CVE-2009-4035 — Vulnetix

Try Vulnetix Request Demo

CVE-2009-4035 PUBLISHED CVSS 9.300000190734863 CRITICAL

The FoFiType1::parse function in fofi/FoFiType1.cc in Xpdf 3.0.0, gpdf 2.8.2, kpdf in kdegraphics 3.3.1, and possibly other libraries and versions, does not check the return value of the getNextLine function, which allows context-dependent attackers to execute arbitrary code via a PDF file with a crafted Type 1 font that can produce a negative value, leading to a signed-to-unsigned integer conversion error and a buffer overflow.

EPSS 2.45% · 85.1th percentile

Risk Scores

CVSS v2.0

9.300000190734863

EPSS Score

2.45%

85.1th percentile

Affected Products

Vendor	Product	Versions
n/a	n/a	n/a
gnome	gpdf	2.8.2
xpdf	xpdf	3.0.0
kde	kdegraphics	3.3.1
kde	kpdf	3.3.1

Timeline

Dec 21, 2009 CVE Published
Feb 4, 2022 EPSS Score
Mar 28, 2022 EPSS Score
May 19, 2022 EPSS Score
Jul 10, 2022 EPSS Score
Oct 23, 2022 EPSS Score
Dec 14, 2022 EPSS Score
Feb 4, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Mar 28, 2023 EPSS Score
May 19, 2023 EPSS Score
Jul 10, 2023 EPSS Score

References

1023356 vdb
RHSA-2009:1680 vendor-advisory
37350 vdb
http://cgit.freedesktop.org/poppler/poppler/tree/fofi/FoFiType1.cc?id=4b4fc5c017bf147c9069bbce32fc14467bd2a81a url
37787 third-party-advisory
37793 third-party-advisory
xpdf-fofitype1parse-bo(54831) vdb
37781 third-party-advisory
RHSA-2009:1682 vendor-advisory
oval:org.mitre.oval:def:10996 vdb
SUSE-SR:2010:003 vendor-advisory
http://cgit.freedesktop.org/poppler/poppler/diff/fofi/FoFiType1.cc?id=4b4fc5c0 url
RHSA-2009:1681 vendor-advisory
37641 third-party-advisory
https://bugzilla.redhat.com/show_bug.cgi?id=541614 url
ADV-2009-3555 vdb
https://nvd.nist.gov/vuln/detail/CVE-2009-4035 advisory

Open in Interactive Console →