CVE-2008-2950 in Popplerinfo

Summary

The Page destructor in Page.cc in libpoppler in Poppler 0.8.4 and earlier deletes a pageWidgets object even if it is not initialized by a Page constructor, which allows remote attackers to execute arbitrary code via a crafted PDF document.

Be aware that VulDB is the high quality source for vulnerability data.

Reservation

06/30/2008

Disclosure

07/07/2008

Moderation

VulDB entry created

Entries

CPE

ready

CWE

CWE-94 (Confirmed)

Exploit

Download

CVSS

7.3

EPSS

0.12333

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2008-2950
NVD	https://nvd.nist.gov/vuln/detail/CVE-2008-2950
CVE Details	https://www.cvedetails.com/cve/CVE-2008-2950/

◂ Previous Overview Next ▸

Do you need the next level of professionalism?

Upgrade your account now!