{"id":"CVE-2009-3938","details":"Buffer overflow in the ABWOutputDev::endWord function in poppler/ABWOutputDev.cc in Poppler (aka libpoppler) 0.10.6, 0.12.0, and possibly other versions, as used by the Abiword pdftoabw utility, allows user-assisted remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted PDF file.","modified":"2026-01-27T04:10:03.029417Z","published":"2009-11-13T16:30:00Z","withdrawn":"2026-01-27T04:10:03.029417Z","references":[{"type":"ADVISORY","url":"http://secunia.com/advisories/37333"},{"type":"ADVISORY","url":"http://www.debian.org/security/2009/dsa-1941"},{"type":"ADVISORY","url":"http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"},{"type":"ADVISORY","url":"http://www.vupen.com/english/advisories/2009/3227"},{"type":"EVIDENCE","url":"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=534680"},{"type":"EVIDENCE","url":"http://bugs.freedesktop.org/show_bug.cgi?id=23074"},{"type":"FIX","url":"http://bugs.freedesktop.org/attachment.cgi?id=30599&action=edit"},{"type":"WEB","url":"http://www.securityfocus.com/bid/36976"},{"type":"WEB","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/54215"}],"schema_version":"1.7.3"}