CVE-2009-3938
EPSS 3.4%
Description
Buffer overflow in the ABWOutputDev::endWord function in poppler/ABWOutputDev.cc in Poppler (aka libpoppler) 0.10.6, 0.12.0, and possibly other versions, as used by the Abiword pdftoabw utility, allows user-assisted remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted PDF file.
How to fix CVE-2009-3938
To remediate CVE-2009-3938, upgrade the affected package to a fixed version below.
- Debian/poppler—upgrade to 0.12.2-2.1 or later
Is CVE-2009-3938 being exploited?
Low — EPSS is 3.4%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 0.12.2-2.1