oss-sec mailing list archives
Re: CVE request: xpdf
From: Michael Gilbert <michael.s.gilbert () gmail com>
Date: Wed, 2 Feb 2011 03:23:32 +0000
On Thu, Jan 20, 2011 at 11:15 PM, Dan Rosenberg wrote:
2. Malformed commands may cause corruption of the internal stack used to maintain graphics contexts, leading to potentially exploitable memory corruption. Fixed in poppler commit at [2], hopefully fixed soon at xpdf upstream.
Correct me if I'm wrong, but it looks like all versions of xpdf and poppler <= 0.12.x should not be affected by this issue (since graphics states are not tracked via stackheight in those versions). Also, according to redhat, poppler in rhel5 does not crash when tested with your poc. Would you be willing to share so we can test that? Best wishes, Mike
Current thread:
- CVE request: xpdf Dan Rosenberg (Jan 20)
- Re: CVE request: xpdf Josh Bressers (Jan 24)
- Re: CVE request: xpdf Michael Gilbert (Feb 01)
- Re: CVE request: xpdf Thomas Biege (Feb 08)
- Re: CVE request: xpdf Tomas Hoger (Feb 08)
- Re: CVE request: xpdf Thomas Biege (Feb 08)