« Sun Alert 266908... | Main | Sun Alert 265908 A... »
13 Oct 2009 Sun Alert 269008 Multiple Security Vulnerabilities in the JBIG2 Decoder in the OpenSolaris GNOME PDF Viewer may Lead to Execution of Arbitrary Code
posted by chandan in Alerts
Product: OpenSolaris

Multiple security vulnerabilities in the JBIG2 decoding feature in the Poppler PDF Rendering Library (libpoppler) may allow a local or remote unprivileged user to cause the OpenSolaris GNOME PDF Viewer (Evince) to crash and potentially execute arbitrary code with the privileges of the user running the application, when the user has loaded a specially crafted PDF file.

These issues are also referenced in the following documents:

CVE-2009-0165 at: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0165
CVE-2009-0146 at: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0146
CVE-2009-0147 at: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0147
CVE-2009-0166 at: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0166
CVE-2009-1187 at: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1187
CVE-2009-1188 at: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1188

Sun acknowledges with thanks, Braden Thomas and Drew Yao of Apple Product Security for bringing the issues described in CVE-2009-0165, CVE-2009-0146, CVE-2009-0147 and CVE-2009-0166 to our attention.

State: Resolved
First released: 13-Oct-2009
Sun Alert Link: http://sunsolve.sun.com/search/document.do?assetkey=1-66-269008-1
Permalink |
Comments:

Post a Comment:

Comments are closed for this entry.

« Sun Alert 266908... | Main | Sun Alert 265908 A... »

Sun Certified Security Administrator

Download Solaris
Patches and Updates
Download Solaris Security Toolkit

« November 2009
SunMonTueWedThuFriSat
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
     
       
Today


Company Info   |   Contact   |   Terms of Use   |   Privacy   |   Trademarks   |   Copyright 2008 Sun Microsystems, Inc.