Vulnerabilites related to poppler - poppler
Vulnerability from fkie_nvd
Published
2009-10-21 17:30
Modified
2025-04-09 00:30
Severity ?
Summary
Integer overflow in the SplashBitmap::SplashBitmap function in Xpdf 3.x before 3.02pl4 and Poppler before 0.12.1 might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow. NOTE: some of these details are obtained from third party information. NOTE: this issue reportedly exists because of an incomplete fix for CVE-2009-1188.
References
secalert@redhat.comftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl4.patchPatch
secalert@redhat.comhttp://lists.fedoraproject.org/pipermail/package-announce/2010-February/035340.html
secalert@redhat.comhttp://lists.fedoraproject.org/pipermail/package-announce/2010-February/035399.html
secalert@redhat.comhttp://lists.fedoraproject.org/pipermail/package-announce/2010-February/035408.html
secalert@redhat.comhttp://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html
secalert@redhat.comhttp://poppler.freedesktop.org/Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/37034Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/37053Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/37054Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/37114
secalert@redhat.comhttp://secunia.com/advisories/37159
secalert@redhat.comhttp://secunia.com/advisories/39327
secalert@redhat.comhttp://secunia.com/advisories/39938
secalert@redhat.comhttp://securitytracker.com/id?1023029
secalert@redhat.comhttp://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1
secalert@redhat.comhttp://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1
secalert@redhat.comhttp://www.debian.org/security/2010/dsa-2028
secalert@redhat.comhttp://www.debian.org/security/2010/dsa-2050
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDVSA-2009:287
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDVSA-2010:087
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDVSA-2011:175
secalert@redhat.comhttp://www.securityfocus.com/bid/36703Exploit, Patch
secalert@redhat.comhttp://www.ubuntu.com/usn/USN-850-1
secalert@redhat.comhttp://www.ubuntu.com/usn/USN-850-3
secalert@redhat.comhttp://www.vupen.com/english/advisories/2009/2924Patch, Vendor Advisory
secalert@redhat.comhttp://www.vupen.com/english/advisories/2009/2925Patch, Vendor Advisory
secalert@redhat.comhttp://www.vupen.com/english/advisories/2010/0802
secalert@redhat.comhttp://www.vupen.com/english/advisories/2010/1040
secalert@redhat.comhttp://www.vupen.com/english/advisories/2010/1220
secalert@redhat.comhttps://bugzilla.redhat.com/show_bug.cgi?id=526915
secalert@redhat.comhttps://exchange.xforce.ibmcloud.com/vulnerabilities/53793
secalert@redhat.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9671
secalert@redhat.comhttps://rhn.redhat.com/errata/RHSA-2009-1504.html
secalert@redhat.comhttps://www.redhat.com/archives/fedora-package-announce/2009-October/msg00750.html
secalert@redhat.comhttps://www.redhat.com/archives/fedora-package-announce/2009-October/msg00784.html
af854a3a-2127-422b-91ae-364da2661108ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl4.patchPatch
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035340.html
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035399.html
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035408.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html
af854a3a-2127-422b-91ae-364da2661108http://poppler.freedesktop.org/Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/37034Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/37053Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/37054Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/37114
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/37159
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/39327
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/39938
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1023029
af854a3a-2127-422b-91ae-364da2661108http://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1
af854a3a-2127-422b-91ae-364da2661108http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2010/dsa-2028
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2010/dsa-2050
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2009:287
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2010:087
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2011:175
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/36703Exploit, Patch
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/USN-850-1
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/USN-850-3
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2009/2924Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2009/2925Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2010/0802
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2010/1040
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2010/1220
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.redhat.com/show_bug.cgi?id=526915
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/53793
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9671
af854a3a-2127-422b-91ae-364da2661108https://rhn.redhat.com/errata/RHSA-2009-1504.html
af854a3a-2127-422b-91ae-364da2661108https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00750.html
af854a3a-2127-422b-91ae-364da2661108https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00784.html



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:3.02pl1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BC500DA-7B3F-4CD5-BB0E-B244000CD19D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:3.02pl2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D5D9CEA-0707-46FC-AEC3-9EC540B22BC3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:3.02pl3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD38AC59-7518-40FB-BC29-EC64142DE682",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.00:*:*:*:*:*:*:*",
              "matchCriteriaId": "15D08CFD-BEE1-4DEE-926D-F4291F88224D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.01:*:*:*:*:*:*:*",
              "matchCriteriaId": "D244903F-5407-4C35-AE2C-1A05D3C227D4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.02:*:*:*:*:*:*:*",
              "matchCriteriaId": "F7D4E256-FF91-47BA-B1D4-940FB2D970AF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C16CA37E-F28E-47E6-B77B-4CB0A859F831",
              "versionEndIncluding": "0.12.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E23EBF88-10DE-4EA6-9F0E-F33C88541F65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "54F75CFD-3523-4017-992C-4FA6406D49F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB116A19-6436-40BE-B5C6-32C22D888B9A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A4C1429-593B-47B6-AC84-832F2296FAB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "18240BA6-3390-4925-AC25-DA4C42397CF7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3090A142-2240-4A8D-A122-C037931A277C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EFD63240-4599-4212-8AF2-7C4089CA9D28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C7EE965-EE3F-4B17-AF38-FA3AA0B11164",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7BE488E5-B3D9-4723-ABBA-A8753EC2DA2D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1259C59E-517F-40BE-8BA6-01AB76257C9A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "63C92F1C-3005-4EA6-B9C0-2BC2E3D611D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "576152B4-9ACD-4C4E-B423-4A5EF44332D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "322F9E62-6A74-4805-8F6B-9C61739B2D4E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F51C453F-6A87-49FB-83F6-22316F28161F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "75F532F0-6653-4275-A85A-BD9A9A611E96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CC7300E-0CBE-47FD-A241-B4B4F0164EBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "255102DA-A2C0-4795-9539-B4CBD587554A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "349B06F1-772A-4A12-A7B9-EA220ED96D2C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "B779800A-FF4B-47DD-B56F-77D10D6A335C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "178680C2-DB1B-4250-9B6E-6ADABA60DE44",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCA9036F-92DA-45C2-9FBC-DE03444D34F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6855B98-DAA2-4850-A765-2F4D6D93A424",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "4743EC55-B61D-4C1A-9ED7-060268F2DB27",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CD4454E-3D2B-4582-B5E5-0317A6417654",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "96402B67-A7A8-44E3-914E-A10A69FAD735",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "66C608C8-F382-4D6B-A638-98763C1CBB66",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "21F0F4E0-91B7-4B1F-BFA9-829101A7F90A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.7.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "22287102-80B1-4E1F-85E4-488B020A51E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF3030D6-DE07-418B-AB40-87C85FCA3C58",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3583D56-F653-457A-B1F8-25842A15CB82",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6EEA5DBB-5A80-439E-A135-77CB40772916",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4A5C43B-3978-4D0A-8166-A99622106781",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A940AF2-A7CA-408F-86E2-797C7BA8A6BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA56CB7C-E7B3-4F0B-8BEB-F133FAF0D6FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "6323ED7A-6FE8-4885-B743-3E2F82ECA08B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "90D3345C-2D35-413C-B6F9-C308BC7C2AA6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "26216EEC-26B7-41C8-ADFB-64D2EA8DAA8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9D3618D-A183-4B09-9CA2-8D622C3486DD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.9.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A88294D9-563E-4AB3-9FE6-971F43B052B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A39F672-B238-4B21-A48E-5121771949F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "58A5D199-E952-44B5-B5E5-170040FA813E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "349B4B75-32E2-49FB-9606-8B057AFA2E3E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "55A8D058-224E-467E-AB61-06F90B541F24",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "77C47EDD-2212-4259-8229-FF05E1A7B5AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "C52995D0-0986-427F-B37D-2F6726EA330D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E4427C5-DBF0-4EF9-8B7A-61D56C14E3FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "B91206CA-7EBE-4E64-9A49-D7EC0D051012",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.11.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BFD43644-7F02-42AF-8EC3-C326A13E2F89",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.11.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "81FE2E6F-44B2-42D5-B986-D1FE2B510968",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.11.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A605079-3705-4E2C-8F6D-C21B4D875817",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.11.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3ABBD590-8092-4920-BBC7-F3ACB9CCC900",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Integer overflow in the SplashBitmap::SplashBitmap function in Xpdf 3.x before 3.02pl4 and Poppler before 0.12.1 might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow.  NOTE: some of these details are obtained from third party information.  NOTE: this issue reportedly exists because of an incomplete fix for CVE-2009-1188."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de entero en la funci\u00f3n SplashBitmap::SplashBitmap en Xpdf v3.x anterior a v3.02pl4  y Poppler anteior a v0.12.1, podr\u00eda permitir  a atacantes remotos  la ejecuci\u00f3n de c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un documento PDF manipulado que provoca un  un desbordamiento de b\u00fafer basado en memoria din\u00e1mica (heap). NOTA: algunos detalles han sido obtenidos a partir de informaci\u00f3n de terceros. Esta vulnerabilidad existe por un correcci\u00f3n incompleta de CVE-2009-1188."
    }
  ],
  "id": "CVE-2009-3603",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2009-10-21T17:30:00.280",
  "references": [
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl4.patch"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035340.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035399.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035408.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://poppler.freedesktop.org/"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/37034"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/37053"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/37054"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/37114"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/37159"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/39327"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/39938"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://securitytracker.com/id?1023029"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2010/dsa-2028"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2010/dsa-2050"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:287"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Exploit",
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/36703"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.ubuntu.com/usn/USN-850-1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.ubuntu.com/usn/USN-850-3"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/2924"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/2925"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2010/0802"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2010/1040"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2010/1220"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=526915"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53793"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9671"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://rhn.redhat.com/errata/RHSA-2009-1504.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00750.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00784.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl4.patch"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035340.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035399.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035408.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://poppler.freedesktop.org/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/37034"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/37053"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/37054"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/37114"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/37159"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/39327"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/39938"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1023029"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2010/dsa-2028"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2010/dsa-2050"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:287"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/36703"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/USN-850-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/USN-850-3"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/2924"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/2925"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2010/0802"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2010/1040"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2010/1220"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=526915"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53793"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9671"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://rhn.redhat.com/errata/RHSA-2009-1504.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00750.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00784.html"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-189"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2009-04-23 17:30
Modified
2025-04-09 00:30
Severity ?
Summary
The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to execute arbitrary code via a crafted PDF file that triggers a free of invalid data.
References
secalert@redhat.comhttp://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html
secalert@redhat.comhttp://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html
secalert@redhat.comhttp://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html
secalert@redhat.comhttp://poppler.freedesktop.org/releases.htmlPatch, Vendor Advisory
secalert@redhat.comhttp://rhn.redhat.com/errata/RHSA-2009-0458.htmlPatch
secalert@redhat.comhttp://secunia.com/advisories/34291Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/34481Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/34746Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/34755Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/34756Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/34852Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/34959Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/34963Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/34991Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/35037Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/35064Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/35065Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/35618Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/35685Vendor Advisory
secalert@redhat.comhttp://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.578477
secalert@redhat.comhttp://www.debian.org/security/2009/dsa-1790Patch
secalert@redhat.comhttp://www.debian.org/security/2009/dsa-1793Patch
secalert@redhat.comhttp://www.kb.cert.org/vuls/id/196617US Government Resource
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDVSA-2009:101
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDVSA-2010:087
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDVSA-2011:175
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2009-0429.htmlPatch
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2009-0430.htmlPatch
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2009-0431.htmlPatch
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2009-0480.htmlPatch
secalert@redhat.comhttp://www.securityfocus.com/bid/34568Patch
secalert@redhat.comhttp://www.securitytracker.com/id?1022073
secalert@redhat.comhttp://www.vupen.com/english/advisories/2009/1065Patch, Vendor Advisory
secalert@redhat.comhttp://www.vupen.com/english/advisories/2009/1066Patch, Vendor Advisory
secalert@redhat.comhttp://www.vupen.com/english/advisories/2009/1076Patch, Vendor Advisory
secalert@redhat.comhttp://www.vupen.com/english/advisories/2009/1077Vendor Advisory
secalert@redhat.comhttp://www.vupen.com/english/advisories/2010/1040Vendor Advisory
secalert@redhat.comhttps://bugzilla.redhat.com/show_bug.cgi?id=495892
secalert@redhat.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9926
secalert@redhat.comhttps://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html
secalert@redhat.comhttps://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html
secalert@redhat.comhttps://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html
af854a3a-2127-422b-91ae-364da2661108http://poppler.freedesktop.org/releases.htmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2009-0458.htmlPatch
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/34291Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/34481Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/34746Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/34755Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/34756Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/34852Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/34959Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/34963Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/34991Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/35037Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/35064Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/35065Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/35618Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/35685Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.578477
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2009/dsa-1790Patch
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2009/dsa-1793Patch
af854a3a-2127-422b-91ae-364da2661108http://www.kb.cert.org/vuls/id/196617US Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2009:101
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2010:087
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2011:175
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2009-0429.htmlPatch
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2009-0430.htmlPatch
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2009-0431.htmlPatch
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2009-0480.htmlPatch
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/34568Patch
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1022073
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2009/1065Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2009/1066Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2009/1076Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2009/1077Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2010/1040Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.redhat.com/show_bug.cgi?id=495892
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9926
af854a3a-2127-422b-91ae-364da2661108https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html
af854a3a-2127-422b-91ae-364da2661108https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html
af854a3a-2127-422b-91ae-364da2661108https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html
Impacted products
Vendor Product Version
foolabs xpdf 0.5a
foolabs xpdf 0.7a
foolabs xpdf 0.91a
foolabs xpdf 0.91b
foolabs xpdf 0.91c
foolabs xpdf 0.92a
foolabs xpdf 0.92b
foolabs xpdf 0.92c
foolabs xpdf 0.92d
foolabs xpdf 0.92e
foolabs xpdf 0.93a
foolabs xpdf 0.93b
foolabs xpdf 0.93c
foolabs xpdf 1.00a
glyphandcog xpdfreader *
glyphandcog xpdfreader 0.2
glyphandcog xpdfreader 0.3
glyphandcog xpdfreader 0.4
glyphandcog xpdfreader 0.5
glyphandcog xpdfreader 0.6
glyphandcog xpdfreader 0.7
glyphandcog xpdfreader 0.80
glyphandcog xpdfreader 0.90
glyphandcog xpdfreader 0.91
glyphandcog xpdfreader 0.92
glyphandcog xpdfreader 0.93
glyphandcog xpdfreader 1.00
glyphandcog xpdfreader 1.01
glyphandcog xpdfreader 2.00
glyphandcog xpdfreader 2.01
glyphandcog xpdfreader 2.02
glyphandcog xpdfreader 2.03
glyphandcog xpdfreader 3.00
glyphandcog xpdfreader 3.01
poppler poppler *
poppler poppler 0.1
poppler poppler 0.1.1
poppler poppler 0.1.2
poppler poppler 0.2.0
poppler poppler 0.3.0
poppler poppler 0.3.1
poppler poppler 0.3.2
poppler poppler 0.3.3
poppler poppler 0.4.0
poppler poppler 0.4.1
poppler poppler 0.4.2
poppler poppler 0.4.3
poppler poppler 0.4.4
poppler poppler 0.5.0
poppler poppler 0.5.1
poppler poppler 0.5.2
poppler poppler 0.5.3
poppler poppler 0.5.4
poppler poppler 0.5.9
poppler poppler 0.5.90
poppler poppler 0.5.91
poppler poppler 0.6.0
poppler poppler 0.6.1
poppler poppler 0.6.2
poppler poppler 0.6.3
poppler poppler 0.6.4
poppler poppler 0.7.0
poppler poppler 0.7.1
poppler poppler 0.7.2
poppler poppler 0.7.3
poppler poppler 0.8.0
poppler poppler 0.8.1
poppler poppler 0.8.2
poppler poppler 0.8.3
poppler poppler 0.8.4
poppler poppler 0.8.5
poppler poppler 0.8.6
poppler poppler 0.8.7
poppler poppler 0.9.0
poppler poppler 0.9.1
poppler poppler 0.9.2
poppler poppler 0.9.3
poppler poppler 0.10.0
poppler poppler 0.10.1
poppler poppler 0.10.2
poppler poppler 0.10.3
poppler poppler 0.10.4
apple cups *
apple cups 1.1
apple cups 1.1.1
apple cups 1.1.2
apple cups 1.1.3
apple cups 1.1.4
apple cups 1.1.5
apple cups 1.1.5-1
apple cups 1.1.5-2
apple cups 1.1.6
apple cups 1.1.6-1
apple cups 1.1.6-2
apple cups 1.1.6-3
apple cups 1.1.7
apple cups 1.1.8
apple cups 1.1.9
apple cups 1.1.9-1
apple cups 1.1.10
apple cups 1.1.10-1
apple cups 1.1.11
apple cups 1.1.12
apple cups 1.1.13
apple cups 1.1.14
apple cups 1.1.15
apple cups 1.1.16
apple cups 1.1.17
apple cups 1.1.18
apple cups 1.1.19
apple cups 1.1.19
apple cups 1.1.19
apple cups 1.1.19
apple cups 1.1.19
apple cups 1.1.19
apple cups 1.1.20
apple cups 1.1.20
apple cups 1.1.20
apple cups 1.1.20
apple cups 1.1.20
apple cups 1.1.20
apple cups 1.1.20
apple cups 1.1.21
apple cups 1.1.21
apple cups 1.1.21
apple cups 1.1.22
apple cups 1.1.22
apple cups 1.1.22
apple cups 1.1.23
apple cups 1.1.23
apple cups 1.2.0
apple cups 1.2.1
apple cups 1.2.2
apple cups 1.2.3
apple cups 1.2.4
apple cups 1.2.5
apple cups 1.2.6
apple cups 1.2.7
apple cups 1.2.8
apple cups 1.2.9
apple cups 1.2.10
apple cups 1.2.11
apple cups 1.2.12
apple cups 1.3.0
apple cups 1.3.1
apple cups 1.3.2
apple cups 1.3.3
apple cups 1.3.4
apple cups 1.3.5
apple cups 1.3.6
apple cups 1.3.7
apple cups 1.3.8
apple cups 1.3.10
apple cups 1.3.11



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.5a:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8ABE533-8FC1-45E6-B574-A4CC7571EF7C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.7a:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B02805E-7BD0-4563-82C8-6FFB982D4913",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.91a:*:*:*:*:*:*:*",
              "matchCriteriaId": "852F526D-F388-4FF0-BDD9-DF7635DB46D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.91b:*:*:*:*:*:*:*",
              "matchCriteriaId": "478D53EA-CC8C-4ECB-8410-0910505AD819",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.91c:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C84FB90-FF1C-4502-B2D2-390438DD422F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.92a:*:*:*:*:*:*:*",
              "matchCriteriaId": "13341DAE-D16D-41A7-BF17-FEC802997B15",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.92b:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E30BAEA-231C-4A82-B014-9EE3D1E81545",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.92c:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE1DE5A5-6448-43F6-A612-56998D16E6B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.92d:*:*:*:*:*:*:*",
              "matchCriteriaId": "35F84699-D4CF-4FD1-A959-53E316559EBE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.92e:*:*:*:*:*:*:*",
              "matchCriteriaId": "D820DFD5-0EF9-4C9A-B281-D553A4F63141",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.93a:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2EFC7E4-E513-42DB-BDA5-8D1E497971DD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.93b:*:*:*:*:*:*:*",
              "matchCriteriaId": "0AA5CDDC-BFDE-4C5E-920F-5DA1B3C51B52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.93c:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4CF839D-D034-4D47-977F-7E27B36EF04F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:1.00a:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3B3E8A4-14FE-42DA-B82E-839B092B5302",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "32628280-E2DB-45E0-AB8A-CFC90419A182",
              "versionEndIncluding": "3.02",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEF5EC54-9145-4B51-8241-C9343160BF80",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D33C2C1D-C1C1-4B1D-BDC8-6480CE8EC24B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1344DF7-9917-4DB0-9256-9E8131C55B0A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "309F0CF2-4AF7-4F46-91EA-39BA07BAF312",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "36FA872B-74B8-48E4-9D5C-5ACA6FCB8026",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "20311EDE-0E34-432A-AE41-F61EA68F134A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.80:*:*:*:*:*:*:*",
              "matchCriteriaId": "16FEF460-3569-4294-ABA4-D7C251D67071",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.90:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB41E8C2-BBCC-48CB-805B-23411D39E936",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.91:*:*:*:*:*:*:*",
              "matchCriteriaId": "16670F8A-E70B-4CDF-8C61-414D86E20C84",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.92:*:*:*:*:*:*:*",
              "matchCriteriaId": "69483A91-53DB-4736-908F-7B14EFB40888",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.93:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B3E7962-0A95-4E7B-A983-683B02350B93",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:1.00:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD1120B3-3372-417B-BCA0-FD515638FBFB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:1.01:*:*:*:*:*:*:*",
              "matchCriteriaId": "F7397645-3225-4980-8465-28F93322B58B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.00:*:*:*:*:*:*:*",
              "matchCriteriaId": "1672587F-ED28-4A8A-A6C1-AD1D6B5DF9F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.01:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5A45EAF-B511-4360-A201-D588E7EEB39D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.02:*:*:*:*:*:*:*",
              "matchCriteriaId": "D14637F7-DC99-4AC4-854C-DBA0B4C6BE54",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.03:*:*:*:*:*:*:*",
              "matchCriteriaId": "9EE03979-D564-4ABD-BEBD-E86E7C1BAF9D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.00:*:*:*:*:*:*:*",
              "matchCriteriaId": "15D08CFD-BEE1-4DEE-926D-F4291F88224D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.01:*:*:*:*:*:*:*",
              "matchCriteriaId": "D244903F-5407-4C35-AE2C-1A05D3C227D4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:poppler:poppler:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0299F4A-A027-430C-9A53-AFEF9022960C",
              "versionEndIncluding": "0.10.5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E23EBF88-10DE-4EA6-9F0E-F33C88541F65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "54F75CFD-3523-4017-992C-4FA6406D49F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB116A19-6436-40BE-B5C6-32C22D888B9A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A4C1429-593B-47B6-AC84-832F2296FAB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "18240BA6-3390-4925-AC25-DA4C42397CF7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3090A142-2240-4A8D-A122-C037931A277C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EFD63240-4599-4212-8AF2-7C4089CA9D28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C7EE965-EE3F-4B17-AF38-FA3AA0B11164",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7BE488E5-B3D9-4723-ABBA-A8753EC2DA2D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1259C59E-517F-40BE-8BA6-01AB76257C9A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "63C92F1C-3005-4EA6-B9C0-2BC2E3D611D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "576152B4-9ACD-4C4E-B423-4A5EF44332D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "322F9E62-6A74-4805-8F6B-9C61739B2D4E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F51C453F-6A87-49FB-83F6-22316F28161F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "75F532F0-6653-4275-A85A-BD9A9A611E96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CC7300E-0CBE-47FD-A241-B4B4F0164EBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "255102DA-A2C0-4795-9539-B4CBD587554A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "349B06F1-772A-4A12-A7B9-EA220ED96D2C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "B779800A-FF4B-47DD-B56F-77D10D6A335C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.90:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0213390-08FA-4E04-835B-8BE0FC61B464",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.91:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B304657-740A-4F8D-99CD-22E283FEE6F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "178680C2-DB1B-4250-9B6E-6ADABA60DE44",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCA9036F-92DA-45C2-9FBC-DE03444D34F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6855B98-DAA2-4850-A765-2F4D6D93A424",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "4743EC55-B61D-4C1A-9ED7-060268F2DB27",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CD4454E-3D2B-4582-B5E5-0317A6417654",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "96402B67-A7A8-44E3-914E-A10A69FAD735",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "66C608C8-F382-4D6B-A638-98763C1CBB66",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "21F0F4E0-91B7-4B1F-BFA9-829101A7F90A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.7.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "22287102-80B1-4E1F-85E4-488B020A51E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF3030D6-DE07-418B-AB40-87C85FCA3C58",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3583D56-F653-457A-B1F8-25842A15CB82",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6EEA5DBB-5A80-439E-A135-77CB40772916",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4A5C43B-3978-4D0A-8166-A99622106781",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A940AF2-A7CA-408F-86E2-797C7BA8A6BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B2CD8A0-2DBA-4AC9-A97D-D4DAEB6C7A74",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA56CB7C-E7B3-4F0B-8BEB-F133FAF0D6FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "6323ED7A-6FE8-4885-B743-3E2F82ECA08B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "90D3345C-2D35-413C-B6F9-C308BC7C2AA6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "26216EEC-26B7-41C8-ADFB-64D2EA8DAA8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9D3618D-A183-4B09-9CA2-8D622C3486DD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.9.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A88294D9-563E-4AB3-9FE6-971F43B052B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A39F672-B238-4B21-A48E-5121771949F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "58A5D199-E952-44B5-B5E5-170040FA813E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "349B4B75-32E2-49FB-9606-8B057AFA2E3E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "55A8D058-224E-467E-AB61-06F90B541F24",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "77C47EDD-2212-4259-8229-FF05E1A7B5AD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:apple:cups:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4E90153-8D18-4A50-9581-895C851F6489",
              "versionEndIncluding": "1.3.9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4D89E03-94D0-4F7F-9A54-3021E3E5A321",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "298D6BE7-7683-4225-8DD6-4C0FC5EB48BC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "230B77E7-B1AE-4470-859D-7B5F99749D74",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8FECBBD-B1A2-4F42-8A68-32AB8331BDC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B6070FC-4566-4314-940E-0AAE34B56E28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC691F07-8B38-4867-AB18-51F380CAEA46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.5-1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E943EFBF-39A7-408F-8AC5-677E83DFDBB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.5-2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EA7725A-4398-4C76-BEBF-10E56C7F34F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7415295-0FBF-4946-8D99-8CB2EC391319",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.6-1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C702EE3-4B7C-42EA-92AA-8717807CF67C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.6-2:*:*:*:*:*:*:*",
              "matchCriteriaId": "73F74581-D71C-4FEC-BA8C-85EF4C1991BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.6-3:*:*:*:*:*:*:*",
              "matchCriteriaId": "7ABCFB52-33D3-428C-B1D5-DCE504170A37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "45F03F2B-6AC3-4872-9032-293C2E9B837C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E02B6FB-C36D-45F3-95F3-566CA03B29A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "96093309-A87D-48D0-84DA-446255ABF231",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.9-1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF67F149-614B-4507-A15F-E557A1B73423",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4A14432-D8A1-4D19-9408-B9B4F2FC6B0A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.10-1:*:*:*:*:*:*:*",
              "matchCriteriaId": "49862F77-B8DE-4AA7-AE17-B348B05AC00E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "78D7719F-03E0-4E66-A50A-F8E857A9B6AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3139FDA-9476-4414-B349-7119E63FD268",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "523FE78C-441F-4ACD-B9F2-3E5293E277AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "F887B5B1-7528-4086-AE6C-134F54A93342",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D6D24ED-0D73-4CF2-B746-6EF29F2EF56F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "E8C5C552-6276-4791-80CD-6B3EB425EF04",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "8335D4E3-563D-4288-B708-A9635BCA595F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "5279D055-248A-4BD1-9FBB-0024BA16DF5B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF791C1D-9AF8-4F0F-8F4B-844BC9A55DFD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.19:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "16519855-FCB9-44A8-9C7E-116192327BAB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.19:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "B1D9330B-C51A-4C7D-A322-85103C64D86C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.19:rc3:*:*:*:*:*:*",
              "matchCriteriaId": "2DA0C19F-95EB-429C-AF06-A2C1D5643662",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.19:rc4:*:*:*:*:*:*",
              "matchCriteriaId": "225CCE80-FF4B-4B39-B8BD-EB4710047524",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.19:rc5:*:*:*:*:*:*",
              "matchCriteriaId": "07925DD8-50C0-4908-95D1-7342A4617BBC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "48A519DB-6C6D-4094-814D-33BD5EF389BC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.20:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "B6ED7566-5092-4B08-97A9-B2B53117A224",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.20:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "98DCAC0C-896F-4353-A665-5BCD0D8AEBA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.20:rc3:*:*:*:*:*:*",
              "matchCriteriaId": "E72614CD-8F70-4E07-AD83-8FDE8026CEC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.20:rc4:*:*:*:*:*:*",
              "matchCriteriaId": "48E62419-C165-4B42-8C23-E24821BD4BB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.20:rc5:*:*:*:*:*:*",
              "matchCriteriaId": "217D804B-CA56-49CE-B9EB-2A297EB1763C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.20:rc6:*:*:*:*:*:*",
              "matchCriteriaId": "A41E8583-C837-4871-B4D2-FD41C78D538E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "D480C37B-0DA8-4096-80B0-5198FE589A4B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.21:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "74F5A83B-3C1A-49F3-A9D6-F7B9B897E447",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.21:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "241D4183-879D-4974-BACB-A6987EDA2E7D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "96592A93-4967-4B91-BCF7-558DC472E7BC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.22:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "8758715D-B973-4960-8B7D-6F9A11E73288",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.22:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "0370E9EB-B830-4362-B83C-912579695691",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA3EC6EE-720D-4F27-A2E1-88AE53FC41A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.23:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "D644926A-C2A5-45FE-85A3-2782CE87ED86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0696E675-0A13-45FC-8917-845E6FF7A311",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "78BAC98C-1FE6-42A3-8B62-E3C321914F6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "BCC3EF2F-0140-4185-9FB3-2B595B61CDC1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C36785A-F735-45C0-986B-9624AD65F0C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C1D3916-607F-44E8-9D47-93C6C0789083",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "174613C3-A04B-4701-849B-BAA598BF4F72",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "81C1137C-BE3D-45F9-83C9-D212107F0E14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CBC1F81-E93A-42A7-8BC8-4B903688F2E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FA876FF-C58A-45CF-A8E8-E2068DF79421",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.2.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "5FD78771-BD9A-4AC2-B664-B189DD288FB2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.2.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "50A16424-732F-4B76-A753-1642A97BC1EA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.2.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "E189C976-2DD2-485C-828E-7FC3DC6A8F32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.2.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "A86CA90F-A944-4F3E-B75F-8147125335D2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FAFABDC-E40F-4C53-AC66-94EFD077665D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "42A2F7B3-F4A7-416E-A07F-D4C5F0768B6F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F96C1B80-9E20-4832-8308-BF7911569EF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F2D7DB3-F467-4BC0-83BB-4706D067A2C5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABD33C2C-7D39-4CCE-AC99-BC7B1B205A4F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "46C394DC-65A7-4713-B823-6F5D329A0C5C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5E9F74F-3C7D-486A-8BA1-EE2A73160B39",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "69BD64BB-BDA7-4F82-8324-B7C7C941133C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCAEE03E-0B8A-4D10-BD4D-2DA25B7BBE16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.3.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8814509-8B08-46C6-AE50-19B7D30DCF40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "0718FB6B-D787-409A-B535-0318F2C63A81",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to execute arbitrary code via a crafted PDF file that triggers a free of invalid data."
