CVE-2008-1693

Published Apr 18, 2008

Last updated 7 years ago

CVSS info 6.8

Overview

Description: The CairoFont::create function in CairoFontEngine.cc in Poppler, possibly before 0.8.0, as used in Xpdf, Evince, ePDFview, KWord, and other applications, does not properly handle embedded fonts in PDF files, which allows remote attackers to execute arbitrary code via a crafted font object, related to dereferencing a function pointer associated with the type of this font object.
Source: security@ubuntu.com
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 6.8
Impact score: 6.4
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: CWE-20

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:poppler:poppler:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "310194C7-8370-4EB6-B4CF-C8EE2A8E55DF",
            "versionEndIncluding": "0.7.3"
          },
          {
            "criteria": "cpe:2.3:a:poppler:poppler:0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E23EBF88-10DE-4EA6-9F0E-F33C88541F65"
          },
          {
            "criteria": "cpe:2.3:a:poppler:poppler:0.1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "54F75CFD-3523-4017-992C-4FA6406D49F2"
          },
          {
            "criteria": "cpe:2.3:a:poppler:poppler:0.1.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DB116A19-6436-40BE-B5C6-32C22D888B9A"
          },
          {
            "criteria": "cpe:2.3:a:poppler:poppler:0.2.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8A4C1429-593B-47B6-AC84-832F2296FAB5"
          },
          {
            "criteria": "cpe:2.3:a:poppler:poppler:0.3.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "18240BA6-3390-4925-AC25-DA4C42397CF7"
          },
          {
            "criteria": "cpe:2.3:a:poppler:poppler:0.3.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3090A142-2240-4A8D-A122-C037931A277C"
          },
          {
            "criteria": "cpe:2.3:a:poppler:poppler:0.3.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EFD63240-4599-4212-8AF2-7C4089CA9D28"
          },
          {
            "criteria": "cpe:2.3:a:poppler:poppler:0.3.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3C7EE965-EE3F-4B17-AF38-FA3AA0B11164"
          },
          {
            "criteria": "cpe:2.3:a:poppler:poppler:0.4.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7BE488E5-B3D9-4723-ABBA-A8753EC2DA2D"
          },
          {
            "criteria": "cpe:2.3:a:poppler:poppler:0.4.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1259C59E-517F-40BE-8BA6-01AB76257C9A"
          },
          {
            "criteria": "cpe:2.3:a:poppler:poppler:0.4.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "63C92F1C-3005-4EA6-B9C0-2BC2E3D611D6"
          },
          {
            "criteria": "cpe:2.3:a:poppler:poppler:0.4.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "576152B4-9ACD-4C4E-B423-4A5EF44332D0"
          },
          {
            "criteria": "cpe:2.3:a:poppler:poppler:0.4.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "322F9E62-6A74-4805-8F6B-9C61739B2D4E"
          },
          {
            "criteria": "cpe:2.3:a:poppler:poppler:0.5.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F51C453F-6A87-49FB-83F6-22316F28161F"
          },
          {
            "criteria": "cpe:2.3:a:poppler:poppler:0.5.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "75F532F0-6653-4275-A85A-BD9A9A611E96"
          },
          {
            "criteria": "cpe:2.3:a:poppler:poppler:0.5.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4CC7300E-0CBE-47FD-A241-B4B4F0164EBB"
          },
          {
            "criteria": "cpe:2.3:a:poppler:poppler:0.5.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "255102DA-A2C0-4795-9539-B4CBD587554A"
          },
          {
            "criteria": "cpe:2.3:a:poppler:poppler:0.5.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "349B06F1-772A-4A12-A7B9-EA220ED96D2C"
          },
          {
            "criteria": "cpe:2.3:a:poppler:poppler:0.5.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B779800A-FF4B-47DD-B56F-77D10D6A335C"
          },
          {
            "criteria": "cpe:2.3:a:poppler:poppler:0.5.91:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0B304657-740A-4F8D-99CD-22E283FEE6F1"
          },
          {
            "criteria": "cpe:2.3:a:poppler:poppler:0.6.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "178680C2-DB1B-4250-9B6E-6ADABA60DE44"
          },
          {
            "criteria": "cpe:2.3:a:poppler:poppler:0.6.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FCA9036F-92DA-45C2-9FBC-DE03444D34F1"
          },
          {
            "criteria": "cpe:2.3:a:poppler:poppler:0.6.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B6855B98-DAA2-4850-A765-2F4D6D93A424"
          },
          {
            "criteria": "cpe:2.3:a:poppler:poppler:0.6.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4743EC55-B61D-4C1A-9ED7-060268F2DB27"
          },
          {
            "criteria": "cpe:2.3:a:poppler:poppler:0.6.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8CD4454E-3D2B-4582-B5E5-0317A6417654"
          },
          {
            "criteria": "cpe:2.3:a:poppler:poppler:0.7.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "96402B67-A7A8-44E3-914E-A10A69FAD735"
          },
          {
            "criteria": "cpe:2.3:a:poppler:poppler:0.7.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "66C608C8-F382-4D6B-A638-98763C1CBB66"
          },
          {
            "criteria": "cpe:2.3:a:poppler:poppler:0.7.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "21F0F4E0-91B7-4B1F-BFA9-829101A7F90A"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References