CVE-2008-2950

CVE-2008-2950 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

The Page destructor in Page.cc in libpoppler in Poppler 0.8.4 and earlier deletes a pageWidgets object even if it is not initialized by a Page constructor, which allows remote attackers to execute arbitrary code via a crafted PDF document.

Learn more about our Web Application Penetration Testing UK.