    },
    {
      "lang": "es",
      "value": "El decodificador JBIG2 en Xpdf versi\u00f3n 3.02 PL2 y anteriores, CUPS versi\u00f3n 1.3.9 y anteriores, Poppler versi\u00f3n anterior a 0.10.6, y otros productos, permite a los atacantes remotos ejecutar c\u00f3digo arbitrario por medio de un archivo PDF creado que desencadena una liberaci\u00f3n de datos no v\u00e1lidos."
    }
  ],
  "id": "CVE-2009-1180",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.8,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2009-04-23T17:30:01.767",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://poppler.freedesktop.org/releases.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34291"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34481"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34746"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34755"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34756"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34852"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34959"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34963"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34991"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35037"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35064"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35065"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35618"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35685"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://www.debian.org/security/2009/dsa-1790"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://www.debian.org/security/2009/dsa-1793"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/196617"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/34568"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securitytracker.com/id?1022073"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/1065"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/1066"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/1076"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/1077"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2010/1040"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=495892"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9926"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://poppler.freedesktop.org/releases.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34291"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34481"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34746"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34755"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34756"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34852"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34959"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34963"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34991"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35037"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35064"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35065"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35618"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35685"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.debian.org/security/2009/dsa-1790"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.debian.org/security/2009/dsa-1793"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/196617"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/34568"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1022073"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/1065"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/1066"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/1076"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/1077"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2010/1040"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=495892"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9926"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-399"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2009-10-21 17:30
Modified
2025-04-09 00:30
Severity ?
Summary
The Splash::drawImage function in Splash.cc in Xpdf 2.x and 3.x before 3.02pl4, and Poppler 0.x, as used in GPdf and kdegraphics KPDF, does not properly allocate memory, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document that triggers a NULL pointer dereference or a heap-based buffer overflow.
References
secalert@redhat.comftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl4.patchPatch
secalert@redhat.comhttp://cgit.freedesktop.org/poppler/poppler/commit/?id=9cf2325fb2
secalert@redhat.comhttp://cgit.freedesktop.org/poppler/poppler/diff/?id=284a928996&id2=75c3466ba2
secalert@redhat.comhttp://lists.fedoraproject.org/pipermail/package-announce/2010-February/035340.html
secalert@redhat.comhttp://lists.fedoraproject.org/pipermail/package-announce/2010-February/035399.html
secalert@redhat.comhttp://lists.fedoraproject.org/pipermail/package-announce/2010-February/035408.html
secalert@redhat.comhttp://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html
secalert@redhat.comhttp://secunia.com/advisories/37023Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/37028Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/37037Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/37042Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/37043Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/37053Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/37077Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/37079Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/37114
secalert@redhat.comhttp://secunia.com/advisories/37159
secalert@redhat.comhttp://secunia.com/advisories/39327
secalert@redhat.comhttp://secunia.com/advisories/39938
secalert@redhat.comhttp://securitytracker.com/id?1023029
secalert@redhat.comhttp://site.pi3.com.pl/adv/xpdf.txtExploit
secalert@redhat.comhttp://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1
secalert@redhat.comhttp://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1
secalert@redhat.comhttp://www.debian.org/security/2010/dsa-2028
secalert@redhat.comhttp://www.debian.org/security/2010/dsa-2050
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDVSA-2009:287
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDVSA-2010:087
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDVSA-2011:175
secalert@redhat.comhttp://www.securityfocus.com/bid/36703Exploit, Patch
secalert@redhat.comhttp://www.ubuntu.com/usn/USN-850-1
secalert@redhat.comhttp://www.ubuntu.com/usn/USN-850-3
secalert@redhat.comhttp://www.vupen.com/english/advisories/2009/2924Patch, Vendor Advisory
secalert@redhat.comhttp://www.vupen.com/english/advisories/2009/2928Patch, Vendor Advisory
secalert@redhat.comhttp://www.vupen.com/english/advisories/2010/0802
secalert@redhat.comhttp://www.vupen.com/english/advisories/2010/1040
secalert@redhat.comhttp://www.vupen.com/english/advisories/2010/1220
secalert@redhat.comhttps://bugzilla.redhat.com/show_bug.cgi?id=526911Patch
secalert@redhat.comhttps://exchange.xforce.ibmcloud.com/vulnerabilities/53795
secalert@redhat.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10969
secalert@redhat.comhttps://rhn.redhat.com/errata/RHSA-2009-1500.html
secalert@redhat.comhttps://rhn.redhat.com/errata/RHSA-2009-1501.html
secalert@redhat.comhttps://rhn.redhat.com/errata/RHSA-2009-1502.html
secalert@redhat.comhttps://rhn.redhat.com/errata/RHSA-2009-1503.html
secalert@redhat.comhttps://rhn.redhat.com/errata/RHSA-2009-1512.html
secalert@redhat.comhttps://www.redhat.com/archives/fedora-package-announce/2009-October/msg00750.html
secalert@redhat.comhttps://www.redhat.com/archives/fedora-package-announce/2009-October/msg00784.html
af854a3a-2127-422b-91ae-364da2661108ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl4.patchPatch
af854a3a-2127-422b-91ae-364da2661108http://cgit.freedesktop.org/poppler/poppler/commit/?id=9cf2325fb2
af854a3a-2127-422b-91ae-364da2661108http://cgit.freedesktop.org/poppler/poppler/diff/?id=284a928996&id2=75c3466ba2
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035340.html
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035399.html
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035408.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/37023Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/37028Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/37037Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/37042Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/37043Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/37053Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/37077Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/37079Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/37114
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/37159
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/39327
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/39938
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1023029
af854a3a-2127-422b-91ae-364da2661108http://site.pi3.com.pl/adv/xpdf.txtExploit
af854a3a-2127-422b-91ae-364da2661108http://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1
af854a3a-2127-422b-91ae-364da2661108http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2010/dsa-2028
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2010/dsa-2050
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2009:287
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2010:087
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2011:175
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/36703Exploit, Patch
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/USN-850-1
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/USN-850-3
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2009/2924Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2009/2928Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2010/0802
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2010/1040
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2010/1220
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.redhat.com/show_bug.cgi?id=526911Patch
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/53795
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10969
af854a3a-2127-422b-91ae-364da2661108https://rhn.redhat.com/errata/RHSA-2009-1500.html
af854a3a-2127-422b-91ae-364da2661108https://rhn.redhat.com/errata/RHSA-2009-1501.html
af854a3a-2127-422b-91ae-364da2661108https://rhn.redhat.com/errata/RHSA-2009-1502.html
af854a3a-2127-422b-91ae-364da2661108https://rhn.redhat.com/errata/RHSA-2009-1503.html
af854a3a-2127-422b-91ae-364da2661108https://rhn.redhat.com/errata/RHSA-2009-1512.html
af854a3a-2127-422b-91ae-364da2661108https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00750.html
af854a3a-2127-422b-91ae-364da2661108https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00784.html
Impacted products
Vendor Product Version
gnome gpdf *
kde kpdf *
foolabs xpdf 3.02pl1
foolabs xpdf 3.02pl2
foolabs xpdf 3.02pl3
glyphandcog xpdfreader 2.00
glyphandcog xpdfreader 2.01
glyphandcog xpdfreader 2.02
glyphandcog xpdfreader 2.03
glyphandcog xpdfreader 3.00
glyphandcog xpdfreader 3.01
glyphandcog xpdfreader 3.02
poppler poppler 0.1
poppler poppler 0.1.1
poppler poppler 0.1.2
poppler poppler 0.2.0
poppler poppler 0.3.0
poppler poppler 0.3.1
poppler poppler 0.3.2
poppler poppler 0.3.3
poppler poppler 0.4.0
poppler poppler 0.4.1
poppler poppler 0.4.2
poppler poppler 0.4.3
poppler poppler 0.4.4
poppler poppler 0.5.0
poppler poppler 0.5.1
poppler poppler 0.5.2
poppler poppler 0.5.3
poppler poppler 0.5.4
poppler poppler 0.5.9
poppler poppler 0.5.90
poppler poppler 0.5.91
poppler poppler 0.6.0
poppler poppler 0.6.1
poppler poppler 0.6.2
poppler poppler 0.6.3
poppler poppler 0.6.4
poppler poppler 0.7.0
poppler poppler 0.7.1
poppler poppler 0.7.2
poppler poppler 0.7.3
poppler poppler 0.8.0
poppler poppler 0.8.1
poppler poppler 0.8.2
poppler poppler 0.8.3
poppler poppler 0.8.4
poppler poppler 0.8.5
poppler poppler 0.8.6
poppler poppler 0.8.7
poppler poppler 0.9.0
poppler poppler 0.9.1
poppler poppler 0.9.2
poppler poppler 0.9.3
poppler poppler 0.10.0
poppler poppler 0.10.1
poppler poppler 0.10.2
poppler poppler 0.10.3
poppler poppler 0.10.4
poppler poppler 0.10.5
poppler poppler 0.10.6
poppler poppler 0.10.7
poppler poppler 0.11.0
poppler poppler 0.11.1
poppler poppler 0.11.2
poppler poppler 0.11.3
poppler poppler 0.12.0



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:gnome:gpdf:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4A9A98B-5E37-4938-9506-927E0C8FACB8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:kde:kpdf:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "41EF2714-DEC9-407F-9D1B-EF2A4D8B4DC3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:3.02pl1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BC500DA-7B3F-4CD5-BB0E-B244000CD19D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:3.02pl2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D5D9CEA-0707-46FC-AEC3-9EC540B22BC3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:3.02pl3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD38AC59-7518-40FB-BC29-EC64142DE682",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.00:*:*:*:*:*:*:*",
              "matchCriteriaId": "1672587F-ED28-4A8A-A6C1-AD1D6B5DF9F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.01:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5A45EAF-B511-4360-A201-D588E7EEB39D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.02:*:*:*:*:*:*:*",
              "matchCriteriaId": "D14637F7-DC99-4AC4-854C-DBA0B4C6BE54",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.03:*:*:*:*:*:*:*",
              "matchCriteriaId": "9EE03979-D564-4ABD-BEBD-E86E7C1BAF9D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.00:*:*:*:*:*:*:*",
              "matchCriteriaId": "15D08CFD-BEE1-4DEE-926D-F4291F88224D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.01:*:*:*:*:*:*:*",
              "matchCriteriaId": "D244903F-5407-4C35-AE2C-1A05D3C227D4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.02:*:*:*:*:*:*:*",
              "matchCriteriaId": "F7D4E256-FF91-47BA-B1D4-940FB2D970AF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E23EBF88-10DE-4EA6-9F0E-F33C88541F65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "54F75CFD-3523-4017-992C-4FA6406D49F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB116A19-6436-40BE-B5C6-32C22D888B9A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A4C1429-593B-47B6-AC84-832F2296FAB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "18240BA6-3390-4925-AC25-DA4C42397CF7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3090A142-2240-4A8D-A122-C037931A277C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EFD63240-4599-4212-8AF2-7C4089CA9D28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C7EE965-EE3F-4B17-AF38-FA3AA0B11164",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7BE488E5-B3D9-4723-ABBA-A8753EC2DA2D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1259C59E-517F-40BE-8BA6-01AB76257C9A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "63C92F1C-3005-4EA6-B9C0-2BC2E3D611D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "576152B4-9ACD-4C4E-B423-4A5EF44332D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "322F9E62-6A74-4805-8F6B-9C61739B2D4E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F51C453F-6A87-49FB-83F6-22316F28161F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "75F532F0-6653-4275-A85A-BD9A9A611E96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CC7300E-0CBE-47FD-A241-B4B4F0164EBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "255102DA-A2C0-4795-9539-B4CBD587554A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "349B06F1-772A-4A12-A7B9-EA220ED96D2C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "B779800A-FF4B-47DD-B56F-77D10D6A335C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.90:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0213390-08FA-4E04-835B-8BE0FC61B464",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.91:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B304657-740A-4F8D-99CD-22E283FEE6F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "178680C2-DB1B-4250-9B6E-6ADABA60DE44",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCA9036F-92DA-45C2-9FBC-DE03444D34F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6855B98-DAA2-4850-A765-2F4D6D93A424",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "4743EC55-B61D-4C1A-9ED7-060268F2DB27",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CD4454E-3D2B-4582-B5E5-0317A6417654",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "96402B67-A7A8-44E3-914E-A10A69FAD735",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "66C608C8-F382-4D6B-A638-98763C1CBB66",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "21F0F4E0-91B7-4B1F-BFA9-829101A7F90A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.7.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "22287102-80B1-4E1F-85E4-488B020A51E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF3030D6-DE07-418B-AB40-87C85FCA3C58",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3583D56-F653-457A-B1F8-25842A15CB82",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6EEA5DBB-5A80-439E-A135-77CB40772916",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4A5C43B-3978-4D0A-8166-A99622106781",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A940AF2-A7CA-408F-86E2-797C7BA8A6BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B2CD8A0-2DBA-4AC9-A97D-D4DAEB6C7A74",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA56CB7C-E7B3-4F0B-8BEB-F133FAF0D6FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "6323ED7A-6FE8-4885-B743-3E2F82ECA08B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "90D3345C-2D35-413C-B6F9-C308BC7C2AA6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "26216EEC-26B7-41C8-ADFB-64D2EA8DAA8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9D3618D-A183-4B09-9CA2-8D622C3486DD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.9.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A88294D9-563E-4AB3-9FE6-971F43B052B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A39F672-B238-4B21-A48E-5121771949F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "58A5D199-E952-44B5-B5E5-170040FA813E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "349B4B75-32E2-49FB-9606-8B057AFA2E3E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "55A8D058-224E-467E-AB61-06F90B541F24",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "77C47EDD-2212-4259-8229-FF05E1A7B5AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "C52995D0-0986-427F-B37D-2F6726EA330D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E4427C5-DBF0-4EF9-8B7A-61D56C14E3FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "B91206CA-7EBE-4E64-9A49-D7EC0D051012",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.11.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BFD43644-7F02-42AF-8EC3-C326A13E2F89",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.11.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "81FE2E6F-44B2-42D5-B986-D1FE2B510968",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.11.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A605079-3705-4E2C-8F6D-C21B4D875817",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.11.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3ABBD590-8092-4920-BBC7-F3ACB9CCC900",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.12.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "14D812D5-BC8B-4907-AA70-F8D7F982A8DD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The Splash::drawImage function in Splash.cc in Xpdf 2.x and 3.x before 3.02pl4, and Poppler 0.x, as used in GPdf and kdegraphics KPDF, does not properly allocate memory, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document that triggers a NULL pointer dereference or a heap-based buffer overflow."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de entero en la funci\u00f3n Splash.cc en Xpdf v3.02pl4  y Poppler v0.x, usado en n kdegraphics KPDF y GPdf, no asigna la memoria adecuadamente, lo que permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda de aplicaci\u00f3n) y probablemente, la ejecuci\u00f3n de c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un documento PDF manipulado que provoca un deferencia a puntero nulo o un desbordamiento de b\u00fafer basado en memoria din\u00e1mica (heap)."
    }
  ],
  "id": "CVE-2009-3604",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2009-10-21T17:30:00.313",
  "references": [
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl4.patch"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=9cf2325fb2"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://cgit.freedesktop.org/poppler/poppler/diff/?id=284a928996\u0026id2=75c3466ba2"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035340.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035399.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035408.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/37023"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/37028"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/37037"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/37042"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/37043"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/37053"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/37077"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/37079"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/37114"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/37159"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/39327"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/39938"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://securitytracker.com/id?1023029"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Exploit"
      ],
      "url": "http://site.pi3.com.pl/adv/xpdf.txt"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2010/dsa-2028"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2010/dsa-2050"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:287"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Exploit",
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/36703"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.ubuntu.com/usn/USN-850-1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.ubuntu.com/usn/USN-850-3"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/2924"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/2928"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2010/0802"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2010/1040"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2010/1220"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=526911"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53795"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10969"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://rhn.redhat.com/errata/RHSA-2009-1500.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://rhn.redhat.com/errata/RHSA-2009-1501.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://rhn.redhat.com/errata/RHSA-2009-1502.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://rhn.redhat.com/errata/RHSA-2009-1503.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://rhn.redhat.com/errata/RHSA-2009-1512.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00750.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00784.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl4.patch"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=9cf2325fb2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://cgit.freedesktop.org/poppler/poppler/diff/?id=284a928996\u0026id2=75c3466ba2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035340.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035399.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035408.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/37023"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/37028"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/37037"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/37042"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/37043"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/37053"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/37077"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/37079"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/37114"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/37159"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/39327"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/39938"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1023029"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://site.pi3.com.pl/adv/xpdf.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2010/dsa-2028"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2010/dsa-2050"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:287"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/36703"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/USN-850-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/USN-850-3"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/2924"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/2928"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2010/0802"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2010/1040"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2010/1220"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=526911"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53795"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10969"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://rhn.redhat.com/errata/RHSA-2009-1500.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://rhn.redhat.com/errata/RHSA-2009-1501.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://rhn.redhat.com/errata/RHSA-2009-1502.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://rhn.redhat.com/errata/RHSA-2009-1503.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://rhn.redhat.com/errata/RHSA-2009-1512.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00750.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00784.html"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-399"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2008-07-07 23:41
Modified
2025-04-09 00:30
Severity ?
Summary
The Page destructor in Page.cc in libpoppler in Poppler 0.8.4 and earlier deletes a pageWidgets object even if it is not initialized by a Page constructor, which allows remote attackers to execute arbitrary code via a crafted PDF document.
References
cve@mitre.orghttp://lists.opensuse.org/opensuse-security-announce/2008-07/msg00006.html
cve@mitre.orghttp://secunia.com/advisories/30963
cve@mitre.orghttp://secunia.com/advisories/31002
cve@mitre.orghttp://secunia.com/advisories/31167
cve@mitre.orghttp://secunia.com/advisories/31267
cve@mitre.orghttp://secunia.com/advisories/31405
cve@mitre.orghttp://security.gentoo.org/glsa/glsa-200807-04.xml
cve@mitre.orghttp://securityreason.com/securityalert/3977
cve@mitre.orghttp://wiki.rpath.com/Advisories:rPSA-2008-0223
cve@mitre.orghttp://www.mandriva.com/security/advisories?name=MDVSA-2008:146
cve@mitre.orghttp://www.ocert.org/advisories/ocert-2008-007.html
cve@mitre.orghttp://www.securityfocus.com/archive/1/493980/100/0/threaded
cve@mitre.orghttp://www.securityfocus.com/archive/1/494142/100/0/threaded
cve@mitre.orghttp://www.securityfocus.com/bid/30107
cve@mitre.orghttp://www.securitytracker.com/id?1020435
cve@mitre.orghttp://www.ubuntu.com/usn/usn-631-1
cve@mitre.orghttp://www.vupen.com/english/advisories/2008/2024/references
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/43619
cve@mitre.orghttps://www.exploit-db.com/exploits/6032
cve@mitre.orghttps://www.redhat.com/archives/fedora-package-announce/2008-August/msg00161.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00006.html
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/30963
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/31002
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/31167
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/31267
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/31405
af854a3a-2127-422b-91ae-364da2661108http://security.gentoo.org/glsa/glsa-200807-04.xml
af854a3a-2127-422b-91ae-364da2661108http://securityreason.com/securityalert/3977
af854a3a-2127-422b-91ae-364da2661108http://wiki.rpath.com/Advisories:rPSA-2008-0223
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2008:146
af854a3a-2127-422b-91ae-364da2661108http://www.ocert.org/advisories/ocert-2008-007.html
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/493980/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/494142/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/30107
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1020435
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/usn-631-1
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2008/2024/references
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/43619
af854a3a-2127-422b-91ae-364da2661108https://www.exploit-db.com/exploits/6032
af854a3a-2127-422b-91ae-364da2661108https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00161.html
Impacted products
Vendor Product Version
poppler poppler *



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:poppler:poppler:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5739C603-4976-48C9-B28F-9E3FD9D3E2A9",
              "versionEndIncluding": "0.8.4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The Page destructor in Page.cc in libpoppler in Poppler 0.8.4 and earlier deletes a pageWidgets object even if it is not initialized by a Page constructor, which allows remote attackers to execute arbitrary code via a crafted PDF document."
    },
    {
      "lang": "es",
      "value": "El destructor Page de Page.cc en libpoppler de Poppler 0.8.4 y anteriores, elimina el objeto pageWidgets incluso si \u00e9ste no ha sido iniciado por un constructor Page, esto permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante un documento PDF manipulado."
    }
  ],
  "id": "CVE-2008-2950",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": true,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2008-07-07T23:41:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00006.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/30963"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/31002"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/31167"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/31267"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/31405"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://security.gentoo.org/glsa/glsa-200807-04.xml"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securityreason.com/securityalert/3977"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://wiki.rpath.com/Advisories:rPSA-2008-0223"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:146"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.ocert.org/advisories/ocert-2008-007.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/493980/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/494142/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/30107"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id?1020435"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.ubuntu.com/usn/usn-631-1"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2008/2024/references"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43619"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://www.exploit-db.com/exploits/6032"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00161.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00006.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/30963"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/31002"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/31167"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/31267"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/31405"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://security.gentoo.org/glsa/glsa-200807-04.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securityreason.com/securityalert/3977"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://wiki.rpath.com/Advisories:rPSA-2008-0223"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:146"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ocert.org/advisories/ocert-2008-007.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/493980/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/494142/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/30107"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1020435"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/usn-631-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/2024/references"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43619"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.exploit-db.com/exploits/6032"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00161.html"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vendorComments": [
    {
      "comment": "Not vulnerable. This issue did not affect the versions of poppler as shipped with Red Hat Enterprise Linux 5, or other PDF parsing applications derived from the xpdf code as shipped in Red Hat Enterprise Linux 2.1, 3, 4, or 5.",
      "lastModified": "2008-07-08T00:00:00",
      "organization": "Red Hat"
    }
  ],
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-94"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2009-04-23 17:30
Modified
2025-04-09 00:30
Severity ?
Summary
The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers a free of uninitialized memory.
