Poppler CVE-2013-1788 Multiple Memory Corruption Vulnerabilities

Poppler is prone to multiple memory-corruption when handling malformed PDF files.

Successfully exploiting these issues allows remote attackers to execute arbitrary code in the context of the user, which may trigger an 'invalid memory access' error. Failed exploits may result in denial-of-service conditions.

Note: These issues were previously discussed in BID 58198 (Poppler Multiple Denial of Service and Memory Corruption Vulnerabilities), but have been moved to their own record to better document them.

Poppler versions prior to 0.22.1 are vulnerable.


 

Privacy Statement
Copyright 2010, SecurityFocus