CVE-2009-4035 | Date: (C)2009-12-21 (M)2023-12-22 |
The FoFiType1::parse function in fofi/FoFiType1.cc in Xpdf 3.0.0, gpdf 2.8.2, kpdf in kdegraphics 3.3.1, and possibly other libraries and versions, does not check the return value of the getNextLine function, which allows context-dependent attackers to execute arbitrary code via a PDF file with a crafted Type 1 font that can produce a negative value, leading to a signed-to-unsigned integer conversion error and a buffer overflow.
CVSS Score and Metrics +CVSS Score and Metrics -CVSS V2 Severity: |
CVSS Score : 9.3 |
Exploit Score: 8.6 |
Impact Score: 10.0 |
|
CVSS V2 Metrics: |
Access Vector: NETWORK |
Access Complexity: MEDIUM |
Authentication: NONE |
Confidentiality: COMPLETE |
Integrity: COMPLETE |
Availability: COMPLETE |
| |