References
cve@mitre.orghttp://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html
cve@mitre.orghttp://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html
cve@mitre.orghttp://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html
cve@mitre.orghttp://rhn.redhat.com/errata/RHSA-2009-0458.htmlPatch
cve@mitre.orghttp://secunia.com/advisories/34291Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/34481Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/34755Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/34756Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/34852Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/34959Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/34963Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/34991Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/35037Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/35064Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/35065Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/35618Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/35685Vendor Advisory
cve@mitre.orghttp://security.gentoo.org/glsa/glsa-200904-20.xml
cve@mitre.orghttp://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.578477
cve@mitre.orghttp://wiki.rpath.com/Advisories:rPSA-2009-0061
cve@mitre.orghttp://www.debian.org/security/2009/dsa-1790Patch
cve@mitre.orghttp://www.debian.org/security/2009/dsa-1793Patch
cve@mitre.orghttp://www.mandriva.com/security/advisories?name=MDVSA-2009:101
cve@mitre.orghttp://www.mandriva.com/security/advisories?name=MDVSA-2010:087
cve@mitre.orghttp://www.redhat.com/support/errata/RHSA-2009-0429.htmlPatch
cve@mitre.orghttp://www.redhat.com/support/errata/RHSA-2009-0430.htmlPatch
cve@mitre.orghttp://www.redhat.com/support/errata/RHSA-2009-0431.htmlPatch
cve@mitre.orghttp://www.redhat.com/support/errata/RHSA-2009-0480.htmlPatch
cve@mitre.orghttp://www.securityfocus.com/archive/1/502750/100/0/threaded
cve@mitre.orghttp://www.securityfocus.com/bid/34568Patch
cve@mitre.orghttp://www.securitytracker.com/id?1022073
cve@mitre.orghttp://www.vupen.com/english/advisories/2009/1065Vendor Advisory
cve@mitre.orghttp://www.vupen.com/english/advisories/2009/1066Patch, Vendor Advisory
cve@mitre.orghttp://www.vupen.com/english/advisories/2009/1077Vendor Advisory
cve@mitre.orghttp://www.vupen.com/english/advisories/2010/1040Vendor Advisory
cve@mitre.orghttps://bugzilla.redhat.com/show_bug.cgi?id=490625
cve@mitre.orghttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9778
cve@mitre.orghttps://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html
cve@mitre.orghttps://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html
cve@mitre.orghttps://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2009-0458.htmlPatch
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/34291Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/34481Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/34755Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/34756Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/34852Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/34959Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/34963Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/34991Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/35037Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/35064Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/35065Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/35618Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/35685Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://security.gentoo.org/glsa/glsa-200904-20.xml
af854a3a-2127-422b-91ae-364da2661108http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.578477
af854a3a-2127-422b-91ae-364da2661108http://wiki.rpath.com/Advisories:rPSA-2009-0061
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2009/dsa-1790Patch
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2009/dsa-1793Patch
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2009:101
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2010:087
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2009-0429.htmlPatch
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2009-0430.htmlPatch
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2009-0431.htmlPatch
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2009-0480.htmlPatch
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/502750/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/34568Patch
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1022073
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2009/1065Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2009/1066Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2009/1077Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2010/1040Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.redhat.com/show_bug.cgi?id=490625
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9778
af854a3a-2127-422b-91ae-364da2661108https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html
af854a3a-2127-422b-91ae-364da2661108https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html
af854a3a-2127-422b-91ae-364da2661108https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html
Impacted products
Vendor Product Version
foolabs xpdf 0.5a
foolabs xpdf 0.7a
foolabs xpdf 0.91a
foolabs xpdf 0.91b
foolabs xpdf 0.91c
foolabs xpdf 0.92a
foolabs xpdf 0.92b
foolabs xpdf 0.92c
foolabs xpdf 0.92d
foolabs xpdf 0.92e
foolabs xpdf 0.93a
foolabs xpdf 0.93b
foolabs xpdf 0.93c
foolabs xpdf 1.00a
glyphandcog xpdfreader *
glyphandcog xpdfreader 0.2
glyphandcog xpdfreader 0.3
glyphandcog xpdfreader 0.4
glyphandcog xpdfreader 0.5
glyphandcog xpdfreader 0.6
glyphandcog xpdfreader 0.7
glyphandcog xpdfreader 0.80
glyphandcog xpdfreader 0.90
glyphandcog xpdfreader 0.91
glyphandcog xpdfreader 0.92
glyphandcog xpdfreader 0.93
glyphandcog xpdfreader 1.00
glyphandcog xpdfreader 1.01
glyphandcog xpdfreader 2.00
glyphandcog xpdfreader 2.01
glyphandcog xpdfreader 2.02
glyphandcog xpdfreader 2.03
glyphandcog xpdfreader 3.00
glyphandcog xpdfreader 3.01
poppler poppler *
poppler poppler 0.1
poppler poppler 0.1.1
poppler poppler 0.1.2
poppler poppler 0.2.0
poppler poppler 0.3.0
poppler poppler 0.3.1
poppler poppler 0.3.2
poppler poppler 0.3.3
poppler poppler 0.4.0
poppler poppler 0.4.1
poppler poppler 0.4.2
poppler poppler 0.4.3
poppler poppler 0.4.4
poppler poppler 0.5.0
poppler poppler 0.5.1
poppler poppler 0.5.2
poppler poppler 0.5.3
poppler poppler 0.5.4
poppler poppler 0.5.9
poppler poppler 0.5.90
poppler poppler 0.5.91
poppler poppler 0.6.0
poppler poppler 0.6.1
poppler poppler 0.6.2
poppler poppler 0.6.3
poppler poppler 0.6.4
poppler poppler 0.7.0
poppler poppler 0.7.1
poppler poppler 0.7.2
poppler poppler 0.7.3
poppler poppler 0.8.0
poppler poppler 0.8.1
poppler poppler 0.8.2
poppler poppler 0.8.3
poppler poppler 0.8.4
poppler poppler 0.8.5
poppler poppler 0.8.6
poppler poppler 0.8.7
poppler poppler 0.9.0
poppler poppler 0.9.1
poppler poppler 0.9.2
poppler poppler 0.9.3
poppler poppler 0.10.0
poppler poppler 0.10.1
poppler poppler 0.10.2
poppler poppler 0.10.3
poppler poppler 0.10.4
apple cups *
apple cups 1.1
apple cups 1.1.1
apple cups 1.1.2
apple cups 1.1.3
apple cups 1.1.4
apple cups 1.1.5
apple cups 1.1.5-1
apple cups 1.1.5-2
apple cups 1.1.6
apple cups 1.1.6-1
apple cups 1.1.6-2
apple cups 1.1.6-3
apple cups 1.1.7
apple cups 1.1.8
apple cups 1.1.9
apple cups 1.1.9-1
apple cups 1.1.10
apple cups 1.1.10-1
apple cups 1.1.11
apple cups 1.1.12
apple cups 1.1.13
apple cups 1.1.14
apple cups 1.1.15
apple cups 1.1.16
apple cups 1.1.17
apple cups 1.1.18
apple cups 1.1.19
apple cups 1.1.19
apple cups 1.1.19
apple cups 1.1.19
apple cups 1.1.19
apple cups 1.1.19
apple cups 1.1.20
apple cups 1.1.20
apple cups 1.1.20
apple cups 1.1.20
apple cups 1.1.20
apple cups 1.1.20
apple cups 1.1.20
apple cups 1.1.21
apple cups 1.1.21
apple cups 1.1.21
apple cups 1.1.22
apple cups 1.1.22
apple cups 1.1.22
apple cups 1.1.23
apple cups 1.1.23
apple cups 1.2.0
apple cups 1.2.1
apple cups 1.2.2
apple cups 1.2.3
apple cups 1.2.4
apple cups 1.2.5
apple cups 1.2.6
apple cups 1.2.7
apple cups 1.2.8
apple cups 1.2.9
apple cups 1.2.10
apple cups 1.2.11
apple cups 1.2.12
apple cups 1.3.0
apple cups 1.3.1
apple cups 1.3.2
apple cups 1.3.3
apple cups 1.3.4
apple cups 1.3.5
apple cups 1.3.6
apple cups 1.3.7
apple cups 1.3.8
apple cups 1.3.10
apple cups 1.3.11



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.5a:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8ABE533-8FC1-45E6-B574-A4CC7571EF7C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.7a:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B02805E-7BD0-4563-82C8-6FFB982D4913",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.91a:*:*:*:*:*:*:*",
              "matchCriteriaId": "852F526D-F388-4FF0-BDD9-DF7635DB46D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.91b:*:*:*:*:*:*:*",
              "matchCriteriaId": "478D53EA-CC8C-4ECB-8410-0910505AD819",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.91c:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C84FB90-FF1C-4502-B2D2-390438DD422F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.92a:*:*:*:*:*:*:*",
              "matchCriteriaId": "13341DAE-D16D-41A7-BF17-FEC802997B15",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.92b:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E30BAEA-231C-4A82-B014-9EE3D1E81545",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.92c:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE1DE5A5-6448-43F6-A612-56998D16E6B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.92d:*:*:*:*:*:*:*",
              "matchCriteriaId": "35F84699-D4CF-4FD1-A959-53E316559EBE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.92e:*:*:*:*:*:*:*",
              "matchCriteriaId": "D820DFD5-0EF9-4C9A-B281-D553A4F63141",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.93a:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2EFC7E4-E513-42DB-BDA5-8D1E497971DD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.93b:*:*:*:*:*:*:*",
              "matchCriteriaId": "0AA5CDDC-BFDE-4C5E-920F-5DA1B3C51B52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.93c:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4CF839D-D034-4D47-977F-7E27B36EF04F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:1.00a:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3B3E8A4-14FE-42DA-B82E-839B092B5302",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "32628280-E2DB-45E0-AB8A-CFC90419A182",
              "versionEndIncluding": "3.02",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEF5EC54-9145-4B51-8241-C9343160BF80",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D33C2C1D-C1C1-4B1D-BDC8-6480CE8EC24B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1344DF7-9917-4DB0-9256-9E8131C55B0A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "309F0CF2-4AF7-4F46-91EA-39BA07BAF312",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "36FA872B-74B8-48E4-9D5C-5ACA6FCB8026",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "20311EDE-0E34-432A-AE41-F61EA68F134A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.80:*:*:*:*:*:*:*",
              "matchCriteriaId": "16FEF460-3569-4294-ABA4-D7C251D67071",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.90:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB41E8C2-BBCC-48CB-805B-23411D39E936",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.91:*:*:*:*:*:*:*",
              "matchCriteriaId": "16670F8A-E70B-4CDF-8C61-414D86E20C84",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.92:*:*:*:*:*:*:*",
              "matchCriteriaId": "69483A91-53DB-4736-908F-7B14EFB40888",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.93:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B3E7962-0A95-4E7B-A983-683B02350B93",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:1.00:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD1120B3-3372-417B-BCA0-FD515638FBFB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:1.01:*:*:*:*:*:*:*",
              "matchCriteriaId": "F7397645-3225-4980-8465-28F93322B58B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.00:*:*:*:*:*:*:*",
              "matchCriteriaId": "1672587F-ED28-4A8A-A6C1-AD1D6B5DF9F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.01:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5A45EAF-B511-4360-A201-D588E7EEB39D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.02:*:*:*:*:*:*:*",
              "matchCriteriaId": "D14637F7-DC99-4AC4-854C-DBA0B4C6BE54",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.03:*:*:*:*:*:*:*",
              "matchCriteriaId": "9EE03979-D564-4ABD-BEBD-E86E7C1BAF9D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.00:*:*:*:*:*:*:*",
              "matchCriteriaId": "15D08CFD-BEE1-4DEE-926D-F4291F88224D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.01:*:*:*:*:*:*:*",
              "matchCriteriaId": "D244903F-5407-4C35-AE2C-1A05D3C227D4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:poppler:poppler:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0299F4A-A027-430C-9A53-AFEF9022960C",
              "versionEndIncluding": "0.10.5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E23EBF88-10DE-4EA6-9F0E-F33C88541F65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "54F75CFD-3523-4017-992C-4FA6406D49F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB116A19-6436-40BE-B5C6-32C22D888B9A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A4C1429-593B-47B6-AC84-832F2296FAB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "18240BA6-3390-4925-AC25-DA4C42397CF7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3090A142-2240-4A8D-A122-C037931A277C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EFD63240-4599-4212-8AF2-7C4089CA9D28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C7EE965-EE3F-4B17-AF38-FA3AA0B11164",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7BE488E5-B3D9-4723-ABBA-A8753EC2DA2D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1259C59E-517F-40BE-8BA6-01AB76257C9A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "63C92F1C-3005-4EA6-B9C0-2BC2E3D611D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "576152B4-9ACD-4C4E-B423-4A5EF44332D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "322F9E62-6A74-4805-8F6B-9C61739B2D4E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F51C453F-6A87-49FB-83F6-22316F28161F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "75F532F0-6653-4275-A85A-BD9A9A611E96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CC7300E-0CBE-47FD-A241-B4B4F0164EBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "255102DA-A2C0-4795-9539-B4CBD587554A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "349B06F1-772A-4A12-A7B9-EA220ED96D2C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "B779800A-FF4B-47DD-B56F-77D10D6A335C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.90:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0213390-08FA-4E04-835B-8BE0FC61B464",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.91:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B304657-740A-4F8D-99CD-22E283FEE6F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "178680C2-DB1B-4250-9B6E-6ADABA60DE44",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCA9036F-92DA-45C2-9FBC-DE03444D34F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6855B98-DAA2-4850-A765-2F4D6D93A424",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "4743EC55-B61D-4C1A-9ED7-060268F2DB27",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CD4454E-3D2B-4582-B5E5-0317A6417654",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "96402B67-A7A8-44E3-914E-A10A69FAD735",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "66C608C8-F382-4D6B-A638-98763C1CBB66",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "21F0F4E0-91B7-4B1F-BFA9-829101A7F90A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.7.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "22287102-80B1-4E1F-85E4-488B020A51E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF3030D6-DE07-418B-AB40-87C85FCA3C58",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3583D56-F653-457A-B1F8-25842A15CB82",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6EEA5DBB-5A80-439E-A135-77CB40772916",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4A5C43B-3978-4D0A-8166-A99622106781",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A940AF2-A7CA-408F-86E2-797C7BA8A6BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B2CD8A0-2DBA-4AC9-A97D-D4DAEB6C7A74",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA56CB7C-E7B3-4F0B-8BEB-F133FAF0D6FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "6323ED7A-6FE8-4885-B743-3E2F82ECA08B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "90D3345C-2D35-413C-B6F9-C308BC7C2AA6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "26216EEC-26B7-41C8-ADFB-64D2EA8DAA8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9D3618D-A183-4B09-9CA2-8D622C3486DD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.9.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A88294D9-563E-4AB3-9FE6-971F43B052B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A39F672-B238-4B21-A48E-5121771949F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "58A5D199-E952-44B5-B5E5-170040FA813E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "349B4B75-32E2-49FB-9606-8B057AFA2E3E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "55A8D058-224E-467E-AB61-06F90B541F24",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "77C47EDD-2212-4259-8229-FF05E1A7B5AD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:apple:cups:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4E90153-8D18-4A50-9581-895C851F6489",
              "versionEndIncluding": "1.3.9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4D89E03-94D0-4F7F-9A54-3021E3E5A321",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "298D6BE7-7683-4225-8DD6-4C0FC5EB48BC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "230B77E7-B1AE-4470-859D-7B5F99749D74",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8FECBBD-B1A2-4F42-8A68-32AB8331BDC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B6070FC-4566-4314-940E-0AAE34B56E28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC691F07-8B38-4867-AB18-51F380CAEA46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.5-1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E943EFBF-39A7-408F-8AC5-677E83DFDBB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.5-2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EA7725A-4398-4C76-BEBF-10E56C7F34F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7415295-0FBF-4946-8D99-8CB2EC391319",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.6-1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C702EE3-4B7C-42EA-92AA-8717807CF67C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.6-2:*:*:*:*:*:*:*",
              "matchCriteriaId": "73F74581-D71C-4FEC-BA8C-85EF4C1991BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.6-3:*:*:*:*:*:*:*",
              "matchCriteriaId": "7ABCFB52-33D3-428C-B1D5-DCE504170A37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "45F03F2B-6AC3-4872-9032-293C2E9B837C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E02B6FB-C36D-45F3-95F3-566CA03B29A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "96093309-A87D-48D0-84DA-446255ABF231",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.9-1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF67F149-614B-4507-A15F-E557A1B73423",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4A14432-D8A1-4D19-9408-B9B4F2FC6B0A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.10-1:*:*:*:*:*:*:*",
              "matchCriteriaId": "49862F77-B8DE-4AA7-AE17-B348B05AC00E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "78D7719F-03E0-4E66-A50A-F8E857A9B6AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3139FDA-9476-4414-B349-7119E63FD268",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "523FE78C-441F-4ACD-B9F2-3E5293E277AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "F887B5B1-7528-4086-AE6C-134F54A93342",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D6D24ED-0D73-4CF2-B746-6EF29F2EF56F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "E8C5C552-6276-4791-80CD-6B3EB425EF04",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "8335D4E3-563D-4288-B708-A9635BCA595F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "5279D055-248A-4BD1-9FBB-0024BA16DF5B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF791C1D-9AF8-4F0F-8F4B-844BC9A55DFD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.19:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "16519855-FCB9-44A8-9C7E-116192327BAB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.19:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "B1D9330B-C51A-4C7D-A322-85103C64D86C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.19:rc3:*:*:*:*:*:*",
              "matchCriteriaId": "2DA0C19F-95EB-429C-AF06-A2C1D5643662",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.19:rc4:*:*:*:*:*:*",
              "matchCriteriaId": "225CCE80-FF4B-4B39-B8BD-EB4710047524",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.19:rc5:*:*:*:*:*:*",
              "matchCriteriaId": "07925DD8-50C0-4908-95D1-7342A4617BBC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "48A519DB-6C6D-4094-814D-33BD5EF389BC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.20:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "B6ED7566-5092-4B08-97A9-B2B53117A224",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.20:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "98DCAC0C-896F-4353-A665-5BCD0D8AEBA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.20:rc3:*:*:*:*:*:*",
              "matchCriteriaId": "E72614CD-8F70-4E07-AD83-8FDE8026CEC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.20:rc4:*:*:*:*:*:*",
              "matchCriteriaId": "48E62419-C165-4B42-8C23-E24821BD4BB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.20:rc5:*:*:*:*:*:*",
              "matchCriteriaId": "217D804B-CA56-49CE-B9EB-2A297EB1763C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.20:rc6:*:*:*:*:*:*",
              "matchCriteriaId": "A41E8583-C837-4871-B4D2-FD41C78D538E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "D480C37B-0DA8-4096-80B0-5198FE589A4B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.21:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "74F5A83B-3C1A-49F3-A9D6-F7B9B897E447",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.21:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "241D4183-879D-4974-BACB-A6987EDA2E7D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "96592A93-4967-4B91-BCF7-558DC472E7BC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.22:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "8758715D-B973-4960-8B7D-6F9A11E73288",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.22:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "0370E9EB-B830-4362-B83C-912579695691",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA3EC6EE-720D-4F27-A2E1-88AE53FC41A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.23:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "D644926A-C2A5-45FE-85A3-2782CE87ED86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0696E675-0A13-45FC-8917-845E6FF7A311",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "78BAC98C-1FE6-42A3-8B62-E3C321914F6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "BCC3EF2F-0140-4185-9FB3-2B595B61CDC1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C36785A-F735-45C0-986B-9624AD65F0C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C1D3916-607F-44E8-9D47-93C6C0789083",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "174613C3-A04B-4701-849B-BAA598BF4F72",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "81C1137C-BE3D-45F9-83C9-D212107F0E14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CBC1F81-E93A-42A7-8BC8-4B903688F2E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FA876FF-C58A-45CF-A8E8-E2068DF79421",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.2.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "5FD78771-BD9A-4AC2-B664-B189DD288FB2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.2.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "50A16424-732F-4B76-A753-1642A97BC1EA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.2.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "E189C976-2DD2-485C-828E-7FC3DC6A8F32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.2.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "A86CA90F-A944-4F3E-B75F-8147125335D2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FAFABDC-E40F-4C53-AC66-94EFD077665D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "42A2F7B3-F4A7-416E-A07F-D4C5F0768B6F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F96C1B80-9E20-4832-8308-BF7911569EF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F2D7DB3-F467-4BC0-83BB-4706D067A2C5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABD33C2C-7D39-4CCE-AC99-BC7B1B205A4F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "46C394DC-65A7-4713-B823-6F5D329A0C5C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5E9F74F-3C7D-486A-8BA1-EE2A73160B39",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "69BD64BB-BDA7-4F82-8324-B7C7C941133C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCAEE03E-0B8A-4D10-BD4D-2DA25B7BBE16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.3.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8814509-8B08-46C6-AE50-19B7D30DCF40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "0718FB6B-D787-409A-B535-0318F2C63A81",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers a free of uninitialized memory."
    },
    {
      "lang": "es",
      "value": "El decodificador JBIG2 en Xpdf versi\u00f3n 3.02 PL2 y anteriores, CUPS versi\u00f3n 1.3.9 y anteriores, y otros productos permite a los atacantes remotos causar una denegaci\u00f3n de servicio (bloqueo) por medio de un archivo PDF creado que desencadena una liberaci\u00f3n de memoria no inicializada."
    }
  ],
  "id": "CVE-2009-0166",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2009-04-23T17:30:01.610",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34291"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34481"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34755"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34756"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34852"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34959"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34963"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34991"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35037"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35064"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35065"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35618"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35685"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://security.gentoo.org/glsa/glsa-200904-20.xml"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://wiki.rpath.com/Advisories:rPSA-2009-0061"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.debian.org/security/2009/dsa-1790"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.debian.org/security/2009/dsa-1793"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/502750/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/34568"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id?1022073"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/1065"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/1066"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/1077"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2010/1040"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=490625"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9778"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34291"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34481"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34755"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34756"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34852"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34959"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34963"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34991"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35037"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35064"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35065"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35618"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35685"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://security.gentoo.org/glsa/glsa-200904-20.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://wiki.rpath.com/Advisories:rPSA-2009-0061"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.debian.org/security/2009/dsa-1790"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.debian.org/security/2009/dsa-1793"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/502750/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/34568"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1022073"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/1065"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/1066"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/1077"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2010/1040"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=490625"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9778"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-399"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2009-03-03 16:30
Modified
2025-04-09 00:30
Severity ?
Summary
The FormWidgetChoice::loadDefaults function in Poppler before 0.10.4 allows remote attackers to cause a denial of service (crash) via a PDF file with an invalid Form Opt entry.
References
cve@mitre.orghttp://bugs.freedesktop.org/show_bug.cgi?id=19790
cve@mitre.orghttp://lists.freedesktop.org/archives/poppler/2009-January/004406.htmlExploit
cve@mitre.orghttp://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html
cve@mitre.orghttp://secunia.com/advisories/33853Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/35685
cve@mitre.orghttp://secunia.com/advisories/37114
cve@mitre.orghttp://wiki.rpath.com/Advisories:rPSA-2009-0059
cve@mitre.orghttp://www.debian.org/security/2009/dsa-1941
cve@mitre.orghttp://www.openwall.com/lists/oss-security/2009/02/13/1
cve@mitre.orghttp://www.openwall.com/lists/oss-security/2009/02/19/2
cve@mitre.orghttp://www.securityfocus.com/archive/1/502761/100/0/threaded
cve@mitre.orghttp://www.securityfocus.com/bid/33749
cve@mitre.orghttp://www.ubuntu.com/usn/USN-850-1
af854a3a-2127-422b-91ae-364da2661108http://bugs.freedesktop.org/show_bug.cgi?id=19790
af854a3a-2127-422b-91ae-364da2661108http://lists.freedesktop.org/archives/poppler/2009-January/004406.htmlExploit
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/33853Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/35685
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/37114
af854a3a-2127-422b-91ae-364da2661108http://wiki.rpath.com/Advisories:rPSA-2009-0059
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2009/dsa-1941
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2009/02/13/1
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2009/02/19/2
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/502761/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/33749
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/USN-850-1



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:poppler:poppler:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D94A745A-9BB3-4EE9-AC87-CACA64FB5C81",
              "versionEndIncluding": "0.10.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E23EBF88-10DE-4EA6-9F0E-F33C88541F65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "54F75CFD-3523-4017-992C-4FA6406D49F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB116A19-6436-40BE-B5C6-32C22D888B9A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A4C1429-593B-47B6-AC84-832F2296FAB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "18240BA6-3390-4925-AC25-DA4C42397CF7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3090A142-2240-4A8D-A122-C037931A277C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EFD63240-4599-4212-8AF2-7C4089CA9D28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C7EE965-EE3F-4B17-AF38-FA3AA0B11164",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7BE488E5-B3D9-4723-ABBA-A8753EC2DA2D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1259C59E-517F-40BE-8BA6-01AB76257C9A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "63C92F1C-3005-4EA6-B9C0-2BC2E3D611D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "576152B4-9ACD-4C4E-B423-4A5EF44332D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "322F9E62-6A74-4805-8F6B-9C61739B2D4E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F51C453F-6A87-49FB-83F6-22316F28161F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "75F532F0-6653-4275-A85A-BD9A9A611E96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CC7300E-0CBE-47FD-A241-B4B4F0164EBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "255102DA-A2C0-4795-9539-B4CBD587554A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "349B06F1-772A-4A12-A7B9-EA220ED96D2C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "B779800A-FF4B-47DD-B56F-77D10D6A335C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.90:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0213390-08FA-4E04-835B-8BE0FC61B464",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.91:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B304657-740A-4F8D-99CD-22E283FEE6F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "178680C2-DB1B-4250-9B6E-6ADABA60DE44",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCA9036F-92DA-45C2-9FBC-DE03444D34F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6855B98-DAA2-4850-A765-2F4D6D93A424",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "4743EC55-B61D-4C1A-9ED7-060268F2DB27",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CD4454E-3D2B-4582-B5E5-0317A6417654",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "96402B67-A7A8-44E3-914E-A10A69FAD735",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "66C608C8-F382-4D6B-A638-98763C1CBB66",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "21F0F4E0-91B7-4B1F-BFA9-829101A7F90A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.7.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "22287102-80B1-4E1F-85E4-488B020A51E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A940AF2-A7CA-408F-86E2-797C7BA8A6BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "58A5D199-E952-44B5-B5E5-170040FA813E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "349B4B75-32E2-49FB-9606-8B057AFA2E3E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The FormWidgetChoice::loadDefaults function in Poppler before 0.10.4 allows remote attackers to cause a denial of service (crash) via a PDF file with an invalid Form Opt entry."
    },
    {
      "lang": "es",
      "value": "La funcion FormWidgetChoice::loadDefaults en Poppler anteriores v0.10.4 permite a atacantes remotos producir una denegacion de servicio (caida) a traves de un fichero PDF con una entrada \"Form Opt\" incorrecta."
    }
  ],
  "id": "CVE-2009-0755",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2009-03-03T16:30:05.250",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://bugs.freedesktop.org/show_bug.cgi?id=19790"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ],
      "url": "http://lists.freedesktop.org/archives/poppler/2009-January/004406.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/33853"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/35685"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/37114"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://wiki.rpath.com/Advisories:rPSA-2009-0059"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.debian.org/security/2009/dsa-1941"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.openwall.com/lists/oss-security/2009/02/13/1"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.openwall.com/lists/oss-security/2009/02/19/2"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/502761/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/33749"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.ubuntu.com/usn/USN-850-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://bugs.freedesktop.org/show_bug.cgi?id=19790"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://lists.freedesktop.org/archives/poppler/2009-January/004406.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/33853"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/35685"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/37114"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://wiki.rpath.com/Advisories:rPSA-2009-0059"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2009/dsa-1941"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2009/02/13/1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2009/02/19/2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/502761/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/33749"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/USN-850-1"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vendorComments": [
    {
      "comment": "Not vulnerable.  This issue did not affect the versions of poppler, xpdf, gpdf and kdegraphics as shipped with Red Hat Enterprise Linux 3, 4, or 5.",
      "lastModified": "2009-07-15T00:00:00",
      "organization": "Red Hat"
    }
  ],
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2009-10-21 17:30
Modified
2025-04-09 00:30
Severity ?
Summary
Integer overflow in the PSOutputDev::doImageL1Sep function in Xpdf before 3.02pl4, and Poppler 0.x, as used in kdegraphics KPDF, might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow.
