← Back

CVE-2008-1693

nvd nist
Published: Apr 18, 2008Modified: Apr 23, 2026

JSON object

Loading...
6.8
Vector
AV:N/AC:M/Au:N/C:P/I:P/A:P
Exploitability: 8.6 / Impact: 6.4
Source: NVD

Description

The CairoFont::create function in CairoFontEngine.cc in Poppler, possibly before 0.8.0, as used in Xpdf, Evince, ePDFview, KWord, and other applications, does not properly handle embedded fonts in PDF files, which allows remote attackers to execute arbitrary code via a crafted font object, related to dereferencing a function pointer associated with the type of this font object.

Affected (29)

Products: Poppler: Poppler
Poppler
1 product
Poppler
Configuration A
29 vulnerable
Vulnerable SoftwareAffected Versions
Poppler
Poppler
Up to 0.7.3
Poppler
Version 0.1.1
Poppler
Version 0.1.2
Poppler
Version 0.1
Poppler
Version 0.2.0
Poppler
Version 0.3.0
Poppler
Version 0.3.1
Poppler
Version 0.3.2
Poppler
Version 0.3.3
Poppler
Version 0.4.0
Poppler
Version 0.4.1
Poppler
Version 0.4.2
Poppler
Version 0.4.3
Poppler
Version 0.4.4
Poppler
Version 0.5.0
Poppler
Version 0.5.1
Poppler
Version 0.5.2
Poppler
Version 0.5.3
Poppler
Version 0.5.4
Poppler
Version 0.5.91
Poppler
Version 0.5.9
Poppler
Version 0.6.0
Poppler
Version 0.6.1
Poppler
Version 0.6.2
Poppler
Version 0.6.3
Poppler
Version 0.6.4
Poppler
Version 0.7.0
Poppler
Version 0.7.1
Poppler
Version 0.7.2

Related CWEs

CWE-20
Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (68)

Source: security@ubuntu.com
Source: security@ubuntu.com
Source: security@ubuntu.com
Source: security@ubuntu.com
Source: security@ubuntu.com
Source: security@ubuntu.com
Source: security@ubuntu.com
Source: security@ubuntu.com
Source: security@ubuntu.com
Source: security@ubuntu.com
Source: security@ubuntu.com
Source: security@ubuntu.com
Source: security@ubuntu.com
Source: security@ubuntu.com
Source: security@ubuntu.com
Source: security@ubuntu.com
Source: security@ubuntu.com
Patch
Source: security@ubuntu.com
Source: security@ubuntu.com
Source: security@ubuntu.com
Source: security@ubuntu.com
Source: security@ubuntu.com
Source: security@ubuntu.com
Source: security@ubuntu.com
Source: security@ubuntu.com
Source: security@ubuntu.com
Source: security@ubuntu.com
Source: security@ubuntu.com
Source: security@ubuntu.com
Source: security@ubuntu.com
Source: security@ubuntu.com
Source: security@ubuntu.com
Source: security@ubuntu.com
Source: security@ubuntu.com
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.