New Search

The CairoFont::create function in CairoFontEngine.cc in Poppler possibly before 0.8.0 as used in Xpdf Evince ePDFview KWord and other applications does not properly handle embedded fonts in PDF files which allows remote attackers to execute arbitrary code via a crafted font object related to dereferencing a function pointer associated with the type of this font object.

oval:org.mitre.oval:def:11226

The CairoFont::create function in CairoFontEngine.cc in Poppler possibly before 0.8.0 as used in Xpdf Evince ePDFview KWord and other applications does not properly handle embedded fonts in PDF files which allows remote attackers to execute arbitrary code via a crafted font object related to dereferencing a function pointer associated with the type of this font object.

Family:
unix
Status:
ACCEPTED
Platform(s):
  • Oracle Linux 4
  • Red Hat Enterprise Linux 5
  • Oracle Linux 5
  • Red Hat Enterprise Linux 4
  • CentOS Linux 4
  • CentOS Linux 5
Class:
vulnerability
Reference(s):
  • CVE-2008-1693
Product(s):