This site is deprecated. Please
CLICK HERE for latest updates
Short Name |
HTTP:STC:ADOBE:PDF-DRAWIMG
|
Severity |
Major
|
Recommended |
No
|
Recommended Action |
Drop
|
Category |
HTTP
|
Keywords |
Xpdf Splash DrawImage Integer Overflow
|
Release Date |
2010/10/14
|
Update Number |
1792
|
Supported Platforms |
idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+
|
HTTP: Xpdf Splash DrawImage Integer Overflow
An integer overflow vulnerability exists in Xpdf. The vulnerability is due to lack of input validation when handling images within PDF documents. A remote attacker can exploit this vulnerability by enticing the target user to open a specially crafted PDF file with the affected application. Successful exploitation would allow for arbitrary code injection and execution with the privileges of the currently logged in user. In such a case, the behaviour of the target is dependent on the intention of the malicious code. In the case where code execution is not successful, the application could terminate abnormally.
Extended Description
Xpdf is prone to multiple integer-overflow vulnerabilities.
Exploiting these issues may allow remote attackers to execute arbitrary code in the context of an affected application or cause denial-of-service conditions.
Affected Products
- Adobe acrobat_reader_(for_linux) 9.1.1
- Avaya interactive_response 3.0
- Avaya interactive_response 4.0
- Avaya intuity_audix_lx 2.0
- Avaya intuity_audix_lx 2.0 SP1
- Avaya intuity_audix_lx 2.0 SP2
- Avaya message_networking 3.1
- Avaya message_networking 5.2
- Avaya message_networking 5.2.1
- Avaya messaging_storage_server 4.0
- Avaya messaging_storage_server 5.0
- Avaya messaging_storage_server 5.1
- Avaya messaging_storage_server 5.2
- Avaya messaging_storage_server 5.2 SP1
- Avaya proactive_contact 4.0
- Avaya proactive_contact 4.1
- Avaya proactive_contact 4.1.1
- Avaya proactive_contact 4.1.2
- Avaya proactive_contact 4.2
- Debian linux 5.0
- Debian linux 5.0 Alpha
- Debian linux 5.0 Amd64
- Debian linux 5.0 Arm
- Debian linux 5.0 Armel
- Debian linux 5.0 Hppa
- Debian linux 5.0 Ia-32
- Debian linux 5.0 Ia-64
- Debian linux 5.0 M68k
- Debian linux 5.0 Mips
- Debian linux 5.0 Mipsel
- Debian linux 5.0 Powerpc
- Debian linux 5.0 S/390
- Debian linux 5.0 Sparc
- Kde kde 3.0.0
- Kde kde 3.0.1
- Kde kde 3.0.2
- Kde kde 3.0.3
- Kde kde 3.0.3 A
- Kde kde 3.0.4
- Kde kde 3.0.5
- Kde kde 3.0.5 A
- Kde kde 3.0.5 B
- Kde kde 3.1.0
- Kde kde 3.1.1
- Kde kde 3.1.1 A
- Kde kde 3.1.2
- Kde kde 3.1.3
- Kde kde 3.1.4
- Kde kde 3.1.5
- Kde kde 3.2.0
- Kde kde 3.2.1
- Kde kde 3.2.2
- Kde kde 3.2.3
- Kde kde 3.3.0
- Kde kde 3.3.1
- Kde kde 3.3.2
- Kde kde 3.4.0
- Kde kde 3.4.1
- Kde kde 3.4.2
- Kde kde 3.4.3
- Kde kde 3.5.0
- Kde kde 3.5.1
- Kde kde 3.5.2
- Kde kde 3.5.3
- Kde kde 3.5.4
- Kde kde 3.5.5
- Kde kde 3.5.6
- Kde kde 3.5.7
- Kde kde 3.5.8
- Kde kde 3.5.9
- Mandriva corporate_server 3.0.0
- Mandriva corporate_server 3.0.0 X86 64
- Mandriva corporate_server 4.0
