extensive testsuite for the JBIG2
decoder in various PDF libraries that found this flaw.
Red Hat would like to thank Will Dormann of the CERT/CC for responsibly reporting this flaw.
Integer overflow in the JBIG2 decoding feature in Poppler before
0.10.6 allows remote attackers to cause a denial of service (crash)
and possibly execute arbitrary code via vectors related to
This issue has been addressed in following products:
Red Hat Enterprise Linux 5
Via RHSA-2009:0480 https://rhn.redhat.com/errata/RHSA-2009-0480.html