References
secalert@redhat.comftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl4.patchPatch
secalert@redhat.comhttp://cgit.freedesktop.org/poppler/poppler/diff/poppler/PSOutputDev.cc?id=7b2d314a61
secalert@redhat.comhttp://lists.fedoraproject.org/pipermail/package-announce/2010-February/035340.html
secalert@redhat.comhttp://lists.fedoraproject.org/pipermail/package-announce/2010-February/035399.html
secalert@redhat.comhttp://lists.fedoraproject.org/pipermail/package-announce/2010-February/035408.html
secalert@redhat.comhttp://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html
secalert@redhat.comhttp://secunia.com/advisories/37023Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/37037Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/37042Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/37043Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/37053Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/37077Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/37159
secalert@redhat.comhttp://secunia.com/advisories/39327
secalert@redhat.comhttp://secunia.com/advisories/39938
secalert@redhat.comhttp://securitytracker.com/id?1023029Patch
secalert@redhat.comhttp://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1
secalert@redhat.comhttp://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1
secalert@redhat.comhttp://www.debian.org/security/2009/dsa-1941
secalert@redhat.comhttp://www.debian.org/security/2010/dsa-2028
secalert@redhat.comhttp://www.debian.org/security/2010/dsa-2050
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDVSA-2009:287
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDVSA-2010:087
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDVSA-2011:175
secalert@redhat.comhttp://www.openwall.com/lists/oss-security/2009/12/01/1
secalert@redhat.comhttp://www.openwall.com/lists/oss-security/2009/12/01/5
secalert@redhat.comhttp://www.openwall.com/lists/oss-security/2009/12/01/6
secalert@redhat.comhttp://www.securityfocus.com/bid/36703Exploit, Patch
secalert@redhat.comhttp://www.vupen.com/english/advisories/2009/2924Patch, Vendor Advisory
secalert@redhat.comhttp://www.vupen.com/english/advisories/2009/2928Patch, Vendor Advisory
secalert@redhat.comhttp://www.vupen.com/english/advisories/2010/0802
secalert@redhat.comhttp://www.vupen.com/english/advisories/2010/1040
secalert@redhat.comhttp://www.vupen.com/english/advisories/2010/1220
secalert@redhat.comhttps://bugzilla.redhat.com/show_bug.cgi?id=526877
secalert@redhat.comhttps://exchange.xforce.ibmcloud.com/vulnerabilities/53798
secalert@redhat.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11289
secalert@redhat.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7836
secalert@redhat.comhttps://rhn.redhat.com/errata/RHSA-2009-1500.html
secalert@redhat.comhttps://rhn.redhat.com/errata/RHSA-2009-1501.htmlVendor Advisory
secalert@redhat.comhttps://rhn.redhat.com/errata/RHSA-2009-1502.html
secalert@redhat.comhttps://www.redhat.com/archives/fedora-package-announce/2009-October/msg00750.html
secalert@redhat.comhttps://www.redhat.com/archives/fedora-package-announce/2009-October/msg00784.html
af854a3a-2127-422b-91ae-364da2661108ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl4.patchPatch
af854a3a-2127-422b-91ae-364da2661108http://cgit.freedesktop.org/poppler/poppler/diff/poppler/PSOutputDev.cc?id=7b2d314a61
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035340.html
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035399.html
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035408.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/37023Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/37037Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/37042Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/37043Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/37053Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/37077Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/37159
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/39327
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/39938
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1023029Patch
af854a3a-2127-422b-91ae-364da2661108http://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1
af854a3a-2127-422b-91ae-364da2661108http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2009/dsa-1941
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2010/dsa-2028
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2010/dsa-2050
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2009:287
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2010:087
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2011:175
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2009/12/01/1
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2009/12/01/5
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2009/12/01/6
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/36703Exploit, Patch
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2009/2924Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2009/2928Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2010/0802
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2010/1040
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2010/1220
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.redhat.com/show_bug.cgi?id=526877
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/53798
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11289
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7836
af854a3a-2127-422b-91ae-364da2661108https://rhn.redhat.com/errata/RHSA-2009-1500.html
af854a3a-2127-422b-91ae-364da2661108https://rhn.redhat.com/errata/RHSA-2009-1501.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://rhn.redhat.com/errata/RHSA-2009-1502.html
af854a3a-2127-422b-91ae-364da2661108https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00750.html
af854a3a-2127-422b-91ae-364da2661108https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00784.html



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:3.02pl1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BC500DA-7B3F-4CD5-BB0E-B244000CD19D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:3.02pl2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D5D9CEA-0707-46FC-AEC3-9EC540B22BC3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:3.02pl3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD38AC59-7518-40FB-BC29-EC64142DE682",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.00:*:*:*:*:*:*:*",
              "matchCriteriaId": "15D08CFD-BEE1-4DEE-926D-F4291F88224D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.01:*:*:*:*:*:*:*",
              "matchCriteriaId": "D244903F-5407-4C35-AE2C-1A05D3C227D4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.02:*:*:*:*:*:*:*",
              "matchCriteriaId": "F7D4E256-FF91-47BA-B1D4-940FB2D970AF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E23EBF88-10DE-4EA6-9F0E-F33C88541F65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "54F75CFD-3523-4017-992C-4FA6406D49F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB116A19-6436-40BE-B5C6-32C22D888B9A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A4C1429-593B-47B6-AC84-832F2296FAB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "18240BA6-3390-4925-AC25-DA4C42397CF7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3090A142-2240-4A8D-A122-C037931A277C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EFD63240-4599-4212-8AF2-7C4089CA9D28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C7EE965-EE3F-4B17-AF38-FA3AA0B11164",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7BE488E5-B3D9-4723-ABBA-A8753EC2DA2D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1259C59E-517F-40BE-8BA6-01AB76257C9A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "63C92F1C-3005-4EA6-B9C0-2BC2E3D611D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "576152B4-9ACD-4C4E-B423-4A5EF44332D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "322F9E62-6A74-4805-8F6B-9C61739B2D4E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F51C453F-6A87-49FB-83F6-22316F28161F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "75F532F0-6653-4275-A85A-BD9A9A611E96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CC7300E-0CBE-47FD-A241-B4B4F0164EBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "255102DA-A2C0-4795-9539-B4CBD587554A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "349B06F1-772A-4A12-A7B9-EA220ED96D2C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "B779800A-FF4B-47DD-B56F-77D10D6A335C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "178680C2-DB1B-4250-9B6E-6ADABA60DE44",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCA9036F-92DA-45C2-9FBC-DE03444D34F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6855B98-DAA2-4850-A765-2F4D6D93A424",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "4743EC55-B61D-4C1A-9ED7-060268F2DB27",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CD4454E-3D2B-4582-B5E5-0317A6417654",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "96402B67-A7A8-44E3-914E-A10A69FAD735",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "66C608C8-F382-4D6B-A638-98763C1CBB66",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "21F0F4E0-91B7-4B1F-BFA9-829101A7F90A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.7.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "22287102-80B1-4E1F-85E4-488B020A51E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF3030D6-DE07-418B-AB40-87C85FCA3C58",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3583D56-F653-457A-B1F8-25842A15CB82",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6EEA5DBB-5A80-439E-A135-77CB40772916",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4A5C43B-3978-4D0A-8166-A99622106781",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A940AF2-A7CA-408F-86E2-797C7BA8A6BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA56CB7C-E7B3-4F0B-8BEB-F133FAF0D6FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "6323ED7A-6FE8-4885-B743-3E2F82ECA08B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "90D3345C-2D35-413C-B6F9-C308BC7C2AA6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "26216EEC-26B7-41C8-ADFB-64D2EA8DAA8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9D3618D-A183-4B09-9CA2-8D622C3486DD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.9.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A88294D9-563E-4AB3-9FE6-971F43B052B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A39F672-B238-4B21-A48E-5121771949F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "58A5D199-E952-44B5-B5E5-170040FA813E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "349B4B75-32E2-49FB-9606-8B057AFA2E3E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "55A8D058-224E-467E-AB61-06F90B541F24",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "77C47EDD-2212-4259-8229-FF05E1A7B5AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "C52995D0-0986-427F-B37D-2F6726EA330D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E4427C5-DBF0-4EF9-8B7A-61D56C14E3FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "B91206CA-7EBE-4E64-9A49-D7EC0D051012",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.11.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BFD43644-7F02-42AF-8EC3-C326A13E2F89",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.11.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "81FE2E6F-44B2-42D5-B986-D1FE2B510968",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.11.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A605079-3705-4E2C-8F6D-C21B4D875817",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.11.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3ABBD590-8092-4920-BBC7-F3ACB9CCC900",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.12.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "14D812D5-BC8B-4907-AA70-F8D7F982A8DD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:kde:kpdf:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "41EF2714-DEC9-407F-9D1B-EF2A4D8B4DC3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Integer overflow in the PSOutputDev::doImageL1Sep function in Xpdf before 3.02pl4, and Poppler 0.x, as used in kdegraphics KPDF, might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de entero en la funci\u00f3n PSOutputDev::doImageL1Sep en Xpdf v3.02pl4  y Poppler v0.x, usado en n kdegraphics KPDF, podr\u00eda permitir a atacantes remotos la ejecuci\u00f3n de c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un documento PDF manipulado que provoca un desbordamiento de b\u00fafer basado en memoria din\u00e1mica (heap)."
    }
  ],
  "id": "CVE-2009-3606",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2009-10-21T17:30:00.343",
  "references": [
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl4.patch"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://cgit.freedesktop.org/poppler/poppler/diff/poppler/PSOutputDev.cc?id=7b2d314a61"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035340.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035399.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035408.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/37023"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/37037"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/37042"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/37043"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/37053"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/37077"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/37159"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/39327"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/39938"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://securitytracker.com/id?1023029"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2009/dsa-1941"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2010/dsa-2028"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2010/dsa-2050"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:287"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.openwall.com/lists/oss-security/2009/12/01/1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.openwall.com/lists/oss-security/2009/12/01/5"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.openwall.com/lists/oss-security/2009/12/01/6"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Exploit",
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/36703"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/2924"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/2928"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2010/0802"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2010/1040"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2010/1220"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=526877"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53798"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11289"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7836"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://rhn.redhat.com/errata/RHSA-2009-1500.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://rhn.redhat.com/errata/RHSA-2009-1501.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://rhn.redhat.com/errata/RHSA-2009-1502.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00750.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00784.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl4.patch"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://cgit.freedesktop.org/poppler/poppler/diff/poppler/PSOutputDev.cc?id=7b2d314a61"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035340.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035399.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035408.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/37023"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/37037"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/37042"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/37043"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/37053"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/37077"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/37159"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/39327"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/39938"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://securitytracker.com/id?1023029"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2009/dsa-1941"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2010/dsa-2028"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2010/dsa-2050"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:287"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2009/12/01/1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2009/12/01/5"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2009/12/01/6"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/36703"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/2924"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/2928"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2010/0802"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2010/1040"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2010/1220"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=526877"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53798"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11289"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7836"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://rhn.redhat.com/errata/RHSA-2009-1500.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://rhn.redhat.com/errata/RHSA-2009-1501.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://rhn.redhat.com/errata/RHSA-2009-1502.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00750.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00784.html"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-189"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2008-04-18 15:05
Modified
2025-04-09 00:30
Severity ?
Summary
The CairoFont::create function in CairoFontEngine.cc in Poppler, possibly before 0.8.0, as used in Xpdf, Evince, ePDFview, KWord, and other applications, does not properly handle embedded fonts in PDF files, which allows remote attackers to execute arbitrary code via a crafted font object, related to dereferencing a function pointer associated with the type of this font object.
References
security@ubuntu.comhttp://lists.opensuse.org/opensuse-security-announce/2008-05/msg00000.html
security@ubuntu.comhttp://secunia.com/advisories/29816
security@ubuntu.comhttp://secunia.com/advisories/29834
security@ubuntu.comhttp://secunia.com/advisories/29836
security@ubuntu.comhttp://secunia.com/advisories/29851
security@ubuntu.comhttp://secunia.com/advisories/29853
security@ubuntu.comhttp://secunia.com/advisories/29868
security@ubuntu.comhttp://secunia.com/advisories/29869
security@ubuntu.comhttp://secunia.com/advisories/29884
security@ubuntu.comhttp://secunia.com/advisories/29885
security@ubuntu.comhttp://secunia.com/advisories/30019
security@ubuntu.comhttp://secunia.com/advisories/30033
security@ubuntu.comhttp://secunia.com/advisories/30717
security@ubuntu.comhttp://secunia.com/advisories/31035
security@ubuntu.comhttp://security.gentoo.org/glsa/glsa-200804-18.xml
security@ubuntu.comhttp://securitytracker.com/id?1019893
security@ubuntu.comhttp://www.debian.org/security/2008/dsa-1548Patch
security@ubuntu.comhttp://www.debian.org/security/2008/dsa-1606
security@ubuntu.comhttp://www.mandriva.com/security/advisories?name=MDVSA-2008:089
security@ubuntu.comhttp://www.mandriva.com/security/advisories?name=MDVSA-2008:173
security@ubuntu.comhttp://www.mandriva.com/security/advisories?name=MDVSA-2008:197
security@ubuntu.comhttp://www.novell.com/linux/security/advisories/2008_13_sr.html
security@ubuntu.comhttp://www.redhat.com/support/errata/RHSA-2008-0238.html
security@ubuntu.comhttp://www.redhat.com/support/errata/RHSA-2008-0239.html
security@ubuntu.comhttp://www.redhat.com/support/errata/RHSA-2008-0240.html
security@ubuntu.comhttp://www.redhat.com/support/errata/RHSA-2008-0262.html
security@ubuntu.comhttp://www.securityfocus.com/bid/28830
security@ubuntu.comhttp://www.ubuntu.com/usn/usn-603-1
security@ubuntu.comhttp://www.ubuntu.com/usn/usn-603-2
security@ubuntu.comhttp://www.vupen.com/english/advisories/2008/1265/references
security@ubuntu.comhttp://www.vupen.com/english/advisories/2008/1266/references
security@ubuntu.comhttps://exchange.xforce.ibmcloud.com/vulnerabilities/41884
security@ubuntu.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11226
security@ubuntu.comhttps://www.redhat.com/archives/fedora-package-announce/2008-April/msg00522.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2008-05/msg00000.html
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/29816
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/29834
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/29836
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/29851
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/29853
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/29868
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/29869
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/29884
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/29885
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/30019
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/30033
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/30717
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/31035
af854a3a-2127-422b-91ae-364da2661108http://security.gentoo.org/glsa/glsa-200804-18.xml
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1019893
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2008/dsa-1548Patch
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2008/dsa-1606
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2008:089
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2008:173
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2008:197
af854a3a-2127-422b-91ae-364da2661108http://www.novell.com/linux/security/advisories/2008_13_sr.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2008-0238.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2008-0239.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2008-0240.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2008-0262.html
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/28830
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/usn-603-1
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/usn-603-2
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2008/1265/references
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2008/1266/references
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/41884
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11226
af854a3a-2127-422b-91ae-364da2661108https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00522.html



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:poppler:poppler:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "310194C7-8370-4EB6-B4CF-C8EE2A8E55DF",
              "versionEndIncluding": "0.7.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E23EBF88-10DE-4EA6-9F0E-F33C88541F65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "54F75CFD-3523-4017-992C-4FA6406D49F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB116A19-6436-40BE-B5C6-32C22D888B9A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A4C1429-593B-47B6-AC84-832F2296FAB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "18240BA6-3390-4925-AC25-DA4C42397CF7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3090A142-2240-4A8D-A122-C037931A277C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EFD63240-4599-4212-8AF2-7C4089CA9D28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C7EE965-EE3F-4B17-AF38-FA3AA0B11164",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7BE488E5-B3D9-4723-ABBA-A8753EC2DA2D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1259C59E-517F-40BE-8BA6-01AB76257C9A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "63C92F1C-3005-4EA6-B9C0-2BC2E3D611D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "576152B4-9ACD-4C4E-B423-4A5EF44332D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "322F9E62-6A74-4805-8F6B-9C61739B2D4E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F51C453F-6A87-49FB-83F6-22316F28161F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "75F532F0-6653-4275-A85A-BD9A9A611E96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CC7300E-0CBE-47FD-A241-B4B4F0164EBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "255102DA-A2C0-4795-9539-B4CBD587554A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "349B06F1-772A-4A12-A7B9-EA220ED96D2C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "B779800A-FF4B-47DD-B56F-77D10D6A335C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.91:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B304657-740A-4F8D-99CD-22E283FEE6F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "178680C2-DB1B-4250-9B6E-6ADABA60DE44",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCA9036F-92DA-45C2-9FBC-DE03444D34F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6855B98-DAA2-4850-A765-2F4D6D93A424",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "4743EC55-B61D-4C1A-9ED7-060268F2DB27",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CD4454E-3D2B-4582-B5E5-0317A6417654",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "96402B67-A7A8-44E3-914E-A10A69FAD735",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "66C608C8-F382-4D6B-A638-98763C1CBB66",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "21F0F4E0-91B7-4B1F-BFA9-829101A7F90A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The CairoFont::create function in CairoFontEngine.cc in Poppler, possibly before 0.8.0, as used in Xpdf, Evince, ePDFview, KWord, and other applications, does not properly handle embedded fonts in PDF files, which allows remote attackers to execute arbitrary code via a crafted font object, related to dereferencing a function pointer associated with the type of this font object."
    },
    {
      "lang": "es",
      "value": "La funci\u00f3n CairoFont::create en CairoFontEngine.cc de Poppler, posiblemente anterior a 0.8.0, como se usa en Xpdf, Evince, ePDFview, KWord y otras aplicaciones, no maneja correctamente fuentes embebidas en archivos PDF, lo que permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un objeto fuente manipulado, relacionado con referenciar un puntero de una funci\u00f3n asociado con el tipo de este objeto fuente."
    }
  ],
  "id": "CVE-2008-1693",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.8,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": true,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2008-04-18T15:05:00.000",
  "references": [
    {
      "source": "security@ubuntu.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2008-05/msg00000.html"
    },
    {
      "source": "security@ubuntu.com",
      "url": "http://secunia.com/advisories/29816"
    },
    {
      "source": "security@ubuntu.com",
      "url": "http://secunia.com/advisories/29834"
    },
    {
      "source": "security@ubuntu.com",
      "url": "http://secunia.com/advisories/29836"
    },
    {
      "source": "security@ubuntu.com",
      "url": "http://secunia.com/advisories/29851"
    },
    {
      "source": "security@ubuntu.com",
      "url": "http://secunia.com/advisories/29853"
    },
    {
      "source": "security@ubuntu.com",
      "url": "http://secunia.com/advisories/29868"
    },
    {
      "source": "security@ubuntu.com",
      "url": "http://secunia.com/advisories/29869"
    },
    {
      "source": "security@ubuntu.com",
      "url": "http://secunia.com/advisories/29884"
    },
    {
      "source": "security@ubuntu.com",
      "url": "http://secunia.com/advisories/29885"
    },
    {
      "source": "security@ubuntu.com",
      "url": "http://secunia.com/advisories/30019"
    },
    {
      "source": "security@ubuntu.com",
      "url": "http://secunia.com/advisories/30033"
    },
    {
      "source": "security@ubuntu.com",
      "url": "http://secunia.com/advisories/30717"
    },
    {
      "source": "security@ubuntu.com",
      "url": "http://secunia.com/advisories/31035"
    },
    {
      "source": "security@ubuntu.com",
      "url": "http://security.gentoo.org/glsa/glsa-200804-18.xml"
    },
    {
      "source": "security@ubuntu.com",
      "url": "http://securitytracker.com/id?1019893"
    },
    {
      "source": "security@ubuntu.com",
      "tags": [
        "Patch"
      ],
      "url": "http://www.debian.org/security/2008/dsa-1548"
    },
    {
      "source": "security@ubuntu.com",
      "url": "http://www.debian.org/security/2008/dsa-1606"
    },
    {
      "source": "security@ubuntu.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:089"
    },
    {
      "source": "security@ubuntu.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:173"
    },
    {
      "source": "security@ubuntu.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:197"
    },
    {
      "source": "security@ubuntu.com",
      "url": "http://www.novell.com/linux/security/advisories/2008_13_sr.html"
    },
    {
      "source": "security@ubuntu.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2008-0238.html"
    },
    {
      "source": "security@ubuntu.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2008-0239.html"
    },
    {
      "source": "security@ubuntu.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2008-0240.html"
    },
    {
      "source": "security@ubuntu.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2008-0262.html"
    },
    {
      "source": "security@ubuntu.com",
      "url": "http://www.securityfocus.com/bid/28830"
    },
    {
      "source": "security@ubuntu.com",
      "url": "http://www.ubuntu.com/usn/usn-603-1"
    },
    {
      "source": "security@ubuntu.com",
      "url": "http://www.ubuntu.com/usn/usn-603-2"
    },
    {
      "source": "security@ubuntu.com",
      "url": "http://www.vupen.com/english/advisories/2008/1265/references"
    },
    {
      "source": "security@ubuntu.com",
      "url": "http://www.vupen.com/english/advisories/2008/1266/references"
    },
    {
      "source": "security@ubuntu.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41884"
    },
    {
      "source": "security@ubuntu.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11226"
    },
    {
      "source": "security@ubuntu.com",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00522.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2008-05/msg00000.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/29816"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/29834"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/29836"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/29851"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/29853"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/29868"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/29869"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/29884"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/29885"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/30019"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/30033"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/30717"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/31035"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://security.gentoo.org/glsa/glsa-200804-18.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1019893"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.debian.org/security/2008/dsa-1548"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2008/dsa-1606"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:089"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:173"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:197"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.novell.com/linux/security/advisories/2008_13_sr.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2008-0238.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2008-0239.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2008-0240.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2008-0262.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/28830"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/usn-603-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/usn-603-2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/1265/references"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/1266/references"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41884"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11226"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00522.html"
    }
  ],
  "sourceIdentifier": "security@ubuntu.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2009-03-03 16:30
Modified
2025-04-09 00:30
Severity ?
Summary
The JBIG2Stream::readSymbolDictSeg function in Poppler before 0.10.4 allows remote attackers to cause a denial of service (crash) via a PDF file that triggers a parsing error, which is not properly handled by JBIG2SymbolDict::~JBIG2SymbolDict and triggers an invalid memory dereference.
References
cve@mitre.orghttp://bugs.freedesktop.org/show_bug.cgi?id=19702Exploit
cve@mitre.orghttp://lists.freedesktop.org/archives/poppler/2009-January/004403.htmlExploit
cve@mitre.orghttp://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html
cve@mitre.orghttp://secunia.com/advisories/33853Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/35685
cve@mitre.orghttp://wiki.rpath.com/Advisories:rPSA-2009-0059
cve@mitre.orghttp://www.openwall.com/lists/oss-security/2009/02/13/1
cve@mitre.orghttp://www.openwall.com/lists/oss-security/2009/02/19/2
cve@mitre.orghttp://www.securityfocus.com/archive/1/502761/100/0/threaded
cve@mitre.orghttp://www.securityfocus.com/bid/33749
af854a3a-2127-422b-91ae-364da2661108http://bugs.freedesktop.org/show_bug.cgi?id=19702Exploit
af854a3a-2127-422b-91ae-364da2661108http://lists.freedesktop.org/archives/poppler/2009-January/004403.htmlExploit
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/33853Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/35685
af854a3a-2127-422b-91ae-364da2661108http://wiki.rpath.com/Advisories:rPSA-2009-0059
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2009/02/13/1
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2009/02/19/2
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/502761/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/33749



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:poppler:poppler:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D94A745A-9BB3-4EE9-AC87-CACA64FB5C81",
              "versionEndIncluding": "0.10.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E23EBF88-10DE-4EA6-9F0E-F33C88541F65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "54F75CFD-3523-4017-992C-4FA6406D49F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB116A19-6436-40BE-B5C6-32C22D888B9A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A4C1429-593B-47B6-AC84-832F2296FAB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "18240BA6-3390-4925-AC25-DA4C42397CF7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3090A142-2240-4A8D-A122-C037931A277C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EFD63240-4599-4212-8AF2-7C4089CA9D28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C7EE965-EE3F-4B17-AF38-FA3AA0B11164",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7BE488E5-B3D9-4723-ABBA-A8753EC2DA2D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1259C59E-517F-40BE-8BA6-01AB76257C9A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "63C92F1C-3005-4EA6-B9C0-2BC2E3D611D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "576152B4-9ACD-4C4E-B423-4A5EF44332D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "322F9E62-6A74-4805-8F6B-9C61739B2D4E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F51C453F-6A87-49FB-83F6-22316F28161F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "75F532F0-6653-4275-A85A-BD9A9A611E96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CC7300E-0CBE-47FD-A241-B4B4F0164EBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "255102DA-A2C0-4795-9539-B4CBD587554A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "349B06F1-772A-4A12-A7B9-EA220ED96D2C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "B779800A-FF4B-47DD-B56F-77D10D6A335C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.90:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0213390-08FA-4E04-835B-8BE0FC61B464",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.91:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B304657-740A-4F8D-99CD-22E283FEE6F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "178680C2-DB1B-4250-9B6E-6ADABA60DE44",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCA9036F-92DA-45C2-9FBC-DE03444D34F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6855B98-DAA2-4850-A765-2F4D6D93A424",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "4743EC55-B61D-4C1A-9ED7-060268F2DB27",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CD4454E-3D2B-4582-B5E5-0317A6417654",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "96402B67-A7A8-44E3-914E-A10A69FAD735",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "66C608C8-F382-4D6B-A638-98763C1CBB66",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "21F0F4E0-91B7-4B1F-BFA9-829101A7F90A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.7.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "22287102-80B1-4E1F-85E4-488B020A51E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A940AF2-A7CA-408F-86E2-797C7BA8A6BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "58A5D199-E952-44B5-B5E5-170040FA813E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "349B4B75-32E2-49FB-9606-8B057AFA2E3E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The JBIG2Stream::readSymbolDictSeg function in Poppler before 0.10.4 allows remote attackers to cause a denial of service (crash) via a PDF file that triggers a parsing error, which is not properly handled by JBIG2SymbolDict::~JBIG2SymbolDict and triggers an invalid memory dereference."
    },
    {
      "lang": "es",
      "value": "La funci\u00f3n JBIG2Stream::readSymbolDictSeg en Poppler anteriores a v0.10.4 permite a atacantes remotos producir una denegaci\u00f3n de servicio (ca\u00edda) a trav\u00e9s de un fichero PDF que dispara un error de parseo, lo cual no adecuadamente manejado por JBIG2SymbolDict::~JBIG2SymbolDict y produce una desreferencia de memoria incorrecta."
    }
  ],
  "id": "CVE-2009-0756",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2009-03-03T16:30:05.267",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ],
      "url": "http://bugs.freedesktop.org/show_bug.cgi?id=19702"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ],
      "url": "http://lists.freedesktop.org/archives/poppler/2009-January/004403.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/33853"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/35685"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://wiki.rpath.com/Advisories:rPSA-2009-0059"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.openwall.com/lists/oss-security/2009/02/13/1"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.openwall.com/lists/oss-security/2009/02/19/2"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/502761/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/33749"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://bugs.freedesktop.org/show_bug.cgi?id=19702"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://lists.freedesktop.org/archives/poppler/2009-January/004403.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/33853"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/35685"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://wiki.rpath.com/Advisories:rPSA-2009-0059"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2009/02/13/1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2009/02/19/2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/502761/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/33749"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vendorComments": [
    {
      "comment": "This issue is a duplicate of CVE-2009-0166, which was addressed in affected products via following updates: https://rhn.redhat.com/errata/CVE-2009-0166.html",
      "lastModified": "2009-07-15T00:00:00",
      "organization": "Red Hat"
    }
  ],
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2009-04-23 17:30
Modified
2025-04-09 00:30
Severity ?
