CVE-2008-1693

NameCVE-2008-1693
DescriptionThe CairoFont::create function in CairoFontEngine.cc in Poppler, possibly before 0.8.0, as used in Xpdf, Evince, ePDFview, KWord, and other applications, does not properly handle embedded fonts in PDF files, which allows remote attackers to execute arbitrary code via a crafted font object, related to dereferencing a function pointer associated with the type of this font object.
SourceCVE (at NVD; LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SuSE, Mageia, GitHub code/issues, web search, more)
ReferencesDSA-1548-1, DSA-1606-1
NVD severitymedium (attack range: remote)
Debian Bugs476842

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
poppler (PTS)wheezy0.18.4-6fixed
wheezy (security)0.18.4-6+deb7u1fixed
jessie0.26.5-2fixed
stretch, sid0.38.0-3fixed
swftools (PTS)wheezy0.9.2+ds1-3fixed
jessie0.9.2+git20130725-2fixed
stretch, sid0.9.2+git20130725-4fixed
texlive-base (PTS)wheezy2012.20120611-5fixed
jessie2014.20141024-2fixed
stretch, sid2015.20160320-1fixed
texlive-bin (PTS)wheezy2012.20120628-4fixed
jessie2014.20140926.35254-6fixed
stretch, sid2015.20160222.37495-1fixed
xpdf (PTS)wheezy3.03-10fixed
jessie3.03-17fixed
stretch, sid3.04-1fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
kdegraphicssource(unstable)(not affected)
popplersource(unstable)0.6.4-1medium476842
popplersourceetch0.4.5-5.1etch3mediumDSA-1606-1
swftoolssource(unstable)(not affected)
texlive-basesource(unstable)(not affected)
texlive-binsource(unstable)(not affected)
xpdfsource(unstable)3.02medium
xpdfsourceetch3.01-9.1+etch3mediumDSA-1548-1

Notes

- kdegraphics <not-affected> (Vulnerable code not present)
- texlive-bin <not-affected> (code already has the needed fix)
see GfxFont.cc GfxFont::readEmbFontFile, line 362 checks if the font file is
a stream or not. Anyone knows a fixed version?
- texlive-base <not-affected> (Vulnerable code not present)
- swftools <not-affected> (Vulnerable file/code not present)

Search for package or bug name: Reporting problems