Description
Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, as used in Poppler and other products, when running on Mac OS X, has unspecified impact, related to "g*allocn."
Affected products
- foolabs / xpdf0.5a – 0.5a
- foolabs / xpdf0.7a – 0.7a
- foolabs / xpdf0.91a – 0.91a
- foolabs / xpdf0.91b – 0.91b
- foolabs / xpdf0.91c – 0.91c
- foolabs / xpdf0.92a – 0.92a
- foolabs / xpdf0.92b – 0.92b
- foolabs / xpdf0.92c – 0.92c
- foolabs / xpdf0.92d – 0.92d
- foolabs / xpdf0.92e – 0.92e
- foolabs / xpdf0.93a – 0.93a
- foolabs / xpdf0.93b – 0.93b
- foolabs / xpdf0.93c – 0.93c
- foolabs / xpdf1.00a – 1.00a
- foolabs / xpdf3.0.1 – 3.0.1
- glyphandcog / xpdfreader3.02
- glyphandcog / xpdfreader0.2 – 0.2
- glyphandcog / xpdfreader0.3 – 0.3
- glyphandcog / xpdfreader0.4 – 0.4
- glyphandcog / xpdfreader0.5 – 0.5
- glyphandcog / xpdfreader0.6 – 0.6
- glyphandcog / xpdfreader0.7 – 0.7
- glyphandcog / xpdfreader0.80 – 0.80
- glyphandcog / xpdfreader0.90 – 0.90
- glyphandcog / xpdfreader0.91 – 0.91
- glyphandcog / xpdfreader0.92 – 0.92
- glyphandcog / xpdfreader0.93 – 0.93
- glyphandcog / xpdfreader1.00 – 1.00
- glyphandcog / xpdfreader1.01 – 1.01
- glyphandcog / xpdfreader2.00 – 2.00
- glyphandcog / xpdfreader2.01 – 2.01
- glyphandcog / xpdfreader2.02 – 2.02
- glyphandcog / xpdfreader2.03 – 2.03
- glyphandcog / xpdfreader3.00 – 3.00
- glyphandcog / xpdfreader3.01 – 3.01
References
- VENDOR_ADVISORYhttp://www.debian.org/security/2009/dsa-1793
- VENDOR_ADVISORYhttp://support.apple.com/kb/HT3639
- VENDOR_ADVISORYhttp://www.debian.org/security/2009/dsa-1790
- VENDOR_ADVISORYhttp://secunia.com/advisories/35037
- VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2009/1621
- VENDOR_ADVISORYhttp://support.apple.com/kb/HT3549
- MISChttp://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.578477
- MISChttp://bugs.gentoo.org/show_bug.cgi?id=263028
- VENDOR_ADVISORYhttp://secunia.com/advisories/35074
- MAILING_LISThttp://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html
- MAILING_LISThttp://lists.apple.com/archives/security-announce/2009/May/msg00002.html
- VENDOR_ADVISORYhttp://secunia.com/advisories/35065
- MISChttp://www.securityfocus.com/bid/34568
- MAILING_LISThttp://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html
- VENDOR_ADVISORYhttp://secunia.com/advisories/34991
- VENDOR_ADVISORYhttp://www.mandriva.com/security/advisories?name=MDVSA-2009:101
- MAILING_LISThttp://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html
- MISChttp://www.us-cert.gov/cas/techalerts/TA09-133A.html
- VENDOR_ADVISORYhttp://secunia.com/advisories/35685
- VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2009/1297
- MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/50377
- VENDOR_ADVISORYhttp://secunia.com/advisories/34852
- MAILING_LISThttp://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html
- VENDOR_ADVISORYhttp://secunia.com/advisories/34959
Updated 45m ago · 2 sources