Summary
The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers an out-of-bounds read.
References
secalert@redhat.comhttp://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=495886
secalert@redhat.comhttp://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html
secalert@redhat.comhttp://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html
secalert@redhat.comhttp://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html
secalert@redhat.comhttp://poppler.freedesktop.org/releases.htmlPatch, Vendor Advisory
secalert@redhat.comhttp://rhn.redhat.com/errata/RHSA-2009-0458.html
secalert@redhat.comhttp://secunia.com/advisories/34291Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/34481Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/34746Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/34755Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/34756Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/34852Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/34959Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/34963Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/34991Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/35037Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/35064Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/35065Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/35618Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/35685Vendor Advisory
secalert@redhat.comhttp://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.578477
secalert@redhat.comhttp://www.debian.org/security/2009/dsa-1790Patch
secalert@redhat.comhttp://www.debian.org/security/2009/dsa-1793Patch
secalert@redhat.comhttp://www.kb.cert.org/vuls/id/196617US Government Resource
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDVSA-2009:101
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDVSA-2010:087
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDVSA-2011:175
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2009-0429.htmlPatch
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2009-0430.htmlPatch
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2009-0431.htmlPatch
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2009-0480.htmlPatch
secalert@redhat.comhttp://www.securityfocus.com/bid/34568Patch
secalert@redhat.comhttp://www.securitytracker.com/id?1022072
secalert@redhat.comhttp://www.vupen.com/english/advisories/2009/1065Patch, Vendor Advisory
secalert@redhat.comhttp://www.vupen.com/english/advisories/2009/1066Patch, Vendor Advisory
secalert@redhat.comhttp://www.vupen.com/english/advisories/2009/1076Patch, Vendor Advisory
secalert@redhat.comhttp://www.vupen.com/english/advisories/2009/1077Vendor Advisory
secalert@redhat.comhttp://www.vupen.com/english/advisories/2010/1040Vendor Advisory
secalert@redhat.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10204
secalert@redhat.comhttps://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html
secalert@redhat.comhttps://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html
secalert@redhat.comhttps://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html
af854a3a-2127-422b-91ae-364da2661108http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=495886
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html
af854a3a-2127-422b-91ae-364da2661108http://poppler.freedesktop.org/releases.htmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2009-0458.html
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/34291Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/34481Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/34746Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/34755Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/34756Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/34852Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/34959Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/34963Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/34991Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/35037Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/35064Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/35065Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/35618Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/35685Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.578477
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2009/dsa-1790Patch
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2009/dsa-1793Patch
af854a3a-2127-422b-91ae-364da2661108http://www.kb.cert.org/vuls/id/196617US Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2009:101
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2010:087
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2011:175
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2009-0429.htmlPatch
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2009-0430.htmlPatch
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2009-0431.htmlPatch
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2009-0480.htmlPatch
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/34568Patch
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1022072
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2009/1065Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2009/1066Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2009/1076Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2009/1077Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2010/1040Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10204
af854a3a-2127-422b-91ae-364da2661108https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html
af854a3a-2127-422b-91ae-364da2661108https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html
af854a3a-2127-422b-91ae-364da2661108https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html
Impacted products
Vendor Product Version
foolabs xpdf 0.5a
foolabs xpdf 0.7a
foolabs xpdf 0.91a
foolabs xpdf 0.91b
foolabs xpdf 0.91c
foolabs xpdf 0.92a
foolabs xpdf 0.92b
foolabs xpdf 0.92c
foolabs xpdf 0.92d
foolabs xpdf 0.92e
foolabs xpdf 0.93a
foolabs xpdf 0.93b
foolabs xpdf 0.93c
foolabs xpdf 1.00a
glyphandcog xpdfreader *
glyphandcog xpdfreader 0.2
glyphandcog xpdfreader 0.3
glyphandcog xpdfreader 0.4
glyphandcog xpdfreader 0.5
glyphandcog xpdfreader 0.6
glyphandcog xpdfreader 0.7
glyphandcog xpdfreader 0.80
glyphandcog xpdfreader 0.90
glyphandcog xpdfreader 0.91
glyphandcog xpdfreader 0.92
glyphandcog xpdfreader 0.93
glyphandcog xpdfreader 1.00
glyphandcog xpdfreader 1.01
glyphandcog xpdfreader 2.00
glyphandcog xpdfreader 2.01
glyphandcog xpdfreader 2.02
glyphandcog xpdfreader 2.03
glyphandcog xpdfreader 3.00
glyphandcog xpdfreader 3.01
poppler poppler *
poppler poppler 0.1
poppler poppler 0.1.1
poppler poppler 0.1.2
poppler poppler 0.2.0
poppler poppler 0.3.0
poppler poppler 0.3.1
poppler poppler 0.3.2
poppler poppler 0.3.3
poppler poppler 0.4.0
poppler poppler 0.4.1
poppler poppler 0.4.2
poppler poppler 0.4.3
poppler poppler 0.4.4
poppler poppler 0.5.0
poppler poppler 0.5.1
poppler poppler 0.5.2
poppler poppler 0.5.3
poppler poppler 0.5.4
poppler poppler 0.5.9
poppler poppler 0.5.90
poppler poppler 0.5.91
poppler poppler 0.6.0
poppler poppler 0.6.1
poppler poppler 0.6.2
poppler poppler 0.6.3
poppler poppler 0.6.4
poppler poppler 0.7.0
poppler poppler 0.7.1
poppler poppler 0.7.2
poppler poppler 0.7.3
poppler poppler 0.8.0
poppler poppler 0.8.1
poppler poppler 0.8.2
poppler poppler 0.8.3
poppler poppler 0.8.4
poppler poppler 0.8.5
poppler poppler 0.8.6
poppler poppler 0.8.7
poppler poppler 0.9.0
poppler poppler 0.9.1
poppler poppler 0.9.2
poppler poppler 0.9.3
poppler poppler 0.10.0
poppler poppler 0.10.1
poppler poppler 0.10.2
poppler poppler 0.10.3
poppler poppler 0.10.4
apple cups *
apple cups 1.1
apple cups 1.1.1
apple cups 1.1.2
apple cups 1.1.3
apple cups 1.1.4
apple cups 1.1.5
apple cups 1.1.5-1
apple cups 1.1.5-2
apple cups 1.1.6
apple cups 1.1.6-1
apple cups 1.1.6-2
apple cups 1.1.6-3
apple cups 1.1.7
apple cups 1.1.8
apple cups 1.1.9
apple cups 1.1.9-1
apple cups 1.1.10
apple cups 1.1.10-1
apple cups 1.1.11
apple cups 1.1.12
apple cups 1.1.13
apple cups 1.1.14
apple cups 1.1.15
apple cups 1.1.16
apple cups 1.1.17
apple cups 1.1.18
apple cups 1.1.19
apple cups 1.1.19
apple cups 1.1.19
apple cups 1.1.19
apple cups 1.1.19
apple cups 1.1.19
apple cups 1.1.20
apple cups 1.1.20
apple cups 1.1.20
apple cups 1.1.20
apple cups 1.1.20
apple cups 1.1.20
apple cups 1.1.20
apple cups 1.1.21
apple cups 1.1.21
apple cups 1.1.21
apple cups 1.1.22
apple cups 1.1.22
apple cups 1.1.22
apple cups 1.1.23
apple cups 1.1.23
apple cups 1.2.0
apple cups 1.2.1
apple cups 1.2.2
apple cups 1.2.3
apple cups 1.2.4
apple cups 1.2.5
apple cups 1.2.6
apple cups 1.2.7
apple cups 1.2.8
apple cups 1.2.9
apple cups 1.2.10
apple cups 1.2.11
apple cups 1.2.12
apple cups 1.3.0
apple cups 1.3.1
apple cups 1.3.2
apple cups 1.3.3
apple cups 1.3.4
apple cups 1.3.5
apple cups 1.3.6
apple cups 1.3.7
apple cups 1.3.8
apple cups 1.3.10
apple cups 1.3.11



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.5a:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8ABE533-8FC1-45E6-B574-A4CC7571EF7C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.7a:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B02805E-7BD0-4563-82C8-6FFB982D4913",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.91a:*:*:*:*:*:*:*",
              "matchCriteriaId": "852F526D-F388-4FF0-BDD9-DF7635DB46D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.91b:*:*:*:*:*:*:*",
              "matchCriteriaId": "478D53EA-CC8C-4ECB-8410-0910505AD819",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.91c:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C84FB90-FF1C-4502-B2D2-390438DD422F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.92a:*:*:*:*:*:*:*",
              "matchCriteriaId": "13341DAE-D16D-41A7-BF17-FEC802997B15",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.92b:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E30BAEA-231C-4A82-B014-9EE3D1E81545",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.92c:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE1DE5A5-6448-43F6-A612-56998D16E6B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.92d:*:*:*:*:*:*:*",
              "matchCriteriaId": "35F84699-D4CF-4FD1-A959-53E316559EBE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.92e:*:*:*:*:*:*:*",
              "matchCriteriaId": "D820DFD5-0EF9-4C9A-B281-D553A4F63141",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.93a:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2EFC7E4-E513-42DB-BDA5-8D1E497971DD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.93b:*:*:*:*:*:*:*",
              "matchCriteriaId": "0AA5CDDC-BFDE-4C5E-920F-5DA1B3C51B52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.93c:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4CF839D-D034-4D47-977F-7E27B36EF04F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:1.00a:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3B3E8A4-14FE-42DA-B82E-839B092B5302",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "32628280-E2DB-45E0-AB8A-CFC90419A182",
              "versionEndIncluding": "3.02",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEF5EC54-9145-4B51-8241-C9343160BF80",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D33C2C1D-C1C1-4B1D-BDC8-6480CE8EC24B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1344DF7-9917-4DB0-9256-9E8131C55B0A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "309F0CF2-4AF7-4F46-91EA-39BA07BAF312",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "36FA872B-74B8-48E4-9D5C-5ACA6FCB8026",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "20311EDE-0E34-432A-AE41-F61EA68F134A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.80:*:*:*:*:*:*:*",
              "matchCriteriaId": "16FEF460-3569-4294-ABA4-D7C251D67071",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.90:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB41E8C2-BBCC-48CB-805B-23411D39E936",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.91:*:*:*:*:*:*:*",
              "matchCriteriaId": "16670F8A-E70B-4CDF-8C61-414D86E20C84",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.92:*:*:*:*:*:*:*",
              "matchCriteriaId": "69483A91-53DB-4736-908F-7B14EFB40888",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.93:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B3E7962-0A95-4E7B-A983-683B02350B93",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:1.00:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD1120B3-3372-417B-BCA0-FD515638FBFB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:1.01:*:*:*:*:*:*:*",
              "matchCriteriaId": "F7397645-3225-4980-8465-28F93322B58B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.00:*:*:*:*:*:*:*",
              "matchCriteriaId": "1672587F-ED28-4A8A-A6C1-AD1D6B5DF9F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.01:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5A45EAF-B511-4360-A201-D588E7EEB39D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.02:*:*:*:*:*:*:*",
              "matchCriteriaId": "D14637F7-DC99-4AC4-854C-DBA0B4C6BE54",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.03:*:*:*:*:*:*:*",
              "matchCriteriaId": "9EE03979-D564-4ABD-BEBD-E86E7C1BAF9D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.00:*:*:*:*:*:*:*",
              "matchCriteriaId": "15D08CFD-BEE1-4DEE-926D-F4291F88224D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.01:*:*:*:*:*:*:*",
              "matchCriteriaId": "D244903F-5407-4C35-AE2C-1A05D3C227D4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:poppler:poppler:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0299F4A-A027-430C-9A53-AFEF9022960C",
              "versionEndIncluding": "0.10.5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E23EBF88-10DE-4EA6-9F0E-F33C88541F65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "54F75CFD-3523-4017-992C-4FA6406D49F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB116A19-6436-40BE-B5C6-32C22D888B9A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A4C1429-593B-47B6-AC84-832F2296FAB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "18240BA6-3390-4925-AC25-DA4C42397CF7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3090A142-2240-4A8D-A122-C037931A277C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EFD63240-4599-4212-8AF2-7C4089CA9D28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C7EE965-EE3F-4B17-AF38-FA3AA0B11164",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7BE488E5-B3D9-4723-ABBA-A8753EC2DA2D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1259C59E-517F-40BE-8BA6-01AB76257C9A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "63C92F1C-3005-4EA6-B9C0-2BC2E3D611D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "576152B4-9ACD-4C4E-B423-4A5EF44332D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "322F9E62-6A74-4805-8F6B-9C61739B2D4E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F51C453F-6A87-49FB-83F6-22316F28161F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "75F532F0-6653-4275-A85A-BD9A9A611E96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CC7300E-0CBE-47FD-A241-B4B4F0164EBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "255102DA-A2C0-4795-9539-B4CBD587554A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "349B06F1-772A-4A12-A7B9-EA220ED96D2C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "B779800A-FF4B-47DD-B56F-77D10D6A335C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.90:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0213390-08FA-4E04-835B-8BE0FC61B464",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.91:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B304657-740A-4F8D-99CD-22E283FEE6F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "178680C2-DB1B-4250-9B6E-6ADABA60DE44",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCA9036F-92DA-45C2-9FBC-DE03444D34F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6855B98-DAA2-4850-A765-2F4D6D93A424",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "4743EC55-B61D-4C1A-9ED7-060268F2DB27",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CD4454E-3D2B-4582-B5E5-0317A6417654",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "96402B67-A7A8-44E3-914E-A10A69FAD735",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "66C608C8-F382-4D6B-A638-98763C1CBB66",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "21F0F4E0-91B7-4B1F-BFA9-829101A7F90A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.7.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "22287102-80B1-4E1F-85E4-488B020A51E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF3030D6-DE07-418B-AB40-87C85FCA3C58",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3583D56-F653-457A-B1F8-25842A15CB82",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6EEA5DBB-5A80-439E-A135-77CB40772916",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4A5C43B-3978-4D0A-8166-A99622106781",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A940AF2-A7CA-408F-86E2-797C7BA8A6BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B2CD8A0-2DBA-4AC9-A97D-D4DAEB6C7A74",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA56CB7C-E7B3-4F0B-8BEB-F133FAF0D6FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "6323ED7A-6FE8-4885-B743-3E2F82ECA08B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "90D3345C-2D35-413C-B6F9-C308BC7C2AA6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "26216EEC-26B7-41C8-ADFB-64D2EA8DAA8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9D3618D-A183-4B09-9CA2-8D622C3486DD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.9.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A88294D9-563E-4AB3-9FE6-971F43B052B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A39F672-B238-4B21-A48E-5121771949F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "58A5D199-E952-44B5-B5E5-170040FA813E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "349B4B75-32E2-49FB-9606-8B057AFA2E3E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "55A8D058-224E-467E-AB61-06F90B541F24",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "77C47EDD-2212-4259-8229-FF05E1A7B5AD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:apple:cups:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4E90153-8D18-4A50-9581-895C851F6489",
              "versionEndIncluding": "1.3.9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4D89E03-94D0-4F7F-9A54-3021E3E5A321",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "298D6BE7-7683-4225-8DD6-4C0FC5EB48BC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "230B77E7-B1AE-4470-859D-7B5F99749D74",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8FECBBD-B1A2-4F42-8A68-32AB8331BDC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B6070FC-4566-4314-940E-0AAE34B56E28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC691F07-8B38-4867-AB18-51F380CAEA46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.5-1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E943EFBF-39A7-408F-8AC5-677E83DFDBB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.5-2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EA7725A-4398-4C76-BEBF-10E56C7F34F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7415295-0FBF-4946-8D99-8CB2EC391319",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.6-1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C702EE3-4B7C-42EA-92AA-8717807CF67C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.6-2:*:*:*:*:*:*:*",
              "matchCriteriaId": "73F74581-D71C-4FEC-BA8C-85EF4C1991BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.6-3:*:*:*:*:*:*:*",
              "matchCriteriaId": "7ABCFB52-33D3-428C-B1D5-DCE504170A37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "45F03F2B-6AC3-4872-9032-293C2E9B837C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E02B6FB-C36D-45F3-95F3-566CA03B29A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "96093309-A87D-48D0-84DA-446255ABF231",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.9-1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF67F149-614B-4507-A15F-E557A1B73423",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4A14432-D8A1-4D19-9408-B9B4F2FC6B0A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.10-1:*:*:*:*:*:*:*",
              "matchCriteriaId": "49862F77-B8DE-4AA7-AE17-B348B05AC00E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "78D7719F-03E0-4E66-A50A-F8E857A9B6AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3139FDA-9476-4414-B349-7119E63FD268",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "523FE78C-441F-4ACD-B9F2-3E5293E277AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "F887B5B1-7528-4086-AE6C-134F54A93342",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D6D24ED-0D73-4CF2-B746-6EF29F2EF56F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "E8C5C552-6276-4791-80CD-6B3EB425EF04",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "8335D4E3-563D-4288-B708-A9635BCA595F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "5279D055-248A-4BD1-9FBB-0024BA16DF5B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF791C1D-9AF8-4F0F-8F4B-844BC9A55DFD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.19:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "16519855-FCB9-44A8-9C7E-116192327BAB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.19:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "B1D9330B-C51A-4C7D-A322-85103C64D86C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.19:rc3:*:*:*:*:*:*",
              "matchCriteriaId": "2DA0C19F-95EB-429C-AF06-A2C1D5643662",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.19:rc4:*:*:*:*:*:*",
              "matchCriteriaId": "225CCE80-FF4B-4B39-B8BD-EB4710047524",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.19:rc5:*:*:*:*:*:*",
              "matchCriteriaId": "07925DD8-50C0-4908-95D1-7342A4617BBC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "48A519DB-6C6D-4094-814D-33BD5EF389BC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.20:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "B6ED7566-5092-4B08-97A9-B2B53117A224",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.20:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "98DCAC0C-896F-4353-A665-5BCD0D8AEBA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.20:rc3:*:*:*:*:*:*",
              "matchCriteriaId": "E72614CD-8F70-4E07-AD83-8FDE8026CEC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.20:rc4:*:*:*:*:*:*",
              "matchCriteriaId": "48E62419-C165-4B42-8C23-E24821BD4BB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.20:rc5:*:*:*:*:*:*",
              "matchCriteriaId": "217D804B-CA56-49CE-B9EB-2A297EB1763C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.20:rc6:*:*:*:*:*:*",
              "matchCriteriaId": "A41E8583-C837-4871-B4D2-FD41C78D538E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "D480C37B-0DA8-4096-80B0-5198FE589A4B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.21:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "74F5A83B-3C1A-49F3-A9D6-F7B9B897E447",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.21:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "241D4183-879D-4974-BACB-A6987EDA2E7D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "96592A93-4967-4B91-BCF7-558DC472E7BC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.22:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "8758715D-B973-4960-8B7D-6F9A11E73288",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.22:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "0370E9EB-B830-4362-B83C-912579695691",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA3EC6EE-720D-4F27-A2E1-88AE53FC41A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.23:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "D644926A-C2A5-45FE-85A3-2782CE87ED86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0696E675-0A13-45FC-8917-845E6FF7A311",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "78BAC98C-1FE6-42A3-8B62-E3C321914F6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "BCC3EF2F-0140-4185-9FB3-2B595B61CDC1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C36785A-F735-45C0-986B-9624AD65F0C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C1D3916-607F-44E8-9D47-93C6C0789083",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "174613C3-A04B-4701-849B-BAA598BF4F72",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "81C1137C-BE3D-45F9-83C9-D212107F0E14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CBC1F81-E93A-42A7-8BC8-4B903688F2E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FA876FF-C58A-45CF-A8E8-E2068DF79421",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.2.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "5FD78771-BD9A-4AC2-B664-B189DD288FB2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.2.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "50A16424-732F-4B76-A753-1642A97BC1EA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.2.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "E189C976-2DD2-485C-828E-7FC3DC6A8F32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.2.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "A86CA90F-A944-4F3E-B75F-8147125335D2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FAFABDC-E40F-4C53-AC66-94EFD077665D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "42A2F7B3-F4A7-416E-A07F-D4C5F0768B6F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F96C1B80-9E20-4832-8308-BF7911569EF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F2D7DB3-F467-4BC0-83BB-4706D067A2C5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABD33C2C-7D39-4CCE-AC99-BC7B1B205A4F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "46C394DC-65A7-4713-B823-6F5D329A0C5C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5E9F74F-3C7D-486A-8BA1-EE2A73160B39",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "69BD64BB-BDA7-4F82-8324-B7C7C941133C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCAEE03E-0B8A-4D10-BD4D-2DA25B7BBE16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.3.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8814509-8B08-46C6-AE50-19B7D30DCF40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "0718FB6B-D787-409A-B535-0318F2C63A81",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers an out-of-bounds read."
    },
    {
      "lang": "es",
      "value": "El decodificador JBIG2 en Xpdf versi\u00f3n 3.02 PL2 y anteriores, CUPS versi\u00f3n 1.3.9 y anteriores, Poppler versi\u00f3n anterior a 0.10.6, y otros productos permite a los atacantes remotos causar una denegaci\u00f3n de servicio (bloqueo) por medio de un archivo PDF creado que desencadena una vulnerabilidad de lectura fuera de l\u00edmites."
    }
  ],
  "id": "CVE-2009-0799",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2009-04-23T17:30:01.703",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=495886"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://poppler.freedesktop.org/releases.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34291"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34481"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34746"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34755"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34756"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34852"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34959"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34963"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34991"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35037"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35064"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35065"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35618"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35685"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://www.debian.org/security/2009/dsa-1790"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://www.debian.org/security/2009/dsa-1793"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/196617"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/34568"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securitytracker.com/id?1022072"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/1065"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/1066"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/1076"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/1077"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2010/1040"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10204"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=495886"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://poppler.freedesktop.org/releases.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34291"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34481"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34746"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34755"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34756"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34852"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34959"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34963"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34991"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35037"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35064"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35065"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35618"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35685"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.debian.org/security/2009/dsa-1790"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.debian.org/security/2009/dsa-1793"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/196617"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/34568"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1022072"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/1065"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/1066"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/1076"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/1077"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2010/1040"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10204"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2009-04-23 17:30
Modified
2025-04-09 00:30
Severity ?
Summary
Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to execute arbitrary code via a crafted PDF file.
