Update Protection against Xpdf Splash DrawImage Integer Overflow Vulnerability
| Check Point Reference: | CPAI-2009-299 | |
| Date Published: | ||
| Severity: | ||
| Source: | Secunia Advisory: SA37053 | |
| Industry Reference(s): | CVE-2009-3604 | |
| Protection Provided by: |
Security Gateway
|
|
| Who is Vulnerable? Foo Labs Xpdf prior to 3.02pl4 | ||
| Vulnerability Description An integer overflow vulnerability has been reported in Xpdf. Xpdf is an open source PDF viewer for the Unix-like operating systems and works under the X Window graphical user interface system. A remote attacker can exploit this vulnerability to execute arbitrary code on an affected system via a specially crafted PDF file. Successful exploitation of this issue may allow execution of arbitrary code on an affected system. |
||
|
Vulnerability Details The vulnerability is caused by an error in the Xpdf due to lack of input validation when handling images within PDF documents. A remote attacker could trigger this flaw via a specially crafted PDF file. Successful exploitation allows execution of arbitrary code once a malicious PDF file is loaded with the affected application. |
Protection Overview
This protection will detect and block attempts to transfer malformed PDF files over HTTP.
In order for the protection to be activated, update your Security Gateway product to the latest IPS update. For information on how to update IPS, go to SBP-2006-05, Protection tab and select the version of your choice.
To configure the defense, select your product from the list below and follow the related protection steps.