CVE-2008-1693

NameCVE-2008-1693
DescriptionThe CairoFont::create function in CairoFontEngine.cc in Poppler, possibly before 0.8.0, as used in Xpdf, Evince, ePDFview, KWord, and other applications, does not properly handle embedded fonts in PDF files, which allows remote attackers to execute arbitrary code via a crafted font object, related to dereferencing a function pointer associated with the type of this font object.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)
ReferencesDSA-1548-1, DSA-1606-1
NVD severitymedium
Debian Bugs476842

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
poppler (PTS)stretch0.48.0-2+deb9u2fixed
stretch (security)0.48.0-2+deb9u4fixed
buster0.71.0-5fixed
bullseye, sid20.09.0-3.1fixed
swftools (PTS)stretch0.9.2+git20130725-4.1fixed
texlive-base (PTS)stretch2016.20170123-5fixed
buster2018.20190227-2fixed
bullseye, sid2020.20210202-3fixed
texlive-bin (PTS)stretch (security), stretch2016.20160513.41080.dfsg-2+deb9u1fixed
buster2018.20181218.49446-1fixed
bullseye, sid2020.20200327.54578-7fixed
xpdf (PTS)stretch3.04-4fixed
buster3.04-13fixed
bullseye, sid3.04+git20210103-3fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
kdegraphicssource(unstable)(not affected)
popplersourceetch0.4.5-5.1etch3DSA-1606-1
popplersource(unstable)0.6.4-1476842
swftoolssource(unstable)(not affected)
texlive-basesource(unstable)(not affected)
texlive-binsource(unstable)(not affected)
xpdfsourceetch3.01-9.1+etch3DSA-1548-1
xpdfsource(unstable)3.02

Notes

- kdegraphics <not-affected> (Vulnerable code not present)
- texlive-bin <not-affected> (code already has the needed fix)
see GfxFont.cc GfxFont::readEmbFontFile, line 362 checks if the font file is
a stream or not. Anyone knows a fixed version?
- texlive-base <not-affected> (Vulnerable code not present)
- swftools <not-affected> (Vulnerable file/code not present)

Search for package or bug name: Reporting problems