References
secalert@redhat.comhttp://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html
secalert@redhat.comhttp://lists.apple.com/archives/security-announce/2009/jun/msg00002.html
secalert@redhat.comhttp://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html
secalert@redhat.comhttp://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html
secalert@redhat.comhttp://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html
secalert@redhat.comhttp://poppler.freedesktop.org/releases.html
secalert@redhat.comhttp://rhn.redhat.com/errata/RHSA-2009-0458.html
secalert@redhat.comhttp://secunia.com/advisories/34291Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/34481Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/34746Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/34755Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/34756Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/34852Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/34959Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/34963Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/34991Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/35037Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/35064Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/35065Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/35379Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/35618Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/35685Vendor Advisory
secalert@redhat.comhttp://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.578477
secalert@redhat.comhttp://support.apple.com/kb/HT3613
secalert@redhat.comhttp://support.apple.com/kb/HT3639
secalert@redhat.comhttp://www.debian.org/security/2009/dsa-1790
secalert@redhat.comhttp://www.debian.org/security/2009/dsa-1793
secalert@redhat.comhttp://www.kb.cert.org/vuls/id/196617US Government Resource
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDVSA-2009:101
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDVSA-2010:087
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDVSA-2011:175
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2009-0429.html
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2009-0430.htmlPatch
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2009-0431.html
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2009-0480.html
secalert@redhat.comhttp://www.securityfocus.com/bid/34568
secalert@redhat.comhttp://www.securitytracker.com/id?1022073
secalert@redhat.comhttp://www.vupen.com/english/advisories/2009/1065Vendor Advisory
secalert@redhat.comhttp://www.vupen.com/english/advisories/2009/1066Vendor Advisory
secalert@redhat.comhttp://www.vupen.com/english/advisories/2009/1076Vendor Advisory
secalert@redhat.comhttp://www.vupen.com/english/advisories/2009/1077Vendor Advisory
secalert@redhat.comhttp://www.vupen.com/english/advisories/2009/1522Vendor Advisory
secalert@redhat.comhttp://www.vupen.com/english/advisories/2009/1621Vendor Advisory
secalert@redhat.comhttp://www.vupen.com/english/advisories/2010/1040Vendor Advisory
secalert@redhat.comhttps://bugzilla.redhat.com/show_bug.cgi?id=495889
secalert@redhat.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11892
secalert@redhat.comhttps://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html
secalert@redhat.comhttps://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html
secalert@redhat.comhttps://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html
af854a3a-2127-422b-91ae-364da2661108http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html
af854a3a-2127-422b-91ae-364da2661108http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html
af854a3a-2127-422b-91ae-364da2661108http://poppler.freedesktop.org/releases.html
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2009-0458.html
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/34291Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/34481Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/34746Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/34755Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/34756Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/34852Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/34959Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/34963Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/34991Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/35037Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/35064Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/35065Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/35379Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/35618Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/35685Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.578477
af854a3a-2127-422b-91ae-364da2661108http://support.apple.com/kb/HT3613
af854a3a-2127-422b-91ae-364da2661108http://support.apple.com/kb/HT3639
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2009/dsa-1790
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2009/dsa-1793
af854a3a-2127-422b-91ae-364da2661108http://www.kb.cert.org/vuls/id/196617US Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2009:101
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2010:087
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2011:175
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2009-0429.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2009-0430.htmlPatch
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2009-0431.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2009-0480.html
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/34568
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1022073
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2009/1065Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2009/1066Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2009/1076Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2009/1077Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2009/1522Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2009/1621Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2010/1040Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.redhat.com/show_bug.cgi?id=495889
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11892
af854a3a-2127-422b-91ae-364da2661108https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html
af854a3a-2127-422b-91ae-364da2661108https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html
af854a3a-2127-422b-91ae-364da2661108https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html
Impacted products
Vendor Product Version
foolabs xpdf 0.5a
foolabs xpdf 0.7a
foolabs xpdf 0.91a
foolabs xpdf 0.91b
foolabs xpdf 0.91c
foolabs xpdf 0.92a
foolabs xpdf 0.92b
foolabs xpdf 0.92c
foolabs xpdf 0.92d
foolabs xpdf 0.92e
foolabs xpdf 0.93a
foolabs xpdf 0.93b
foolabs xpdf 0.93c
foolabs xpdf 1.00a
glyphandcog xpdfreader *
glyphandcog xpdfreader 0.2
glyphandcog xpdfreader 0.3
glyphandcog xpdfreader 0.4
glyphandcog xpdfreader 0.5
glyphandcog xpdfreader 0.6
glyphandcog xpdfreader 0.7
glyphandcog xpdfreader 0.80
glyphandcog xpdfreader 0.90
glyphandcog xpdfreader 0.91
glyphandcog xpdfreader 0.92
glyphandcog xpdfreader 0.93
glyphandcog xpdfreader 1.00
glyphandcog xpdfreader 1.01
glyphandcog xpdfreader 2.00
glyphandcog xpdfreader 2.01
glyphandcog xpdfreader 2.02
glyphandcog xpdfreader 2.03
glyphandcog xpdfreader 3.00
glyphandcog xpdfreader 3.01
poppler poppler *
poppler poppler 0.1
poppler poppler 0.1.1
poppler poppler 0.1.2
poppler poppler 0.2.0
poppler poppler 0.3.0
poppler poppler 0.3.1
poppler poppler 0.3.2
poppler poppler 0.3.3
poppler poppler 0.4.0
poppler poppler 0.4.1
poppler poppler 0.4.2
poppler poppler 0.4.3
poppler poppler 0.4.4
poppler poppler 0.5.0
poppler poppler 0.5.1
poppler poppler 0.5.2
poppler poppler 0.5.3
poppler poppler 0.5.4
poppler poppler 0.5.9
poppler poppler 0.5.90
poppler poppler 0.5.91
poppler poppler 0.6.0
poppler poppler 0.6.1
poppler poppler 0.6.2
poppler poppler 0.6.3
poppler poppler 0.6.4
poppler poppler 0.7.0
poppler poppler 0.7.1
poppler poppler 0.7.2
poppler poppler 0.7.3
poppler poppler 0.8.0
poppler poppler 0.8.1
poppler poppler 0.8.2
poppler poppler 0.8.3
poppler poppler 0.8.4
poppler poppler 0.8.5
poppler poppler 0.8.6
poppler poppler 0.8.7
poppler poppler 0.9.0
poppler poppler 0.9.1
poppler poppler 0.9.2
poppler poppler 0.9.3
poppler poppler 0.10.0
poppler poppler 0.10.1
poppler poppler 0.10.2
poppler poppler 0.10.3
poppler poppler 0.10.4
apple cups *
apple cups 1.1
apple cups 1.1.1
apple cups 1.1.2
apple cups 1.1.3
apple cups 1.1.4
apple cups 1.1.5
apple cups 1.1.5-1
apple cups 1.1.5-2
apple cups 1.1.6
apple cups 1.1.6-1
apple cups 1.1.6-2
apple cups 1.1.6-3
apple cups 1.1.7
apple cups 1.1.8
apple cups 1.1.9
apple cups 1.1.9-1
apple cups 1.1.10
apple cups 1.1.10-1
apple cups 1.1.11
apple cups 1.1.12
apple cups 1.1.13
apple cups 1.1.14
apple cups 1.1.15
apple cups 1.1.16
apple cups 1.1.17
apple cups 1.1.18
apple cups 1.1.19
apple cups 1.1.19
apple cups 1.1.19
apple cups 1.1.19
apple cups 1.1.19
apple cups 1.1.19
apple cups 1.1.20
apple cups 1.1.20
apple cups 1.1.20
apple cups 1.1.20
apple cups 1.1.20
apple cups 1.1.20
apple cups 1.1.20
apple cups 1.1.21
apple cups 1.1.21
apple cups 1.1.21
apple cups 1.1.22
apple cups 1.1.22
apple cups 1.1.22
apple cups 1.1.23
apple cups 1.1.23
apple cups 1.2.0
apple cups 1.2.1
apple cups 1.2.2
apple cups 1.2.3
apple cups 1.2.4
apple cups 1.2.5
apple cups 1.2.6
apple cups 1.2.7
apple cups 1.2.8
apple cups 1.2.9
apple cups 1.2.10
apple cups 1.2.11
apple cups 1.2.12
apple cups 1.3.0
apple cups 1.3.1
apple cups 1.3.2
apple cups 1.3.3
apple cups 1.3.4
apple cups 1.3.5
apple cups 1.3.6
apple cups 1.3.7
apple cups 1.3.8
apple cups 1.3.10
apple cups 1.3.11



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.5a:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8ABE533-8FC1-45E6-B574-A4CC7571EF7C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.7a:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B02805E-7BD0-4563-82C8-6FFB982D4913",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.91a:*:*:*:*:*:*:*",
              "matchCriteriaId": "852F526D-F388-4FF0-BDD9-DF7635DB46D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.91b:*:*:*:*:*:*:*",
              "matchCriteriaId": "478D53EA-CC8C-4ECB-8410-0910505AD819",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.91c:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C84FB90-FF1C-4502-B2D2-390438DD422F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.92a:*:*:*:*:*:*:*",
              "matchCriteriaId": "13341DAE-D16D-41A7-BF17-FEC802997B15",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.92b:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E30BAEA-231C-4A82-B014-9EE3D1E81545",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.92c:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE1DE5A5-6448-43F6-A612-56998D16E6B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.92d:*:*:*:*:*:*:*",
              "matchCriteriaId": "35F84699-D4CF-4FD1-A959-53E316559EBE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.92e:*:*:*:*:*:*:*",
              "matchCriteriaId": "D820DFD5-0EF9-4C9A-B281-D553A4F63141",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.93a:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2EFC7E4-E513-42DB-BDA5-8D1E497971DD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.93b:*:*:*:*:*:*:*",
              "matchCriteriaId": "0AA5CDDC-BFDE-4C5E-920F-5DA1B3C51B52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.93c:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4CF839D-D034-4D47-977F-7E27B36EF04F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:1.00a:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3B3E8A4-14FE-42DA-B82E-839B092B5302",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "32628280-E2DB-45E0-AB8A-CFC90419A182",
              "versionEndIncluding": "3.02",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEF5EC54-9145-4B51-8241-C9343160BF80",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D33C2C1D-C1C1-4B1D-BDC8-6480CE8EC24B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1344DF7-9917-4DB0-9256-9E8131C55B0A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "309F0CF2-4AF7-4F46-91EA-39BA07BAF312",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "36FA872B-74B8-48E4-9D5C-5ACA6FCB8026",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "20311EDE-0E34-432A-AE41-F61EA68F134A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.80:*:*:*:*:*:*:*",
              "matchCriteriaId": "16FEF460-3569-4294-ABA4-D7C251D67071",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.90:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB41E8C2-BBCC-48CB-805B-23411D39E936",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.91:*:*:*:*:*:*:*",
              "matchCriteriaId": "16670F8A-E70B-4CDF-8C61-414D86E20C84",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.92:*:*:*:*:*:*:*",
              "matchCriteriaId": "69483A91-53DB-4736-908F-7B14EFB40888",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.93:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B3E7962-0A95-4E7B-A983-683B02350B93",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:1.00:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD1120B3-3372-417B-BCA0-FD515638FBFB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:1.01:*:*:*:*:*:*:*",
              "matchCriteriaId": "F7397645-3225-4980-8465-28F93322B58B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.00:*:*:*:*:*:*:*",
              "matchCriteriaId": "1672587F-ED28-4A8A-A6C1-AD1D6B5DF9F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.01:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5A45EAF-B511-4360-A201-D588E7EEB39D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.02:*:*:*:*:*:*:*",
              "matchCriteriaId": "D14637F7-DC99-4AC4-854C-DBA0B4C6BE54",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.03:*:*:*:*:*:*:*",
              "matchCriteriaId": "9EE03979-D564-4ABD-BEBD-E86E7C1BAF9D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.00:*:*:*:*:*:*:*",
              "matchCriteriaId": "15D08CFD-BEE1-4DEE-926D-F4291F88224D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.01:*:*:*:*:*:*:*",
              "matchCriteriaId": "D244903F-5407-4C35-AE2C-1A05D3C227D4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:poppler:poppler:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0299F4A-A027-430C-9A53-AFEF9022960C",
              "versionEndIncluding": "0.10.5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E23EBF88-10DE-4EA6-9F0E-F33C88541F65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "54F75CFD-3523-4017-992C-4FA6406D49F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB116A19-6436-40BE-B5C6-32C22D888B9A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A4C1429-593B-47B6-AC84-832F2296FAB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "18240BA6-3390-4925-AC25-DA4C42397CF7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3090A142-2240-4A8D-A122-C037931A277C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EFD63240-4599-4212-8AF2-7C4089CA9D28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C7EE965-EE3F-4B17-AF38-FA3AA0B11164",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7BE488E5-B3D9-4723-ABBA-A8753EC2DA2D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1259C59E-517F-40BE-8BA6-01AB76257C9A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "63C92F1C-3005-4EA6-B9C0-2BC2E3D611D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "576152B4-9ACD-4C4E-B423-4A5EF44332D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "322F9E62-6A74-4805-8F6B-9C61739B2D4E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F51C453F-6A87-49FB-83F6-22316F28161F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "75F532F0-6653-4275-A85A-BD9A9A611E96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CC7300E-0CBE-47FD-A241-B4B4F0164EBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "255102DA-A2C0-4795-9539-B4CBD587554A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "349B06F1-772A-4A12-A7B9-EA220ED96D2C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "B779800A-FF4B-47DD-B56F-77D10D6A335C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.90:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0213390-08FA-4E04-835B-8BE0FC61B464",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.91:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B304657-740A-4F8D-99CD-22E283FEE6F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "178680C2-DB1B-4250-9B6E-6ADABA60DE44",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCA9036F-92DA-45C2-9FBC-DE03444D34F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6855B98-DAA2-4850-A765-2F4D6D93A424",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "4743EC55-B61D-4C1A-9ED7-060268F2DB27",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CD4454E-3D2B-4582-B5E5-0317A6417654",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "96402B67-A7A8-44E3-914E-A10A69FAD735",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "66C608C8-F382-4D6B-A638-98763C1CBB66",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "21F0F4E0-91B7-4B1F-BFA9-829101A7F90A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.7.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "22287102-80B1-4E1F-85E4-488B020A51E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF3030D6-DE07-418B-AB40-87C85FCA3C58",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3583D56-F653-457A-B1F8-25842A15CB82",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6EEA5DBB-5A80-439E-A135-77CB40772916",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4A5C43B-3978-4D0A-8166-A99622106781",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A940AF2-A7CA-408F-86E2-797C7BA8A6BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B2CD8A0-2DBA-4AC9-A97D-D4DAEB6C7A74",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA56CB7C-E7B3-4F0B-8BEB-F133FAF0D6FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "6323ED7A-6FE8-4885-B743-3E2F82ECA08B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "90D3345C-2D35-413C-B6F9-C308BC7C2AA6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "26216EEC-26B7-41C8-ADFB-64D2EA8DAA8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9D3618D-A183-4B09-9CA2-8D622C3486DD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.9.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A88294D9-563E-4AB3-9FE6-971F43B052B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A39F672-B238-4B21-A48E-5121771949F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "58A5D199-E952-44B5-B5E5-170040FA813E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "349B4B75-32E2-49FB-9606-8B057AFA2E3E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "55A8D058-224E-467E-AB61-06F90B541F24",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "77C47EDD-2212-4259-8229-FF05E1A7B5AD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:apple:cups:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4E90153-8D18-4A50-9581-895C851F6489",
              "versionEndIncluding": "1.3.9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4D89E03-94D0-4F7F-9A54-3021E3E5A321",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "298D6BE7-7683-4225-8DD6-4C0FC5EB48BC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "230B77E7-B1AE-4470-859D-7B5F99749D74",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8FECBBD-B1A2-4F42-8A68-32AB8331BDC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B6070FC-4566-4314-940E-0AAE34B56E28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC691F07-8B38-4867-AB18-51F380CAEA46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.5-1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E943EFBF-39A7-408F-8AC5-677E83DFDBB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.5-2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EA7725A-4398-4C76-BEBF-10E56C7F34F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7415295-0FBF-4946-8D99-8CB2EC391319",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.6-1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C702EE3-4B7C-42EA-92AA-8717807CF67C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.6-2:*:*:*:*:*:*:*",
              "matchCriteriaId": "73F74581-D71C-4FEC-BA8C-85EF4C1991BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.6-3:*:*:*:*:*:*:*",
              "matchCriteriaId": "7ABCFB52-33D3-428C-B1D5-DCE504170A37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "45F03F2B-6AC3-4872-9032-293C2E9B837C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E02B6FB-C36D-45F3-95F3-566CA03B29A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "96093309-A87D-48D0-84DA-446255ABF231",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.9-1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF67F149-614B-4507-A15F-E557A1B73423",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4A14432-D8A1-4D19-9408-B9B4F2FC6B0A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.10-1:*:*:*:*:*:*:*",
              "matchCriteriaId": "49862F77-B8DE-4AA7-AE17-B348B05AC00E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "78D7719F-03E0-4E66-A50A-F8E857A9B6AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3139FDA-9476-4414-B349-7119E63FD268",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "523FE78C-441F-4ACD-B9F2-3E5293E277AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "F887B5B1-7528-4086-AE6C-134F54A93342",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D6D24ED-0D73-4CF2-B746-6EF29F2EF56F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "E8C5C552-6276-4791-80CD-6B3EB425EF04",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "8335D4E3-563D-4288-B708-A9635BCA595F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "5279D055-248A-4BD1-9FBB-0024BA16DF5B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF791C1D-9AF8-4F0F-8F4B-844BC9A55DFD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.19:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "16519855-FCB9-44A8-9C7E-116192327BAB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.19:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "B1D9330B-C51A-4C7D-A322-85103C64D86C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.19:rc3:*:*:*:*:*:*",
              "matchCriteriaId": "2DA0C19F-95EB-429C-AF06-A2C1D5643662",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.19:rc4:*:*:*:*:*:*",
              "matchCriteriaId": "225CCE80-FF4B-4B39-B8BD-EB4710047524",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.19:rc5:*:*:*:*:*:*",
              "matchCriteriaId": "07925DD8-50C0-4908-95D1-7342A4617BBC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "48A519DB-6C6D-4094-814D-33BD5EF389BC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.20:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "B6ED7566-5092-4B08-97A9-B2B53117A224",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.20:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "98DCAC0C-896F-4353-A665-5BCD0D8AEBA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.20:rc3:*:*:*:*:*:*",
              "matchCriteriaId": "E72614CD-8F70-4E07-AD83-8FDE8026CEC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.20:rc4:*:*:*:*:*:*",
              "matchCriteriaId": "48E62419-C165-4B42-8C23-E24821BD4BB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.20:rc5:*:*:*:*:*:*",
              "matchCriteriaId": "217D804B-CA56-49CE-B9EB-2A297EB1763C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.20:rc6:*:*:*:*:*:*",
              "matchCriteriaId": "A41E8583-C837-4871-B4D2-FD41C78D538E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "D480C37B-0DA8-4096-80B0-5198FE589A4B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.21:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "74F5A83B-3C1A-49F3-A9D6-F7B9B897E447",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.21:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "241D4183-879D-4974-BACB-A6987EDA2E7D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "96592A93-4967-4B91-BCF7-558DC472E7BC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.22:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "8758715D-B973-4960-8B7D-6F9A11E73288",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.22:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "0370E9EB-B830-4362-B83C-912579695691",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA3EC6EE-720D-4F27-A2E1-88AE53FC41A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.23:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "D644926A-C2A5-45FE-85A3-2782CE87ED86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0696E675-0A13-45FC-8917-845E6FF7A311",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "78BAC98C-1FE6-42A3-8B62-E3C321914F6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "BCC3EF2F-0140-4185-9FB3-2B595B61CDC1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C36785A-F735-45C0-986B-9624AD65F0C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C1D3916-607F-44E8-9D47-93C6C0789083",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "174613C3-A04B-4701-849B-BAA598BF4F72",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "81C1137C-BE3D-45F9-83C9-D212107F0E14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CBC1F81-E93A-42A7-8BC8-4B903688F2E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FA876FF-C58A-45CF-A8E8-E2068DF79421",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.2.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "5FD78771-BD9A-4AC2-B664-B189DD288FB2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.2.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "50A16424-732F-4B76-A753-1642A97BC1EA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.2.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "E189C976-2DD2-485C-828E-7FC3DC6A8F32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.2.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "A86CA90F-A944-4F3E-B75F-8147125335D2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FAFABDC-E40F-4C53-AC66-94EFD077665D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "42A2F7B3-F4A7-416E-A07F-D4C5F0768B6F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F96C1B80-9E20-4832-8308-BF7911569EF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F2D7DB3-F467-4BC0-83BB-4706D067A2C5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABD33C2C-7D39-4CCE-AC99-BC7B1B205A4F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "46C394DC-65A7-4713-B823-6F5D329A0C5C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5E9F74F-3C7D-486A-8BA1-EE2A73160B39",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "69BD64BB-BDA7-4F82-8324-B7C7C941133C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCAEE03E-0B8A-4D10-BD4D-2DA25B7BBE16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.3.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8814509-8B08-46C6-AE50-19B7D30DCF40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "0718FB6B-D787-409A-B535-0318F2C63A81",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to execute arbitrary code via a crafted PDF file."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de enteros en el decodificador JBIG2 en Xpdf versi\u00f3n 3.02 PL2 y anteriores, CUPS versi\u00f3n 1.3.9 y anteriores, Poppler versi\u00f3n anterior a 0.10.6, y otros productos permite a los atacantes remotos ejecutar c\u00f3digo arbitrario por medio de un archivo PDF creado."
    }
  ],
  "id": "CVE-2009-1179",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.8,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2009-04-23T17:30:01.750",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://poppler.freedesktop.org/releases.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34291"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34481"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34746"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34755"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34756"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34852"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34959"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34963"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34991"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35037"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35064"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35065"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35379"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35618"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35685"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://support.apple.com/kb/HT3613"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://support.apple.com/kb/HT3639"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2009/dsa-1790"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2009/dsa-1793"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/196617"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/bid/34568"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securitytracker.com/id?1022073"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/1065"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/1066"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/1076"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/1077"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/1522"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/1621"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2010/1040"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=495889"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11892"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://poppler.freedesktop.org/releases.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34291"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34481"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34746"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34755"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34756"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34852"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34959"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34963"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34991"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35037"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35064"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35065"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35379"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35618"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35685"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.apple.com/kb/HT3613"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.apple.com/kb/HT3639"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2009/dsa-1790"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2009/dsa-1793"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/196617"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/34568"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1022073"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/1065"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/1066"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/1076"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/1077"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/1522"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/1621"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2010/1040"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=495889"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11892"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-189"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2009-04-23 19:30
Modified
2025-04-09 00:30
Severity ?
Summary
Integer overflow in the JBIG2 decoding feature in the SplashBitmap::SplashBitmap function in SplashBitmap.cc in Xpdf 3.x before 3.02pl4 and Poppler before 0.10.6, as used in GPdf and kdegraphics KPDF, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document.
References
secalert@redhat.comhttp://bugs.gentoo.org/show_bug.cgi?id=263028#c16Patch
secalert@redhat.comhttp://lists.fedoraproject.org/pipermail/package-announce/2010-February/035340.html
secalert@redhat.comhttp://lists.fedoraproject.org/pipermail/package-announce/2010-February/035399.html
secalert@redhat.comhttp://lists.fedoraproject.org/pipermail/package-announce/2010-February/035408.html
secalert@redhat.comhttp://poppler.freedesktop.org/releases.html
secalert@redhat.comhttp://secunia.com/advisories/34746
secalert@redhat.comhttp://secunia.com/advisories/35064
secalert@redhat.comhttp://secunia.com/advisories/35618
secalert@redhat.comhttp://secunia.com/advisories/37028
secalert@redhat.comhttp://secunia.com/advisories/37037
secalert@redhat.comhttp://secunia.com/advisories/37043
secalert@redhat.comhttp://secunia.com/advisories/37053
secalert@redhat.comhttp://secunia.com/advisories/37077
secalert@redhat.comhttp://secunia.com/advisories/37079
secalert@redhat.comhttp://secunia.com/advisories/39327
secalert@redhat.comhttp://secunia.com/advisories/39938
secalert@redhat.comhttp://wiki.rpath.com/Advisories:rPSA-2009-0059
secalert@redhat.comhttp://www.debian.org/security/2010/dsa-2028
secalert@redhat.comhttp://www.debian.org/security/2010/dsa-2050
secalert@redhat.comhttp://www.kb.cert.org/vuls/id/196617US Government Resource
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDVSA-2010:087
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDVSA-2011:175
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2009-0480.html
secalert@redhat.comhttp://www.securityfocus.com/archive/1/502761/100/0/threaded
secalert@redhat.comhttp://www.securityfocus.com/bid/34568
secalert@redhat.comhttp://www.vupen.com/english/advisories/2009/1076
secalert@redhat.comhttp://www.vupen.com/english/advisories/2009/2928
secalert@redhat.comhttp://www.vupen.com/english/advisories/2010/0802
secalert@redhat.comhttp://www.vupen.com/english/advisories/2010/1040
secalert@redhat.comhttp://www.vupen.com/english/advisories/2010/1220
secalert@redhat.comhttps://bugs.launchpad.net/ubuntu/+source/poppler/+bug/361875
secalert@redhat.comhttps://bugzilla.redhat.com/show_bug.cgi?id=495907
secalert@redhat.comhttps://bugzilla.redhat.com/show_bug.cgi?id=526915
secalert@redhat.comhttps://exchange.xforce.ibmcloud.com/vulnerabilities/50185
secalert@redhat.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9957
secalert@redhat.comhttps://rhn.redhat.com/errata/RHSA-2009-1501.html
secalert@redhat.comhttps://rhn.redhat.com/errata/RHSA-2009-1502.html
secalert@redhat.comhttps://rhn.redhat.com/errata/RHSA-2009-1503.html
secalert@redhat.comhttps://rhn.redhat.com/errata/RHSA-2009-1512.html
secalert@redhat.comhttps://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html
secalert@redhat.comhttps://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html
secalert@redhat.comhttps://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html
af854a3a-2127-422b-91ae-364da2661108http://bugs.gentoo.org/show_bug.cgi?id=263028#c16Patch
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035340.html
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035399.html
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035408.html
af854a3a-2127-422b-91ae-364da2661108http://poppler.freedesktop.org/releases.html
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/34746
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/35064
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/35618
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/37028
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/37037
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/37043
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/37053
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/37077
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/37079
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/39327
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/39938
af854a3a-2127-422b-91ae-364da2661108http://wiki.rpath.com/Advisories:rPSA-2009-0059
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2010/dsa-2028
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2010/dsa-2050
af854a3a-2127-422b-91ae-364da2661108http://www.kb.cert.org/vuls/id/196617US Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2010:087
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2011:175
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2009-0480.html
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/502761/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/34568
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2009/1076
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2009/2928
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2010/0802
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2010/1040
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2010/1220
af854a3a-2127-422b-91ae-364da2661108https://bugs.launchpad.net/ubuntu/+source/poppler/+bug/361875
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.redhat.com/show_bug.cgi?id=495907
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.redhat.com/show_bug.cgi?id=526915
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/50185
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9957
af854a3a-2127-422b-91ae-364da2661108https://rhn.redhat.com/errata/RHSA-2009-1501.html
af854a3a-2127-422b-91ae-364da2661108https://rhn.redhat.com/errata/RHSA-2009-1502.html
af854a3a-2127-422b-91ae-364da2661108https://rhn.redhat.com/errata/RHSA-2009-1503.html
af854a3a-2127-422b-91ae-364da2661108https://rhn.redhat.com/errata/RHSA-2009-1512.html
af854a3a-2127-422b-91ae-364da2661108https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html
af854a3a-2127-422b-91ae-364da2661108https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html
af854a3a-2127-422b-91ae-364da2661108https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:poppler:poppler:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0299F4A-A027-430C-9A53-AFEF9022960C",
              "versionEndIncluding": "0.10.5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E23EBF88-10DE-4EA6-9F0E-F33C88541F65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "54F75CFD-3523-4017-992C-4FA6406D49F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB116A19-6436-40BE-B5C6-32C22D888B9A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A4C1429-593B-47B6-AC84-832F2296FAB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "18240BA6-3390-4925-AC25-DA4C42397CF7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3090A142-2240-4A8D-A122-C037931A277C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EFD63240-4599-4212-8AF2-7C4089CA9D28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C7EE965-EE3F-4B17-AF38-FA3AA0B11164",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7BE488E5-B3D9-4723-ABBA-A8753EC2DA2D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1259C59E-517F-40BE-8BA6-01AB76257C9A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "63C92F1C-3005-4EA6-B9C0-2BC2E3D611D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "576152B4-9ACD-4C4E-B423-4A5EF44332D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "322F9E62-6A74-4805-8F6B-9C61739B2D4E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F51C453F-6A87-49FB-83F6-22316F28161F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "75F532F0-6653-4275-A85A-BD9A9A611E96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CC7300E-0CBE-47FD-A241-B4B4F0164EBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "255102DA-A2C0-4795-9539-B4CBD587554A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "349B06F1-772A-4A12-A7B9-EA220ED96D2C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "B779800A-FF4B-47DD-B56F-77D10D6A335C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.90:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0213390-08FA-4E04-835B-8BE0FC61B464",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.91:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B304657-740A-4F8D-99CD-22E283FEE6F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "178680C2-DB1B-4250-9B6E-6ADABA60DE44",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCA9036F-92DA-45C2-9FBC-DE03444D34F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6855B98-DAA2-4850-A765-2F4D6D93A424",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "4743EC55-B61D-4C1A-9ED7-060268F2DB27",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CD4454E-3D2B-4582-B5E5-0317A6417654",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "96402B67-A7A8-44E3-914E-A10A69FAD735",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "66C608C8-F382-4D6B-A638-98763C1CBB66",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "21F0F4E0-91B7-4B1F-BFA9-829101A7F90A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.7.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "22287102-80B1-4E1F-85E4-488B020A51E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF3030D6-DE07-418B-AB40-87C85FCA3C58",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3583D56-F653-457A-B1F8-25842A15CB82",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6EEA5DBB-5A80-439E-A135-77CB40772916",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4A5C43B-3978-4D0A-8166-A99622106781",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A940AF2-A7CA-408F-86E2-797C7BA8A6BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B2CD8A0-2DBA-4AC9-A97D-D4DAEB6C7A74",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA56CB7C-E7B3-4F0B-8BEB-F133FAF0D6FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "6323ED7A-6FE8-4885-B743-3E2F82ECA08B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "90D3345C-2D35-413C-B6F9-C308BC7C2AA6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "26216EEC-26B7-41C8-ADFB-64D2EA8DAA8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9D3618D-A183-4B09-9CA2-8D622C3486DD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.9.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A88294D9-563E-4AB3-9FE6-971F43B052B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A39F672-B238-4B21-A48E-5121771949F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "58A5D199-E952-44B5-B5E5-170040FA813E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "349B4B75-32E2-49FB-9606-8B057AFA2E3E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "55A8D058-224E-467E-AB61-06F90B541F24",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "77C47EDD-2212-4259-8229-FF05E1A7B5AD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Integer overflow in the JBIG2 decoding feature in the SplashBitmap::SplashBitmap function in SplashBitmap.cc in Xpdf 3.x before 3.02pl4 and Poppler before 0.10.6, as used in GPdf and kdegraphics KPDF, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de entero en la caracter\u00edstica JBIG2 decoding en Poppler anteriores a v0.10.6 permite a atacantes remotos producir una denegaci\u00f3n de servicio (caida) y posiblemente ejecutar c\u00f3digo a trav\u00e9s de vectores relacionados con SplashBitmap (splash/SplashBitmap.cc)."
