An integer overflow was found in poppler's CairoOutputDev::drawImage method. A malicious PDF file could cause poppler to execute with permissions of the user calling the library. Will Dormann of the CERT/CC created the extensive testsuite for the JBIG2 decoder in various PDF libraries that found this flaw. Acknowledgements: Red Hat would like to thank Will Dormann of the CERT/CC for responsibly reporting this flaw.
CVE-2009-1187: Integer overflow in the JBIG2 decoding feature in Poppler before 0.10.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to CairoOutputDev (CairoOutputDev.cc).
This issue has been addressed in following products: Red Hat Enterprise Linux 5 Via RHSA-2009:0480 https://rhn.redhat.com/errata/RHSA-2009-0480.html