CVE-2008-2950

Current Description

The Page destructor in Page.cc in libpoppler in Poppler 0.8.4 and earlier deletes a pageWidgets object even if it is not initialized by a Page constructor, which allows remote attackers to execute arbitrary code via a crafted PDF document.

Basic Data

PublishedJuly 07, 2008
Last ModifiedOctober 11, 2018
Assignercve@mitre.org
Data TypeCVE
Data FormatMITRE
Data Version4.0
Problem TypeCWE-94
CVE Data Version4.0

Base Metric V2

CVSS 2 - Version2.0
CVSS 2 - Vector StringAV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS 2 - Access VectorNETWORK
CVSS 2 - Access ComplexityLOW
CVSS 2 - AuthenticationNONE
CVSS 2 - Confidentiality ImpactPARTIAL
CVSS 2 - Availability ImpactPARTIAL
CVSS 2 - Base Score7.5
SeverityHIGH
Exploitability Score10.0
Impact Score6.4
Obtain All Privilegefalse
Obtain User Privilegefalse
Obtain Other Privilegetrue

Base Metric V3

No data provided.

Configurations

  • OR - Configuration 1
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3ApplicationPopplerPoppler********0.8.4

Vulnerable Software List

VendorProductVersions
Poppler Poppler *

References

NameSourceURLTags
SUSE-SR:2008:015http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00006.htmlSUSE
30963http://secunia.com/advisories/30963SECUNIA
31002http://secunia.com/advisories/31002SECUNIA
31167http://secunia.com/advisories/31167SECUNIA
31267http://secunia.com/advisories/31267SECUNIA
31405http://secunia.com/advisories/31405SECUNIA
GLSA-200807-04http://security.gentoo.org/glsa/glsa-200807-04.xmlGENTOO
3977http://securityreason.com/securityalert/3977SREASON
http://wiki.rpath.com/Advisories:rPSA-2008-0223http://wiki.rpath.com/Advisories:rPSA-2008-0223CONFIRM
MDVSA-2008:146http://www.mandriva.com/security/advisories?name=MDVSA-2008:146MANDRIVA
http://www.ocert.org/advisories/ocert-2008-007.htmlhttp://www.ocert.org/advisories/ocert-2008-007.htmlMISC
20080707 [oCERT-2008-007] libpoppler uninitialized pointerhttp://www.securityfocus.com/archive/1/493980/100/0/threadedBUGTRAQ
20080709 rPSA-2008-0223-1 popplerhttp://www.securityfocus.com/archive/1/494142/100/0/threadedBUGTRAQ
30107http://www.securityfocus.com/bid/30107BID
1020435http://www.securitytracker.com/id?1020435SECTRACK
USN-631-1http://www.ubuntu.com/usn/usn-631-1UBUNTU
ADV-2008-2024http://www.vupen.com/english/advisories/2008/2024/referencesVUPEN
poppler-page-destructor-code-execution(43619)https://exchange.xforce.ibmcloud.com/vulnerabilities/43619XF
6032https://www.exploit-db.com/exploits/6032EXPLOIT-DB
FEDORA-2008-7104https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00161.htmlFEDORA