    }
  ],
  "id": "CVE-2009-1188",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2009-04-23T19:30:00.547",
  "references": [
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://bugs.gentoo.org/show_bug.cgi?id=263028#c16"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035340.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035399.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035408.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://poppler.freedesktop.org/releases.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/34746"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/35064"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/35618"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/37028"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/37037"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/37043"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/37053"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/37077"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/37079"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/39327"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/39938"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://wiki.rpath.com/Advisories:rPSA-2009-0059"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2010/dsa-2028"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2010/dsa-2050"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/196617"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/502761/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/bid/34568"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2009/1076"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2009/2928"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2010/0802"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2010/1040"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2010/1220"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://bugs.launchpad.net/ubuntu/+source/poppler/+bug/361875"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=495907"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=526915"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50185"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9957"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://rhn.redhat.com/errata/RHSA-2009-1501.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://rhn.redhat.com/errata/RHSA-2009-1502.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://rhn.redhat.com/errata/RHSA-2009-1503.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://rhn.redhat.com/errata/RHSA-2009-1512.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://bugs.gentoo.org/show_bug.cgi?id=263028#c16"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035340.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035399.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035408.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://poppler.freedesktop.org/releases.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/34746"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/35064"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/35618"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/37028"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/37037"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/37043"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/37053"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/37077"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/37079"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/39327"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/39938"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://wiki.rpath.com/Advisories:rPSA-2009-0059"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2010/dsa-2028"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2010/dsa-2050"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/196617"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/502761/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/34568"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2009/1076"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2009/2928"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2010/0802"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2010/1040"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2010/1220"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugs.launchpad.net/ubuntu/+source/poppler/+bug/361875"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=495907"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=526915"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50185"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9957"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://rhn.redhat.com/errata/RHSA-2009-1501.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://rhn.redhat.com/errata/RHSA-2009-1502.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://rhn.redhat.com/errata/RHSA-2009-1503.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://rhn.redhat.com/errata/RHSA-2009-1512.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-189"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2009-04-23 19:30
Modified
2025-04-09 00:30
Severity ?
Summary
Integer overflow in the JBIG2 decoding feature in Poppler before 0.10.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to CairoOutputDev (CairoOutputDev.cc).
References
secalert@redhat.comhttp://bugs.gentoo.org/show_bug.cgi?id=263028#c16Patch
secalert@redhat.comhttp://poppler.freedesktop.org/releases.html
secalert@redhat.comhttp://secunia.com/advisories/34746
secalert@redhat.comhttp://secunia.com/advisories/35064
secalert@redhat.comhttp://secunia.com/advisories/35618
secalert@redhat.comhttp://wiki.rpath.com/Advisories:rPSA-2009-0059
secalert@redhat.comhttp://www.kb.cert.org/vuls/id/196617US Government Resource
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDVSA-2010:087
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDVSA-2011:175
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2009-0480.html
secalert@redhat.comhttp://www.securityfocus.com/archive/1/502761/100/0/threaded
secalert@redhat.comhttp://www.securityfocus.com/bid/34568
secalert@redhat.comhttp://www.vupen.com/english/advisories/2009/1076
secalert@redhat.comhttp://www.vupen.com/english/advisories/2010/1040
secalert@redhat.comhttps://bugs.launchpad.net/ubuntu/+source/poppler/+bug/361875
secalert@redhat.comhttps://exchange.xforce.ibmcloud.com/vulnerabilities/50184
secalert@redhat.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10292
secalert@redhat.comhttps://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html
secalert@redhat.comhttps://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html
secalert@redhat.comhttps://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html
af854a3a-2127-422b-91ae-364da2661108http://bugs.gentoo.org/show_bug.cgi?id=263028#c16Patch
af854a3a-2127-422b-91ae-364da2661108http://poppler.freedesktop.org/releases.html
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/34746
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/35064
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/35618
af854a3a-2127-422b-91ae-364da2661108http://wiki.rpath.com/Advisories:rPSA-2009-0059
af854a3a-2127-422b-91ae-364da2661108http://www.kb.cert.org/vuls/id/196617US Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2010:087
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2011:175
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2009-0480.html
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/502761/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/34568
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2009/1076
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2010/1040
af854a3a-2127-422b-91ae-364da2661108https://bugs.launchpad.net/ubuntu/+source/poppler/+bug/361875
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/50184
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10292
af854a3a-2127-422b-91ae-364da2661108https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html
af854a3a-2127-422b-91ae-364da2661108https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html
af854a3a-2127-422b-91ae-364da2661108https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:poppler:poppler:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0299F4A-A027-430C-9A53-AFEF9022960C",
              "versionEndIncluding": "0.10.5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E23EBF88-10DE-4EA6-9F0E-F33C88541F65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "54F75CFD-3523-4017-992C-4FA6406D49F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB116A19-6436-40BE-B5C6-32C22D888B9A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A4C1429-593B-47B6-AC84-832F2296FAB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "18240BA6-3390-4925-AC25-DA4C42397CF7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3090A142-2240-4A8D-A122-C037931A277C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EFD63240-4599-4212-8AF2-7C4089CA9D28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C7EE965-EE3F-4B17-AF38-FA3AA0B11164",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7BE488E5-B3D9-4723-ABBA-A8753EC2DA2D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1259C59E-517F-40BE-8BA6-01AB76257C9A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "63C92F1C-3005-4EA6-B9C0-2BC2E3D611D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "576152B4-9ACD-4C4E-B423-4A5EF44332D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "322F9E62-6A74-4805-8F6B-9C61739B2D4E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F51C453F-6A87-49FB-83F6-22316F28161F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "75F532F0-6653-4275-A85A-BD9A9A611E96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CC7300E-0CBE-47FD-A241-B4B4F0164EBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "255102DA-A2C0-4795-9539-B4CBD587554A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "349B06F1-772A-4A12-A7B9-EA220ED96D2C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "B779800A-FF4B-47DD-B56F-77D10D6A335C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.90:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0213390-08FA-4E04-835B-8BE0FC61B464",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.91:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B304657-740A-4F8D-99CD-22E283FEE6F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "178680C2-DB1B-4250-9B6E-6ADABA60DE44",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCA9036F-92DA-45C2-9FBC-DE03444D34F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6855B98-DAA2-4850-A765-2F4D6D93A424",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "4743EC55-B61D-4C1A-9ED7-060268F2DB27",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CD4454E-3D2B-4582-B5E5-0317A6417654",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "96402B67-A7A8-44E3-914E-A10A69FAD735",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "66C608C8-F382-4D6B-A638-98763C1CBB66",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "21F0F4E0-91B7-4B1F-BFA9-829101A7F90A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.7.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "22287102-80B1-4E1F-85E4-488B020A51E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF3030D6-DE07-418B-AB40-87C85FCA3C58",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3583D56-F653-457A-B1F8-25842A15CB82",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6EEA5DBB-5A80-439E-A135-77CB40772916",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4A5C43B-3978-4D0A-8166-A99622106781",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A940AF2-A7CA-408F-86E2-797C7BA8A6BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B2CD8A0-2DBA-4AC9-A97D-D4DAEB6C7A74",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA56CB7C-E7B3-4F0B-8BEB-F133FAF0D6FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "6323ED7A-6FE8-4885-B743-3E2F82ECA08B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "90D3345C-2D35-413C-B6F9-C308BC7C2AA6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "26216EEC-26B7-41C8-ADFB-64D2EA8DAA8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9D3618D-A183-4B09-9CA2-8D622C3486DD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.9.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A88294D9-563E-4AB3-9FE6-971F43B052B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A39F672-B238-4B21-A48E-5121771949F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "58A5D199-E952-44B5-B5E5-170040FA813E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "349B4B75-32E2-49FB-9606-8B057AFA2E3E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "55A8D058-224E-467E-AB61-06F90B541F24",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "77C47EDD-2212-4259-8229-FF05E1A7B5AD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Integer overflow in the JBIG2 decoding feature in Poppler before 0.10.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to CairoOutputDev (CairoOutputDev.cc)."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de entero en la caracter\u00edstica JBIG2 decoding en Poppler anteriores a v0.10.6 permite a atacantes remotos producir una denegaci\u00f3n de servicio (caida) y posiblemente ejecutar c\u00f3digo a trav\u00e9s de vectores relacionados con CairoOutputDev (CairoOutputDev.cc)."
    }
  ],
  "id": "CVE-2009-1187",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2009-04-23T19:30:00.530",
  "references": [
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://bugs.gentoo.org/show_bug.cgi?id=263028#c16"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://poppler.freedesktop.org/releases.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/34746"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/35064"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/35618"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://wiki.rpath.com/Advisories:rPSA-2009-0059"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/196617"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/502761/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/bid/34568"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2009/1076"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2010/1040"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://bugs.launchpad.net/ubuntu/+source/poppler/+bug/361875"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50184"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10292"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://bugs.gentoo.org/show_bug.cgi?id=263028#c16"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://poppler.freedesktop.org/releases.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/34746"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/35064"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/35618"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://wiki.rpath.com/Advisories:rPSA-2009-0059"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/196617"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/502761/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/34568"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2009/1076"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2010/1040"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugs.launchpad.net/ubuntu/+source/poppler/+bug/361875"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50184"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10292"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-189"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2009-04-23 17:30
Modified
2025-04-09 00:30
Severity ?
Summary
The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers a NULL pointer dereference.
References
secalert@redhat.comhttp://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html
secalert@redhat.comhttp://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html
secalert@redhat.comhttp://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html
secalert@redhat.comhttp://poppler.freedesktop.org/releases.htmlPatch, Vendor Advisory
secalert@redhat.comhttp://rhn.redhat.com/errata/RHSA-2009-0458.html
secalert@redhat.comhttp://secunia.com/advisories/34291Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/34481Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/34746Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/34755Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/34756Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/34852Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/34959Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/34963Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/34991Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/35037Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/35064Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/35065Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/35618Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/35685Vendor Advisory
secalert@redhat.comhttp://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.578477
secalert@redhat.comhttp://www.debian.org/security/2009/dsa-1790Patch
secalert@redhat.comhttp://www.debian.org/security/2009/dsa-1793Patch
secalert@redhat.comhttp://www.kb.cert.org/vuls/id/196617US Government Resource
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDVSA-2009:101
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDVSA-2010:087
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDVSA-2011:175
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2009-0429.htmlPatch
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2009-0430.htmlPatch
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2009-0431.htmlPatch
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2009-0480.html
secalert@redhat.comhttp://www.securityfocus.com/bid/34568Patch
secalert@redhat.comhttp://www.securitytracker.com/id?1022072
secalert@redhat.comhttp://www.vupen.com/english/advisories/2009/1065Patch, Vendor Advisory
secalert@redhat.comhttp://www.vupen.com/english/advisories/2009/1066Patch, Vendor Advisory
secalert@redhat.comhttp://www.vupen.com/english/advisories/2009/1076Patch, Vendor Advisory
secalert@redhat.comhttp://www.vupen.com/english/advisories/2009/1077Vendor Advisory
secalert@redhat.comhttp://www.vupen.com/english/advisories/2010/1040Vendor Advisory
secalert@redhat.comhttps://bugzilla.redhat.com/show_bug.cgi?id=495894
secalert@redhat.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9683
secalert@redhat.comhttps://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html
secalert@redhat.comhttps://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html
secalert@redhat.comhttps://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html
af854a3a-2127-422b-91ae-364da2661108http://poppler.freedesktop.org/releases.htmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2009-0458.html
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/34291Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/34481Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/34746Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/34755Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/34756Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/34852Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/34959Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/34963Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/34991Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/35037Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/35064Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/35065Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/35618Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/35685Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.578477
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2009/dsa-1790Patch
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2009/dsa-1793Patch
af854a3a-2127-422b-91ae-364da2661108http://www.kb.cert.org/vuls/id/196617US Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2009:101
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2010:087
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2011:175
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2009-0429.htmlPatch
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2009-0430.htmlPatch
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2009-0431.htmlPatch
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2009-0480.html
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/34568Patch
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1022072
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2009/1065Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2009/1066Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2009/1076Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2009/1077Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2010/1040Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.redhat.com/show_bug.cgi?id=495894
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9683
af854a3a-2127-422b-91ae-364da2661108https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html
af854a3a-2127-422b-91ae-364da2661108https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html
af854a3a-2127-422b-91ae-364da2661108https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html
Impacted products
Vendor Product Version
foolabs xpdf 0.5a
foolabs xpdf 0.7a
foolabs xpdf 0.91a
foolabs xpdf 0.91b
foolabs xpdf 0.91c
foolabs xpdf 0.92a
foolabs xpdf 0.92b
foolabs xpdf 0.92c
foolabs xpdf 0.92d
foolabs xpdf 0.92e
foolabs xpdf 0.93a
foolabs xpdf 0.93b
foolabs xpdf 0.93c
foolabs xpdf 1.00a
glyphandcog xpdfreader *
glyphandcog xpdfreader 0.2
glyphandcog xpdfreader 0.3
glyphandcog xpdfreader 0.4
glyphandcog xpdfreader 0.5
glyphandcog xpdfreader 0.6
glyphandcog xpdfreader 0.7
glyphandcog xpdfreader 0.80
glyphandcog xpdfreader 0.90
glyphandcog xpdfreader 0.91
glyphandcog xpdfreader 0.92
glyphandcog xpdfreader 0.93
glyphandcog xpdfreader 1.00
glyphandcog xpdfreader 1.01
glyphandcog xpdfreader 2.00
glyphandcog xpdfreader 2.01
glyphandcog xpdfreader 2.02
glyphandcog xpdfreader 2.03
glyphandcog xpdfreader 3.00
glyphandcog xpdfreader 3.01
poppler poppler *
poppler poppler 0.1
poppler poppler 0.1.1
poppler poppler 0.1.2
poppler poppler 0.2.0
poppler poppler 0.3.0
poppler poppler 0.3.1
poppler poppler 0.3.2
poppler poppler 0.3.3
poppler poppler 0.4.0
poppler poppler 0.4.1
poppler poppler 0.4.2
poppler poppler 0.4.3
poppler poppler 0.4.4
poppler poppler 0.5.0
poppler poppler 0.5.1
poppler poppler 0.5.2
poppler poppler 0.5.3
poppler poppler 0.5.4
poppler poppler 0.5.9
poppler poppler 0.5.90
poppler poppler 0.5.91
poppler poppler 0.6.0
poppler poppler 0.6.1
poppler poppler 0.6.2
poppler poppler 0.6.3
poppler poppler 0.6.4
poppler poppler 0.7.0
poppler poppler 0.7.1
poppler poppler 0.7.2
poppler poppler 0.7.3
poppler poppler 0.8.0
poppler poppler 0.8.1
poppler poppler 0.8.2
poppler poppler 0.8.3
poppler poppler 0.8.4
poppler poppler 0.8.5
poppler poppler 0.8.6
poppler poppler 0.8.7
poppler poppler 0.9.0
poppler poppler 0.9.1
poppler poppler 0.9.2
poppler poppler 0.9.3
poppler poppler 0.10.0
poppler poppler 0.10.1
poppler poppler 0.10.2
poppler poppler 0.10.3
poppler poppler 0.10.4
apple cups *
apple cups 1.1
apple cups 1.1.1
apple cups 1.1.2
apple cups 1.1.3
apple cups 1.1.4
apple cups 1.1.5
apple cups 1.1.5-1
apple cups 1.1.5-2
apple cups 1.1.6
apple cups 1.1.6-1
apple cups 1.1.6-2
apple cups 1.1.6-3
apple cups 1.1.7
apple cups 1.1.8
apple cups 1.1.9
apple cups 1.1.9-1
apple cups 1.1.10
apple cups 1.1.10-1
apple cups 1.1.11
apple cups 1.1.12
apple cups 1.1.13
apple cups 1.1.14
apple cups 1.1.15
apple cups 1.1.16
apple cups 1.1.17
apple cups 1.1.18
apple cups 1.1.19
apple cups 1.1.19
apple cups 1.1.19
apple cups 1.1.19
apple cups 1.1.19
apple cups 1.1.19
apple cups 1.1.20
apple cups 1.1.20
apple cups 1.1.20
apple cups 1.1.20
apple cups 1.1.20
apple cups 1.1.20
apple cups 1.1.20
apple cups 1.1.21
apple cups 1.1.21
apple cups 1.1.21
apple cups 1.1.22
apple cups 1.1.22
apple cups 1.1.22
apple cups 1.1.23
apple cups 1.1.23
apple cups 1.2.0
apple cups 1.2.1
apple cups 1.2.2
apple cups 1.2.3
apple cups 1.2.4
apple cups 1.2.5
apple cups 1.2.6
apple cups 1.2.7
apple cups 1.2.8
apple cups 1.2.9
apple cups 1.2.10
apple cups 1.2.11
apple cups 1.2.12
apple cups 1.3.0
apple cups 1.3.1
apple cups 1.3.2
apple cups 1.3.3
apple cups 1.3.4
apple cups 1.3.5
apple cups 1.3.6
apple cups 1.3.7
apple cups 1.3.8
apple cups 1.3.10
apple cups 1.3.11



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.5a:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8ABE533-8FC1-45E6-B574-A4CC7571EF7C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.7a:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B02805E-7BD0-4563-82C8-6FFB982D4913",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.91a:*:*:*:*:*:*:*",
              "matchCriteriaId": "852F526D-F388-4FF0-BDD9-DF7635DB46D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.91b:*:*:*:*:*:*:*",
              "matchCriteriaId": "478D53EA-CC8C-4ECB-8410-0910505AD819",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.91c:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C84FB90-FF1C-4502-B2D2-390438DD422F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.92a:*:*:*:*:*:*:*",
              "matchCriteriaId": "13341DAE-D16D-41A7-BF17-FEC802997B15",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.92b:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E30BAEA-231C-4A82-B014-9EE3D1E81545",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.92c:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE1DE5A5-6448-43F6-A612-56998D16E6B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.92d:*:*:*:*:*:*:*",
              "matchCriteriaId": "35F84699-D4CF-4FD1-A959-53E316559EBE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.92e:*:*:*:*:*:*:*",
              "matchCriteriaId": "D820DFD5-0EF9-4C9A-B281-D553A4F63141",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.93a:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2EFC7E4-E513-42DB-BDA5-8D1E497971DD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.93b:*:*:*:*:*:*:*",
              "matchCriteriaId": "0AA5CDDC-BFDE-4C5E-920F-5DA1B3C51B52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.93c:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4CF839D-D034-4D47-977F-7E27B36EF04F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:1.00a:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3B3E8A4-14FE-42DA-B82E-839B092B5302",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "32628280-E2DB-45E0-AB8A-CFC90419A182",
              "versionEndIncluding": "3.02",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEF5EC54-9145-4B51-8241-C9343160BF80",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D33C2C1D-C1C1-4B1D-BDC8-6480CE8EC24B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1344DF7-9917-4DB0-9256-9E8131C55B0A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "309F0CF2-4AF7-4F46-91EA-39BA07BAF312",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "36FA872B-74B8-48E4-9D5C-5ACA6FCB8026",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "20311EDE-0E34-432A-AE41-F61EA68F134A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.80:*:*:*:*:*:*:*",
              "matchCriteriaId": "16FEF460-3569-4294-ABA4-D7C251D67071",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.90:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB41E8C2-BBCC-48CB-805B-23411D39E936",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.91:*:*:*:*:*:*:*",
              "matchCriteriaId": "16670F8A-E70B-4CDF-8C61-414D86E20C84",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.92:*:*:*:*:*:*:*",
              "matchCriteriaId": "69483A91-53DB-4736-908F-7B14EFB40888",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.93:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B3E7962-0A95-4E7B-A983-683B02350B93",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:1.00:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD1120B3-3372-417B-BCA0-FD515638FBFB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:1.01:*:*:*:*:*:*:*",
              "matchCriteriaId": "F7397645-3225-4980-8465-28F93322B58B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.00:*:*:*:*:*:*:*",
              "matchCriteriaId": "1672587F-ED28-4A8A-A6C1-AD1D6B5DF9F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.01:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5A45EAF-B511-4360-A201-D588E7EEB39D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.02:*:*:*:*:*:*:*",
              "matchCriteriaId": "D14637F7-DC99-4AC4-854C-DBA0B4C6BE54",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.03:*:*:*:*:*:*:*",
              "matchCriteriaId": "9EE03979-D564-4ABD-BEBD-E86E7C1BAF9D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.00:*:*:*:*:*:*:*",
              "matchCriteriaId": "15D08CFD-BEE1-4DEE-926D-F4291F88224D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.01:*:*:*:*:*:*:*",
              "matchCriteriaId": "D244903F-5407-4C35-AE2C-1A05D3C227D4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:poppler:poppler:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0299F4A-A027-430C-9A53-AFEF9022960C",
              "versionEndIncluding": "0.10.5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E23EBF88-10DE-4EA6-9F0E-F33C88541F65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "54F75CFD-3523-4017-992C-4FA6406D49F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB116A19-6436-40BE-B5C6-32C22D888B9A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A4C1429-593B-47B6-AC84-832F2296FAB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "18240BA6-3390-4925-AC25-DA4C42397CF7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3090A142-2240-4A8D-A122-C037931A277C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EFD63240-4599-4212-8AF2-7C4089CA9D28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C7EE965-EE3F-4B17-AF38-FA3AA0B11164",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7BE488E5-B3D9-4723-ABBA-A8753EC2DA2D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1259C59E-517F-40BE-8BA6-01AB76257C9A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "63C92F1C-3005-4EA6-B9C0-2BC2E3D611D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "576152B4-9ACD-4C4E-B423-4A5EF44332D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "322F9E62-6A74-4805-8F6B-9C61739B2D4E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F51C453F-6A87-49FB-83F6-22316F28161F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "75F532F0-6653-4275-A85A-BD9A9A611E96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CC7300E-0CBE-47FD-A241-B4B4F0164EBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "255102DA-A2C0-4795-9539-B4CBD587554A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "349B06F1-772A-4A12-A7B9-EA220ED96D2C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "B779800A-FF4B-47DD-B56F-77D10D6A335C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.90:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0213390-08FA-4E04-835B-8BE0FC61B464",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.91:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B304657-740A-4F8D-99CD-22E283FEE6F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "178680C2-DB1B-4250-9B6E-6ADABA60DE44",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCA9036F-92DA-45C2-9FBC-DE03444D34F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6855B98-DAA2-4850-A765-2F4D6D93A424",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "4743EC55-B61D-4C1A-9ED7-060268F2DB27",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CD4454E-3D2B-4582-B5E5-0317A6417654",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "96402B67-A7A8-44E3-914E-A10A69FAD735",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "66C608C8-F382-4D6B-A638-98763C1CBB66",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "21F0F4E0-91B7-4B1F-BFA9-829101A7F90A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.7.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "22287102-80B1-4E1F-85E4-488B020A51E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF3030D6-DE07-418B-AB40-87C85FCA3C58",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3583D56-F653-457A-B1F8-25842A15CB82",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6EEA5DBB-5A80-439E-A135-77CB40772916",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4A5C43B-3978-4D0A-8166-A99622106781",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A940AF2-A7CA-408F-86E2-797C7BA8A6BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B2CD8A0-2DBA-4AC9-A97D-D4DAEB6C7A74",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA56CB7C-E7B3-4F0B-8BEB-F133FAF0D6FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "6323ED7A-6FE8-4885-B743-3E2F82ECA08B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "90D3345C-2D35-413C-B6F9-C308BC7C2AA6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "26216EEC-26B7-41C8-ADFB-64D2EA8DAA8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9D3618D-A183-4B09-9CA2-8D622C3486DD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.9.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A88294D9-563E-4AB3-9FE6-971F43B052B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A39F672-B238-4B21-A48E-5121771949F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "58A5D199-E952-44B5-B5E5-170040FA813E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "349B4B75-32E2-49FB-9606-8B057AFA2E3E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "55A8D058-224E-467E-AB61-06F90B541F24",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "77C47EDD-2212-4259-8229-FF05E1A7B5AD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:apple:cups:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4E90153-8D18-4A50-9581-895C851F6489",
              "versionEndIncluding": "1.3.9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4D89E03-94D0-4F7F-9A54-3021E3E5A321",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "298D6BE7-7683-4225-8DD6-4C0FC5EB48BC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "230B77E7-B1AE-4470-859D-7B5F99749D74",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8FECBBD-B1A2-4F42-8A68-32AB8331BDC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B6070FC-4566-4314-940E-0AAE34B56E28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC691F07-8B38-4867-AB18-51F380CAEA46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.5-1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E943EFBF-39A7-408F-8AC5-677E83DFDBB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.5-2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EA7725A-4398-4C76-BEBF-10E56C7F34F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7415295-0FBF-4946-8D99-8CB2EC391319",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.6-1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C702EE3-4B7C-42EA-92AA-8717807CF67C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.6-2:*:*:*:*:*:*:*",
              "matchCriteriaId": "73F74581-D71C-4FEC-BA8C-85EF4C1991BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.6-3:*:*:*:*:*:*:*",
              "matchCriteriaId": "7ABCFB52-33D3-428C-B1D5-DCE504170A37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "45F03F2B-6AC3-4872-9032-293C2E9B837C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E02B6FB-C36D-45F3-95F3-566CA03B29A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "96093309-A87D-48D0-84DA-446255ABF231",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.9-1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF67F149-614B-4507-A15F-E557A1B73423",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4A14432-D8A1-4D19-9408-B9B4F2FC6B0A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.10-1:*:*:*:*:*:*:*",
              "matchCriteriaId": "49862F77-B8DE-4AA7-AE17-B348B05AC00E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "78D7719F-03E0-4E66-A50A-F8E857A9B6AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3139FDA-9476-4414-B349-7119E63FD268",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "523FE78C-441F-4ACD-B9F2-3E5293E277AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "F887B5B1-7528-4086-AE6C-134F54A93342",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D6D24ED-0D73-4CF2-B746-6EF29F2EF56F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "E8C5C552-6276-4791-80CD-6B3EB425EF04",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "8335D4E3-563D-4288-B708-A9635BCA595F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "5279D055-248A-4BD1-9FBB-0024BA16DF5B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF791C1D-9AF8-4F0F-8F4B-844BC9A55DFD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.19:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "16519855-FCB9-44A8-9C7E-116192327BAB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.19:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "B1D9330B-C51A-4C7D-A322-85103C64D86C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.19:rc3:*:*:*:*:*:*",
              "matchCriteriaId": "2DA0C19F-95EB-429C-AF06-A2C1D5643662",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.19:rc4:*:*:*:*:*:*",
              "matchCriteriaId": "225CCE80-FF4B-4B39-B8BD-EB4710047524",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.19:rc5:*:*:*:*:*:*",
              "matchCriteriaId": "07925DD8-50C0-4908-95D1-7342A4617BBC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "48A519DB-6C6D-4094-814D-33BD5EF389BC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.20:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "B6ED7566-5092-4B08-97A9-B2B53117A224",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.20:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "98DCAC0C-896F-4353-A665-5BCD0D8AEBA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.20:rc3:*:*:*:*:*:*",
              "matchCriteriaId": "E72614CD-8F70-4E07-AD83-8FDE8026CEC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.20:rc4:*:*:*:*:*:*",
              "matchCriteriaId": "48E62419-C165-4B42-8C23-E24821BD4BB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.20:rc5:*:*:*:*:*:*",
              "matchCriteriaId": "217D804B-CA56-49CE-B9EB-2A297EB1763C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.20:rc6:*:*:*:*:*:*",
              "matchCriteriaId": "A41E8583-C837-4871-B4D2-FD41C78D538E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "D480C37B-0DA8-4096-80B0-5198FE589A4B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.21:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "74F5A83B-3C1A-49F3-A9D6-F7B9B897E447",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.21:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "241D4183-879D-4974-BACB-A6987EDA2E7D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "96592A93-4967-4B91-BCF7-558DC472E7BC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.22:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "8758715D-B973-4960-8B7D-6F9A11E73288",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.22:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "0370E9EB-B830-4362-B83C-912579695691",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA3EC6EE-720D-4F27-A2E1-88AE53FC41A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.23:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "D644926A-C2A5-45FE-85A3-2782CE87ED86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0696E675-0A13-45FC-8917-845E6FF7A311",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "78BAC98C-1FE6-42A3-8B62-E3C321914F6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "BCC3EF2F-0140-4185-9FB3-2B595B61CDC1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C36785A-F735-45C0-986B-9624AD65F0C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C1D3916-607F-44E8-9D47-93C6C0789083",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "174613C3-A04B-4701-849B-BAA598BF4F72",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "81C1137C-BE3D-45F9-83C9-D212107F0E14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CBC1F81-E93A-42A7-8BC8-4B903688F2E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FA876FF-C58A-45CF-A8E8-E2068DF79421",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.2.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "5FD78771-BD9A-4AC2-B664-B189DD288FB2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.2.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "50A16424-732F-4B76-A753-1642A97BC1EA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.2.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "E189C976-2DD2-485C-828E-7FC3DC6A8F32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.2.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "A86CA90F-A944-4F3E-B75F-8147125335D2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FAFABDC-E40F-4C53-AC66-94EFD077665D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "42A2F7B3-F4A7-416E-A07F-D4C5F0768B6F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F96C1B80-9E20-4832-8308-BF7911569EF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F2D7DB3-F467-4BC0-83BB-4706D067A2C5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABD33C2C-7D39-4CCE-AC99-BC7B1B205A4F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "46C394DC-65A7-4713-B823-6F5D329A0C5C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5E9F74F-3C7D-486A-8BA1-EE2A73160B39",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "69BD64BB-BDA7-4F82-8324-B7C7C941133C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCAEE03E-0B8A-4D10-BD4D-2DA25B7BBE16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.3.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8814509-8B08-46C6-AE50-19B7D30DCF40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "0718FB6B-D787-409A-B535-0318F2C63A81",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers a NULL pointer dereference."
