|
|
Log in / Subscribe / Register

htmldoc: buffer overflow

Package(s):htmldoc CVE #(s):CVE-2009-3050
Created:September 11, 2009 Updated:January 12, 2010
Description: From the Mandriva advisory: Buffer overflow in the set_page_size function in util.cxx in HTMLDOC 1.8.27 and earlier allows context-dependent attackers to execute arbitrary code via a long MEDIA SIZE comment. NOTE: it was later reported that there were additional vectors in htmllib.cxx and ps-pdf.cxx using an AFM font file with a long glyph name, but these vectors do not cross privilege boundaries.
Alerts:
SuSE SUSE-SR:2009:020 apache2-mod_jk, cacti, cups, expat, finch/pidgin, htmldoc, kdelibs3/kdelibs4, libpoppler/poppler, lighttpd, opera, perl-HTML-Parser, pyxml, seamonkey, wireshark/ethereal, xntp, zope/zope3 2010-01-12
Mandriva MDVSA-2009:231-1 htmldoc 2009-12-07
Gentoo 200909-12 htmldoc 2009-09-12
Mandriva MDVSA-2009:231 htmldoc 2009-09-11
to post comments


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds