CVE-2009-0755

EUVD-2009-0755
The FormWidgetChoice::loadDefaults function in Poppler before 0.10.4 allows remote attackers to cause a denial of service (crash) via a PDF file with an invalid Form Opt entry.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:N/I:N/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 95%
Affected Products (NVD)
VendorProductVersion
popplerpoppler
𝑥
≤ 0.10.3
popplerpoppler
0.1
popplerpoppler
0.1.1
popplerpoppler
0.1.2
popplerpoppler
0.2.0
popplerpoppler
0.3.0
popplerpoppler
0.3.1
popplerpoppler
0.3.2
popplerpoppler
0.3.3
popplerpoppler
0.4.0
popplerpoppler
0.4.1
popplerpoppler
0.4.2
popplerpoppler
0.4.3
popplerpoppler
0.4.4
popplerpoppler
0.5.0
popplerpoppler
0.5.1
popplerpoppler
0.5.2
popplerpoppler
0.5.3
popplerpoppler
0.5.4
popplerpoppler
0.5.9
popplerpoppler
0.5.90
popplerpoppler
0.5.91
popplerpoppler
0.6.0
popplerpoppler
0.6.1
popplerpoppler
0.6.2
popplerpoppler
0.6.3
popplerpoppler
0.6.4
popplerpoppler
0.7.0
popplerpoppler
0.7.1
popplerpoppler
0.7.2
popplerpoppler
0.7.3
popplerpoppler
0.8.4
popplerpoppler
0.10.1
popplerpoppler
0.10.2
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
poppler
bookworm
22.12.0-2
fixed
bullseye
20.09.0-3.1+deb11u1
fixed
bullseye (security)
20.09.0-3.1+deb11u1
fixed
etch
not-affected
lenny
no-dsa
sid
24.08.0-3
fixed
trixie
24.08.0-3
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
poppler
dapper
not-affected
gutsy
ignored
hardy
Fixed 0.6.4-1ubuntu3.3
released
intrepid
Fixed 0.8.7-1ubuntu0.4
released
jaunty
not-affected
References
http://bugs.freedesktop.org/show_bug.cgi?id=19790
http://lists.freedesktop.org/archives/poppler/2009-January/004406.html
http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html
http://secunia.com/advisories/33853
http://secunia.com/advisories/35685
http://secunia.com/advisories/37114
http://wiki.rpath.com/Advisories:rPSA-2009-0059
http://www.debian.org/security/2009/dsa-1941
http://www.openwall.com/lists/oss-security/2009/02/13/1
http://www.openwall.com/lists/oss-security/2009/02/19/2
http://www.securityfocus.com/archive/1/502761/100/0/threaded
http://www.securityfocus.com/bid/33749
http://www.ubuntu.com/usn/USN-850-1
http://bugs.freedesktop.org/show_bug.cgi?id=19790
http://lists.freedesktop.org/archives/poppler/2009-January/004406.html
http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html
http://secunia.com/advisories/33853
http://secunia.com/advisories/35685
http://secunia.com/advisories/37114
http://wiki.rpath.com/Advisories:rPSA-2009-0059
http://www.debian.org/security/2009/dsa-1941
http://www.openwall.com/lists/oss-security/2009/02/13/1
http://www.openwall.com/lists/oss-security/2009/02/19/2
http://www.securityfocus.com/archive/1/502761/100/0/threaded
http://www.securityfocus.com/bid/33749
http://www.ubuntu.com/usn/USN-850-1