- Mandriva corporate_server 4.0.0 X86 64
- Mandriva enterprise_server 5
- Mandriva enterprise_server 5 X86 64
- Mandriva linux_mandrake 2008.0
- Mandriva linux_mandrake 2008.0 X86 64
- Mandriva linux_mandrake 2009.0
- Mandriva linux_mandrake 2009.0 X86 64
- Mandriva linux_mandrake 2009.1
- Mandriva linux_mandrake 2009.1 X86 64
- Mandriva linux_mandrake 2010.0
- Mandriva linux_mandrake 2010.0 X86 64
- Mandriva multi_network_firewall 2.0.0
- Openoffice sun_pdf_import_extension 1.0
- Pardus linux_2009
- Pdfedit pdfedit 0.3.1
- Pdfedit pdfedit 0.3.2
- Pdfedit pdfedit 0.4.2
- Pdfedit pdfedit 0.4.3
- Poppler poppler 0.10.3
- Poppler poppler 0.10.4
- Poppler poppler 0.10.6
- Poppler poppler 0.3.2
- Poppler poppler 0.4.1
- Poppler poppler 0.4.2
- Poppler poppler 0.4.5
- Poppler poppler 0.5.1
- Poppler poppler 0.5.3
- Poppler poppler 0.5.4
- Poppler poppler 0.8.0
- Poppler poppler 0.8.4
- Red_hat desktop 3.0.0
- Red_hat desktop 4.0.0
- Red_hat enterprise_linux 5 Server
- Red_hat enterprise_linux Desktop Version 4
- Red_hat enterprise_linux_as 3
- Red_hat enterprise_linux_as 4
- Red_hat enterprise_linux_desktop 5 Client
- Red_hat enterprise_linux_desktop_workstation 5 Client
- Red_hat enterprise_linux_es 3
- Red_hat enterprise_linux_es 4
- Red_hat enterprise_linux_optional_productivity_application 5 Server
- Red_hat enterprise_linux_ws 3
- Red_hat enterprise_linux_ws 4
- Red_hat fedora 10
- Red_hat fedora 11
- Red_hat fedora 12
- Red_hat fedora 13
- Slackware linux 10.0.0
- Slackware linux 10.1.0
- Slackware linux 10.2.0
- Slackware linux 11.0
- Slackware linux 12.0
- Slackware linux 12.1
- Slackware linux 12.2
- Slackware linux 13.0
- Slackware linux 13.0 X86 64
- Slackware linux 9.1.0
- Slackware linux -Current
- Slackware linux X86 64 -Current
- Sun opensolaris Build Snv 01
- Sun opensolaris Build Snv 02
- Sun opensolaris Build Snv 100
- Sun opensolaris Build Snv 101
- Sun opensolaris Build Snv 101A
- Sun opensolaris Build Snv 102
- Sun opensolaris Build Snv 103
- Sun opensolaris Build Snv 104
- Sun opensolaris Build Snv 105
- Sun opensolaris Build Snv 106
- Sun opensolaris Build Snv 107
- Sun opensolaris Build Snv 108
- Sun opensolaris Build Snv 109
- Sun opensolaris Build Snv 110
- Sun opensolaris Build Snv 111
- Sun opensolaris Build Snv 111A
- Sun opensolaris Build Snv 112
- Sun opensolaris Build Snv 113
- Sun opensolaris Build Snv 114
- Sun opensolaris Build Snv 115
- Sun opensolaris Build Snv 116
- Sun opensolaris Build Snv 117
- Sun opensolaris Build Snv 118
- Sun opensolaris Build Snv 119
- Sun opensolaris Build Snv 120
- Sun opensolaris Build Snv 121
- Sun opensolaris Build Snv 122
- Sun opensolaris Build Snv 123
- Sun opensolaris Build Snv 124
- Sun opensolaris Build Snv 125
- Sun opensolaris Build Snv 126
- Sun opensolaris Build Snv 127
- Sun opensolaris Build Snv 128
- Sun opensolaris Build Snv 129
- Sun opensolaris Build Snv 13
- Sun opensolaris Build Snv 19
- Sun opensolaris Build Snv 22
- Sun opensolaris Build Snv 28
