Poppler: User-assisted execution of arbitrary code
Gentoo Linux Security Advisory
||GLSA 200804-18 / poppler
||April 17, 2008
||April 17, 2008: 02
All supported architectures
Poppler does not handle fonts inside PDF files safely, allowing for
execution of arbitrary code.
Poppler is a cross-platform PDF rendering library originally based on
Kees Cook from the Ubuntu Security Team reported that the
CairoFont::create() function in the file CairoFontEngine.cc does not
verify the type of an embedded font object inside a PDF file before
dereferencing a function pointer from it.
A remote attacker could entice a user to open a specially crafted PDF
file with a Poppler-based PDF viewer such as Gentoo's Xpdf, Epdfview,
or Evince, potentially resulting in the execution of arbitrary code
with the privileges of the user running the application.
There is no known workaround at this time.
All Poppler users should upgrade to the latest version:
Code Listing 3.1: Resolution
# emerge --sync
# emerge --ask --oneshot --verbose ">=app-text/poppler-0.6.3"