Lucene search

K

[email protected]NVD:CVE-2009-3938

HistoryNov 13, 2009 - 4:30 p.m.

CVE-2009-3938

2009-11-1316:30:00

CWE-119

[email protected]

web.nvd.nist.gov

7

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

7.6

Confidence

High

EPSS

0.027

Percentile

90.5%

Buffer overflow in the ABWOutputDev::endWord function in poppler/ABWOutputDev.cc in Poppler (aka libpoppler) 0.10.6, 0.12.0, and possibly other versions, as used by the Abiword pdftoabw utility, allows user-assisted remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted PDF file.

Affected configurations

Nvd

Node

popplerpopplerMatch0.10.6

OR

popplerpopplerMatch0.12.0

References

bugs.debian.org/cgi-bin/bugreport.cgi?bug=534680

bugs.freedesktop.org/attachment.cgi?id=30599&action=edit

bugs.freedesktop.org/show_bug.cgi?id=23074

secunia.com/advisories/37333

www.debian.org/security/2009/dsa-1941

www.mandriva.com/security/advisories?name=MDVSA-2011:175

www.securityfocus.com/bid/36976

www.vupen.com/english/advisories/2009/3227

exchange.xforce.ibmcloud.com/vulnerabilities/54215

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

7.6

Confidence

High

EPSS

0.027

Percentile

90.5%

Related for NVD:CVE-2009-3938

ubuntucve1 cvelist1 debiancve1 prion1 cve1 nessus8 openvas7 debian1 gentoo1