- Sun opensolaris Build Snv 29
- Sun opensolaris Build Snv 36
- Sun opensolaris Build Snv 37
- Sun opensolaris Build Snv 38
- Sun opensolaris Build Snv 39
- Sun opensolaris Build Snv 41
- Sun opensolaris Build Snv 45
- Sun opensolaris Build Snv 47
- Sun opensolaris Build Snv 48
- Sun opensolaris Build Snv 49
- Sun opensolaris Build Snv 50
- Sun opensolaris Build Snv 51
- Sun opensolaris Build Snv 54
- Sun opensolaris Build Snv 57
- Sun opensolaris Build Snv 58
- Sun opensolaris Build Snv 59
- Sun opensolaris Build Snv 61
- Sun opensolaris Build Snv 64
- Sun opensolaris Build Snv 67
- Sun opensolaris Build Snv 68
- Sun opensolaris Build Snv 76
- Sun opensolaris Build Snv 77
- Sun opensolaris Build Snv 78
- Sun opensolaris Build Snv 80
- Sun opensolaris Build Snv 81
- Sun opensolaris Build Snv 82
- Sun opensolaris Build Snv 83
- Sun opensolaris Build Snv 84
- Sun opensolaris Build Snv 85
- Sun opensolaris Build Snv 86
- Sun opensolaris Build Snv 87
- Sun opensolaris Build Snv 88
- Sun opensolaris Build Snv 89
- Sun opensolaris Build Snv 90
- Sun opensolaris Build Snv 91
- Sun opensolaris Build Snv 92
- Sun opensolaris Build Snv 93
- Sun opensolaris Build Snv 94
- Sun opensolaris Build Snv 95
- Sun opensolaris Build Snv 96
- Sun opensolaris Build Snv 98
- Sun opensolaris Build Snv 99
- Sun solaris 10 Sparc
- Sun solaris 10 X86
- Suse linux 10.0
- Suse linux 11
- Suse linux 9
- Suse opensuse 10.3
- Suse opensuse 11.0
- Suse opensuse 11.1
- Suse opensuse 11.2
- Suse suse_linux_enterprise 10
- Suse suse_linux_enterprise_desktop 10
- Suse suse_linux_enterprise_desktop 10 SP1
- Suse suse_linux_enterprise_desktop 10 SP2
- Suse suse_linux_enterprise_desktop 10 SP3
- Suse suse_linux_enterprise_desktop 11
- Suse suse_linux_enterprise_server 10
- Suse suse_linux_enterprise_server 10 SP1
- Suse suse_linux_enterprise_server 10 SP2
- Suse suse_linux_enterprise_server 10 SP3
- Suse suse_linux_enterprise_server 11
- Ubuntu ubuntu_linux 6.06 LTS Amd64
- Ubuntu ubuntu_linux 6.06 LTS I386
- Ubuntu ubuntu_linux 6.06 LTS Powerpc
- Ubuntu ubuntu_linux 6.06 LTS Sparc
- Ubuntu ubuntu_linux 8.04 LTS Amd64
- Ubuntu ubuntu_linux 8.04 LTS I386
- Ubuntu ubuntu_linux 8.04 LTS Lpia
- Ubuntu ubuntu_linux 8.04 LTS Powerpc
- Ubuntu ubuntu_linux 8.04 LTS Sparc
- Ubuntu ubuntu_linux 8.10 Amd64
- Ubuntu ubuntu_linux 8.10 I386
- Ubuntu ubuntu_linux 8.10 Lpia
- Ubuntu ubuntu_linux 8.10 Powerpc
- Ubuntu ubuntu_linux 8.10 Sparc
- Ubuntu ubuntu_linux 9.04 Amd64
- Ubuntu ubuntu_linux 9.04 I386
- Ubuntu ubuntu_linux 9.04 Lpia
- Ubuntu ubuntu_linux 9.04 Powerpc
- Ubuntu ubuntu_linux 9.04 Sparc
- Ubuntu ubuntu_linux 9.10 Amd64
- Ubuntu ubuntu_linux 9.10 I386
- Ubuntu ubuntu_linux 9.10 Lpia
- Ubuntu ubuntu_linux 9.10 Powerpc
- Ubuntu ubuntu_linux 9.10 Sparc
- Xpdf xpdf 3.0.0 0
- Xpdf xpdf 3.0.0 1
- Xpdf xpdf 3.0.0 1Pl1
- Xpdf xpdf 3.0.0 Pl2
- Xpdf xpdf 3.0.0 Pl3
- Xpdf xpdf 3.01
- Xpdf xpdf 3.0.1 (Patch 2)
- Xpdf xpdf 3.02
- Xpdf xpdf 3.02Pl1
- Xpdf xpdf 3.02Pl2
- Xpdf xpdf 3.02Pl3
References