NuytsTech Security

CVE-2008-2950

by ·

The Page destructor in Page.cc in libpoppler in Poppler 0.8.4 and earlier deletes a pageWidgets object even if it is not initialized by a Page constructor, which allows remote attackers to execute arbitrary code via a crafted PDF document.

Date published : 2008-07-07

http://www.securityfocus.com/bid/30107

http://www.securityfocus.com/archive/1/493980/100/0/threaded

Tags: