MDVSA-2009:068-1 -- Mandriva popplerID: oval:org.secpod.oval:def:300913 | Date: (C)2012-01-07 (M)2023-11-09 |
Class: PATCH | Family: unix |
A crafted PDF file that triggers a parsing error allows remote attackers to cause definal of service. This bug is consequence of a wrong processing on FormWidgetChoice::loadDefaults method . A crafted PDF file that triggers a parsing error allows remote attackers to cause definal of service. This bug is consequence of an invalid memory dereference on JBIG2SymbolDict::~JBIG2SymbolDict destructor when JBIG2Stream::readSymbolDictSeg method is used . This update provides fixes for those vulnerabilities. This update does not apply for CVE-2009-0755 under Corporate Server 4.0 libpoppler0-0.4.1-3.7.20060mlcs4. Update: The previous packages were not signed, this new update fixes that issue.
Platform: |
Mandriva Linux 2009.0 |
Mandriva Linux 2008.1 |
Mandriva Linux 2008.0 |