    },
    {
      "lang": "es",
      "value": "El decodificador JBIG2 en Xpdf versi\u00f3n 3.02 PL2 y anteriores, CUPS versi\u00f3n 1.3.9 y anteriores, Poppler versi\u00f3n anterior a 0.10.6, y otros productos, permite a los atacantes remotos causar una denegaci\u00f3n de servicio (bloqueo) por medio de un archivo PDF creado que desencadena una desreferencia de puntero NULL."
    }
  ],
  "id": "CVE-2009-1181",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2009-04-23T17:30:01.780",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://poppler.freedesktop.org/releases.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34291"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34481"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34746"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34755"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34756"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34852"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34959"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34963"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34991"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35037"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35064"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35065"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35618"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35685"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://www.debian.org/security/2009/dsa-1790"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://www.debian.org/security/2009/dsa-1793"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/196617"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/34568"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securitytracker.com/id?1022072"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/1065"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/1066"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/1076"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/1077"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2010/1040"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=495894"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9683"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://poppler.freedesktop.org/releases.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34291"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34481"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34746"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34755"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34756"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34852"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34959"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34963"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34991"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35037"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35064"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35065"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35618"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35685"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.debian.org/security/2009/dsa-1790"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.debian.org/security/2009/dsa-1793"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/196617"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/34568"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1022072"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/1065"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/1066"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/1076"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/1077"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2010/1040"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=495894"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9683"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-399"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2005-12-31 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows.
References
secalert@redhat.comftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt
secalert@redhat.comftp://patches.sgi.com/support/free/security/advisories/20051201-01-U
secalert@redhat.comftp://patches.sgi.com/support/free/security/advisories/20060101-01-U
secalert@redhat.comftp://patches.sgi.com/support/free/security/advisories/20060201-01-U
secalert@redhat.comhttp://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.htmlPatch
secalert@redhat.comhttp://rhn.redhat.com/errata/RHSA-2006-0177.htmlPatch, Vendor Advisory
secalert@redhat.comhttp://scary.beasts.org/security/CESA-2005-003.txtExploit, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18147
secalert@redhat.comhttp://secunia.com/advisories/18303Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18312Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18313Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18329Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18332Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18334
secalert@redhat.comhttp://secunia.com/advisories/18338Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18349Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18373
secalert@redhat.comhttp://secunia.com/advisories/18375Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18380
secalert@redhat.comhttp://secunia.com/advisories/18385Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18387Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18389Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18398Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18407Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18414
secalert@redhat.comhttp://secunia.com/advisories/18416Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18423Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18425
secalert@redhat.comhttp://secunia.com/advisories/18428
secalert@redhat.comhttp://secunia.com/advisories/18436
secalert@redhat.comhttp://secunia.com/advisories/18448Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18463
secalert@redhat.comhttp://secunia.com/advisories/18517Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18534Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18554Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18582Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18642Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18644Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18674Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18675Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18679Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18908
secalert@redhat.comhttp://secunia.com/advisories/18913Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/19230
secalert@redhat.comhttp://secunia.com/advisories/19377
secalert@redhat.comhttp://secunia.com/advisories/25729
secalert@redhat.comhttp://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683
secalert@redhat.comhttp://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747
secalert@redhat.comhttp://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1
secalert@redhat.comhttp://www.debian.org/security/2005/dsa-931
secalert@redhat.comhttp://www.debian.org/security/2005/dsa-932
secalert@redhat.comhttp://www.debian.org/security/2005/dsa-937
secalert@redhat.comhttp://www.debian.org/security/2005/dsa-938
secalert@redhat.comhttp://www.debian.org/security/2005/dsa-940
secalert@redhat.comhttp://www.debian.org/security/2006/dsa-936Patch, Vendor Advisory
secalert@redhat.comhttp://www.debian.org/security/2006/dsa-950Patch, Vendor Advisory
secalert@redhat.comhttp://www.debian.org/security/2006/dsa-961Patch, Vendor Advisory
secalert@redhat.comhttp://www.debian.org/security/2006/dsa-962Patch, Vendor Advisory
secalert@redhat.comhttp://www.gentoo.org/security/en/glsa/glsa-200601-02.xmlPatch, Vendor Advisory
secalert@redhat.comhttp://www.gentoo.org/security/en/glsa/glsa-200601-17.xmlPatch, Vendor Advisory
secalert@redhat.comhttp://www.kde.org/info/security/advisory-20051207-2.txtPatch, Vendor Advisory
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2006:003
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2006:004
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2006:005
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2006:006
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2006:008
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2006:010
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2006:011
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2006:012
secalert@redhat.comhttp://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html
secalert@redhat.comhttp://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2006-0160.htmlPatch, Vendor Advisory
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2006-0163.html
secalert@redhat.comhttp://www.securityfocus.com/archive/1/427053/100/0/threaded
secalert@redhat.comhttp://www.securityfocus.com/archive/1/427990/100/0/threaded
secalert@redhat.comhttp://www.securityfocus.com/bid/16143Patch
secalert@redhat.comhttp://www.trustix.org/errata/2006/0002/
secalert@redhat.comhttp://www.vupen.com/english/advisories/2006/0047
secalert@redhat.comhttp://www.vupen.com/english/advisories/2007/2280
secalert@redhat.comhttps://exchange.xforce.ibmcloud.com/vulnerabilities/24022
secalert@redhat.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9437
secalert@redhat.comhttps://usn.ubuntu.com/236-1/
af854a3a-2127-422b-91ae-364da2661108ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt
af854a3a-2127-422b-91ae-364da2661108ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U
af854a3a-2127-422b-91ae-364da2661108ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U
af854a3a-2127-422b-91ae-364da2661108ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U
af854a3a-2127-422b-91ae-364da2661108http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.htmlPatch
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2006-0177.htmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://scary.beasts.org/security/CESA-2005-003.txtExploit, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18147
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18303Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18312Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18313Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18329Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18332Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18334
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18338Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18349Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18373
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18375Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18380
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18385Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18387Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18389Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18398Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18407Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18414
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18416Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18423Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18425
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18428
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18436
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18448Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18463
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18517Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18534Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18554Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18582Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18642Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18644Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18674Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18675Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18679Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18908
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18913Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19230
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19377
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/25729
af854a3a-2127-422b-91ae-364da2661108http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683
af854a3a-2127-422b-91ae-364da2661108http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747
af854a3a-2127-422b-91ae-364da2661108http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2005/dsa-931
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2005/dsa-932
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2005/dsa-937
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2005/dsa-938
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2005/dsa-940
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2006/dsa-936Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2006/dsa-950Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2006/dsa-961Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2006/dsa-962Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.gentoo.org/security/en/glsa/glsa-200601-02.xmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.gentoo.org/security/en/glsa/glsa-200601-17.xmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.kde.org/info/security/advisory-20051207-2.txtPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:003
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:004
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:005
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:006
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:008
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:010
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:011
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:012
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2006-0160.htmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2006-0163.html
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/427053/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/427990/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/16143Patch
af854a3a-2127-422b-91ae-364da2661108http://www.trustix.org/errata/2006/0002/
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2006/0047
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2007/2280
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/24022
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9437
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/236-1/
Impacted products
Vendor Product Version
easy_software_products cups 1.1.22
easy_software_products cups 1.1.22_rc1
easy_software_products cups 1.1.23
easy_software_products cups 1.1.23_rc1
kde kdegraphics 3.2
kde kdegraphics 3.4.3
kde koffice 1.4
kde koffice 1.4.1
kde koffice 1.4.2
kde kpdf 3.2
kde kpdf 3.4.3
kde kword 1.4.2
libextractor libextractor *
poppler poppler 0.4.2
sgi propack 3.0
tetex tetex 1.0.7
tetex tetex 2.0
tetex tetex 2.0.1
tetex tetex 2.0.2
tetex tetex 3.0
xpdf xpdf 3.0
conectiva linux 10.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.1
debian debian_linux 3.1
debian debian_linux 3.1
debian debian_linux 3.1
debian debian_linux 3.1
debian debian_linux 3.1
debian debian_linux 3.1
debian debian_linux 3.1
debian debian_linux 3.1
debian debian_linux 3.1
debian debian_linux 3.1
debian debian_linux 3.1
debian debian_linux 3.1
gentoo linux *
mandrakesoft mandrake_linux 10.1
mandrakesoft mandrake_linux 10.1
mandrakesoft mandrake_linux 10.2
mandrakesoft mandrake_linux 10.2
mandrakesoft mandrake_linux 2006
mandrakesoft mandrake_linux 2006
mandrakesoft mandrake_linux_corporate_server 2.1
mandrakesoft mandrake_linux_corporate_server 2.1
mandrakesoft mandrake_linux_corporate_server 3.0
mandrakesoft mandrake_linux_corporate_server 3.0
redhat enterprise_linux 2.1
redhat enterprise_linux 2.1
redhat enterprise_linux 2.1
redhat enterprise_linux 2.1
redhat enterprise_linux 2.1
redhat enterprise_linux 2.1
redhat enterprise_linux 3.0
redhat enterprise_linux 3.0
redhat enterprise_linux 3.0
redhat enterprise_linux 4.0
redhat enterprise_linux 4.0
redhat enterprise_linux 4.0
redhat enterprise_linux_desktop 3.0
redhat enterprise_linux_desktop 4.0
redhat fedora_core core_1.0
redhat fedora_core core_2.0
redhat fedora_core core_3.0
redhat fedora_core core_4.0
redhat linux 7.3
redhat linux 9.0
redhat linux_advanced_workstation 2.1
redhat linux_advanced_workstation 2.1
sco openserver 5.0.7
sco openserver 6.0
slackware slackware_linux 9.0
slackware slackware_linux 9.1
slackware slackware_linux 10.0
slackware slackware_linux 10.1
slackware slackware_linux 10.2
suse suse_linux 1.0
suse suse_linux 9.0
suse suse_linux 9.0
suse suse_linux 9.0
suse suse_linux 9.0
suse suse_linux 9.0
suse suse_linux 9.1
suse suse_linux 9.1
suse suse_linux 9.1
suse suse_linux 9.2
suse suse_linux 9.2
suse suse_linux 9.2
suse suse_linux 9.3
suse suse_linux 9.3
suse suse_linux 9.3
suse suse_linux 10.0
suse suse_linux 10.0
trustix secure_linux 2.0
trustix secure_linux 2.2
trustix secure_linux 3.0
turbolinux turbolinux 10
turbolinux turbolinux fuji
turbolinux turbolinux_appliance_server 1.0_hosting_edition
turbolinux turbolinux_appliance_server 1.0_workgroup_edition
turbolinux turbolinux_desktop 10.0
turbolinux turbolinux_home *
turbolinux turbolinux_multimedia *
turbolinux turbolinux_personal *
turbolinux turbolinux_server 8.0
turbolinux turbolinux_server 10.0
turbolinux turbolinux_server 10.0_x86
turbolinux turbolinux_workstation 8.0
ubuntu ubuntu_linux 4.1
ubuntu ubuntu_linux 4.1
ubuntu ubuntu_linux 5.04
ubuntu ubuntu_linux 5.04
ubuntu ubuntu_linux 5.04
ubuntu ubuntu_linux 5.10
ubuntu ubuntu_linux 5.10
ubuntu ubuntu_linux 5.10



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1512A96-B8E7-4DB7-A4CB-8FD3773BFC97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.22_rc1:*:*:*:*:*:*:*",
              "matchCriteriaId": "787B918D-9CCC-44FE-92AF-E8DF1E91A3C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "C116493B-2837-4531-9291-A9FF03099A97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.23_rc1:*:*:*:*:*:*:*",
              "matchCriteriaId": "525BD04B-387F-4713-BC89-472D0D0BCFD0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:kdegraphics:3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6BF92649-90CE-4E75-A938-61D0916B5A7E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:kdegraphics:3.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CA505B4-0C17-49C8-9533-CA8CE3AA77D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:koffice:1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "37C08E0A-651F-458B-BCEC-A30DCD527E47",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:koffice:1.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6000D6AF-C056-4BC0-A54C-72E23E52AB92",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:koffice:1.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7D036E4-FA49-417D-968B-9D73B16A09BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:kpdf:3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDAF6452-F3B0-4F62-893E-BCFA6AB7AE3B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:kpdf:3.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC2AB9CB-DEAB-45AB-A7CA-D19E069907EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:kword:1.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EAC32BAA-99B3-4B40-83A3-ED9E1B12B295",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libextractor:libextractor:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "679D9520-DE8E-4D06-A227-3B1C1D05977D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "63C92F1C-3005-4EA6-B9C0-2BC2E3D611D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sgi:propack:3.0:sp6:*:*:*:*:*:*",
              "matchCriteriaId": "EF8ABD90-AD2B-4FA0-A355-9D7CD6D3C486",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tetex:tetex:1.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "C86C7D6F-C39E-4403-86C6-F87599570E97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tetex:tetex:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "236005A1-C175-44D3-8D0C-C48F943F3D66",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tetex:tetex:2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0AF2AD80-5E65-4B57-933B-C395E98EF10D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tetex:tetex:2.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "07C92A0E-1DDA-4F83-A904-24A35C38883A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tetex:tetex:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9178B36F-41D5-4AE7-B9C8-56BDEADE76EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B93B3ED-AF82-49A9-8C7F-E5F652F19669",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:conectiva:linux:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A35FC777-A34E-4C7B-9E93-8F17F3AD5180",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CAE037F-111C-4A76-8FFE-716B74D65EF3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:alpha:*:*:*:*:*",
              "matchCriteriaId": "A6B060E4-B5A6-4469-828E-211C52542547",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:arm:*:*:*:*:*",
              "matchCriteriaId": "974C3541-990C-4CD4-A05A-38FA74A84632",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:hppa:*:*:*:*:*",
              "matchCriteriaId": "6CBF1E0F-C7F3-4F83-9E60-6E63FA7D2775",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-32:*:*:*:*:*",
              "matchCriteriaId": "58792F77-B06F-4780-BA25-FE1EE6C3FDD9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-64:*:*:*:*:*",
              "matchCriteriaId": "C9419322-572F-4BB6-8416-C5E96541CF33",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:m68k:*:*:*:*:*",
              "matchCriteriaId": "BFC50555-C084-46A3-9C9F-949C5E3BB448",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mips:*:*:*:*:*",
              "matchCriteriaId": "9C25D6E1-D283-4CEA-B47B-60C47A5C0797",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mipsel:*:*:*:*:*",
              "matchCriteriaId": "AD18A446-C634-417E-86AC-B19B6DDDC856",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ppc:*:*:*:*:*",
              "matchCriteriaId": "E4BB852E-61B2-4842-989F-C6C0C901A8D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:s-390:*:*:*:*:*",
              "matchCriteriaId": "24DD9D59-E2A2-4116-A887-39E8CC2004FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:sparc:*:*:*:*:*",
              "matchCriteriaId": "F28D7457-607E-4E0C-909A-413F91CFCD82",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2E0C1F8-31F5-4F61-9DF7-E49B43D3C873",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:alpha:*:*:*:*:*",
              "matchCriteriaId": "5BF84240-1881-4EFB-BB2F-F9CE8AD09C7B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:amd64:*:*:*:*:*",
              "matchCriteriaId": "AF8AE8C4-810F-41AB-A251-5A2D4DD6884D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:arm:*:*:*:*:*",
              "matchCriteriaId": "5EACF214-FA27-44FF-A431-927AB79377A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:hppa:*:*:*:*:*",
              "matchCriteriaId": "E2B58895-0E2A-4466-9CB2-0083349A83B2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:ia-32:*:*:*:*:*",
              "matchCriteriaId": "03F8220A-9B1C-40AA-AEAB-F9A93225FBD5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:ia-64:*:*:*:*:*",
              "matchCriteriaId": "2311919C-7864-469D-B0F6-9B11D8D0A1C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:m68k:*:*:*:*:*",
              "matchCriteriaId": "19876495-4C1A-487C-955A-C5AA46362A1F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:mips:*:*:*:*:*",
              "matchCriteriaId": "D75286DD-50BC-4B72-8AC8-E20730124DC2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:mipsel:*:*:*:*:*",
              "matchCriteriaId": "1998C972-497E-4916-B50E-FB32303EEA8E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:ppc:*:*:*:*:*",
              "matchCriteriaId": "A6CD3DD9-3A8A-4716-A2D1-136A790AFF94",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:s-390:*:*:*:*:*",
              "matchCriteriaId": "6CE2020A-4FB2-4FCD-8561-7BD147CD95EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:sparc:*:*:*:*:*",
              "matchCriteriaId": "08E90AFA-C262-46D0-B60E-26B67C9602D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "647BA336-5538-4972-9271-383A0EC9378E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3528DABD-B821-4D23-AE12-614A9CA92C46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:x86-64:*:*:*:*:*",
              "matchCriteriaId": "0315FB43-D199-4734-B724-50ED031C0020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "11D69B83-4EF3-407B-8E8C-DE623F099C17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.2:*:x86-64:*:*:*:*:*",
              "matchCriteriaId": "7D221688-18A0-453D-8D13-6B68011FCA13",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2006:*:*:*:*:*:*:*",
              "matchCriteriaId": "597094EC-D23F-4EC4-A140-96F287679124",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2006:*:x86-64:*:*:*:*:*",
              "matchCriteriaId": "C4FCF0D3-A6CB-448E-B0D3-DA82BE02DEC8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0F0D201-B1DC-4024-AF77-A284673618F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "052E3862-BFB7-42E7-889D-8590AFA8EF37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2BB0B27C-04EA-426F-9016-7406BACD91DF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "BB2B1BA5-8370-4281-B5C9-3D4FE6C70FBC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*",
              "matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*",
              "matchCriteriaId": "A4A9461E-C117-42EC-9F14-DF2A82BA7C5D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*",
              "matchCriteriaId": "E0B458EA-495E-40FA-9379-C03757F7B1EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:*",
              "matchCriteriaId": "409E324A-C040-494F-A026-9DCAE01C07F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*",
              "matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*",
              "matchCriteriaId": "6474B775-C893-491F-A074-802AFB1FEDD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*",
              "matchCriteriaId": "78B46FFA-5B09-473E-AD33-3DB18BD0DAFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*",
              "matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*",
              "matchCriteriaId": "0EFE2E73-9536-41A9-B83B-0A06B54857F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:advanced_server:*:*:*:*:*",
              "matchCriteriaId": "F9440B25-D206-4914-9557-B5F030890DEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:enterprise_server:*:*:*:*:*",
              "matchCriteriaId": "E9933557-3BCA-4D92-AD4F-27758A0D3347",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:workstation:*:*:*:*:*",
              "matchCriteriaId": "10A60552-15A5-4E95-B3CE-99A4B26260C1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D74A418-50F0-42C0-ABBC-BBBE718FF025",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:fedora_core:core_1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C84296C-2C8A-4DCD-9751-52951F8BEA9F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC80CF67-C51D-442C-9526-CFEDE84A6304",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:fedora_core:core_4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C720DACC-CF4B-4A00-818C-8303A7D7DED6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:7.3:*:i386:*:*:*:*:*",
              "matchCriteriaId": "9B502A61-44FB-4CD4-85BE-88D4ACCCA441",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:9.0:*:i386:*:*:*:*:*",
              "matchCriteriaId": "F3FDE8C4-5FFD-4CC2-9F35-7C32043966D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*",
              "matchCriteriaId": "84A50ED3-FD0D-4038-B3E7-CC65D166C968",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium:*:*:*:*:*",
              "matchCriteriaId": "8DBD9D3C-40AB-449D-A9A8-A09DF2DEDB96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sco:openserver:5.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9D76A8D-832B-411E-A458-186733C66010",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sco:openserver:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7458BA31-812E-40C9-BB92-8688A3BCBA56",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:slackware:slackware_linux:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "300A6A65-05FD-401C-80F6-B5F5B1F056E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:slackware:slackware_linux:9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA3D53C9-3806-45E6-8AE9-7D41280EF64C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:slackware:slackware_linux:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D29C5A03-A7C9-4780-BB63-CF1E874D018D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:slackware:slackware_linux:10.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B85EF0EE-3E61-4CA3-9F00-610AB2E1CFCF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:slackware:slackware_linux:10.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "70440F49-AEE9-41BE-8E1A-43AB657C8E09",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "02EE2D72-B1E6-4380-80B0-E40A23DDD115",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:enterprise_server:*:*:*:*:*",
              "matchCriteriaId": "F7446746-87B7-4BD3-AABF-1E0FAA8265AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:personal:*:*:*:*:*",
              "matchCriteriaId": "F239BA8A-6B41-4B08-8C7C-25D235812C50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:professional:*:*:*:*:*",
              "matchCriteriaId": "89BA858B-9466-4640-84AE-DC5BDC65D6B8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:s_390:*:*:*:*:*",
              "matchCriteriaId": "85F2D904-E830-4034-9CCB-0FF65019622C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "56EF103F-5668-4754-A83B-D3662D0CE815",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:personal:*:*:*:*:*",
              "matchCriteriaId": "3EA56868-ACA1-4C65-9FFB-A68129D2428A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:professional:*:*:*:*:*",
              "matchCriteriaId": "1BA2E629-58C6-4BA0-A447-F8F570B35E74",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "D5F98B9A-880E-45F0-8C16-12B22970F0D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:personal:*:*:*:*:*",
              "matchCriteriaId": "3BEE15E9-9194-4E37-AB3B-66ECD5AC9E11",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:professional:*:*:*:*:*",
              "matchCriteriaId": "C89BA3B6-370B-4911-A363-935A9C9EACF5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "B905C6E9-5058-4FD7-95B6-CD6AB6B2F516",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.3:*:personal:*:*:*:*:*",
              "matchCriteriaId": "4F1B4D15-0562-44D6-B80B-35A8F432BD41",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.3:*:professional:*:*:*:*:*",
              "matchCriteriaId": "D84ABF78-0D85-4E15-907E-B5ACE86EB8C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.3:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "9C7018E7-F90C-435D-A07A-05A294EA2827",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:10.0:*:oss:*:*:*:*:*",
              "matchCriteriaId": "16915004-1006-41D6-9E42-D1A5041E442D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:10.0:*:professional:*:*:*:*:*",
              "matchCriteriaId": "994ABCE2-3B9E-4E4E-83F7-CE2A79C70F64",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:trustix:secure_linux:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "53AF1A2D-B0A2-4097-AD1D-DF3AF27171BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:trustix:secure_linux:2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5AB70F82-52BB-4D0D-9A24-9AF67278466D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:trustix:secure_linux:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "100A2456-BF20-4461-8DC9-C61889322B29",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux:10:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C7D4F57-E186-497A-B390-92E5D2C7E894",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux:fuji:*:*:*:*:*:*:*",
              "matchCriteriaId": "CEC3F6F3-9A6E-4A98-A967-6776C872475C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_appliance_server:1.0_hosting_edition:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC3218DD-A565-4AB8-86FE-E7F59AC0535F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_appliance_server:1.0_workgroup_edition:*:*:*:*:*:*:*",
              "matchCriteriaId": "97AEDB57-202F-4B53-8815-21836F177060",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_desktop:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "31C3FFDD-03BF-4FD4-B7A7-B62AFD5DBA19",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_home:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "065FF0F1-7FAC-4584-92EA-EAA87DC76FA1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_multimedia:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E27180A1-9767-4CD3-978C-7538155B162D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_personal:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BAAA9376-A060-49AE-86A7-6B28E26ED5D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_server:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E06DCF0D-3241-453A-A0E4-937FE25EC404",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_server:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B484D091-62DE-4EF2-AC54-26896CA8B315",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_server:10.0_x86:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC5AC26E-3F3F-4D14-BE65-82B4432AB382",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_workstation:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9428589A-0BD2-469E-978D-38239117D972",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ia64:*:*:*:*:*",
              "matchCriteriaId": "6E94583A-5184-462E-9FC4-57B35DA06DA7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ppc:*:*:*:*:*",
              "matchCriteriaId": "E905FAAD-37B6-4DD0-A752-2974F8336273",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:amd64:*:*:*:*:*",
              "matchCriteriaId": "3BD12488-1ED8-4751-ABF5-3578D54750A8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:i386:*:*:*:*:*",
              "matchCriteriaId": "AE3733CF-4C88-443C-9B90-6477C9C500D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:powerpc:*:*:*:*:*",
              "matchCriteriaId": "9C500A75-D75E-45B4-B582-0F0DF27C3C04",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:amd64:*:*:*:*:*",
              "matchCriteriaId": "86FD134D-A5C5-4B08-962D-70CF07C74923",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:i386:*:*:*:*:*",
              "matchCriteriaId": "FA84692E-F99D-4207-B4F2-799A6ADB88AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:powerpc:*:*:*:*:*",
              "matchCriteriaId": "8B0F1091-4B76-44F5-B896-6D37E2F909A2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows."
    }
  ],
  "id": "CVE-2005-3624",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2005-12-31T05:00:00.000",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt"
    },
    {
      "source": "secalert@redhat.com",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U"
    },
    {
      "source": "secalert@redhat.com",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U"
    },
    {
      "source": "secalert@redhat.com",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Exploit",
        "Vendor Advisory"
      ],
      "url": "http://scary.beasts.org/security/CESA-2005-003.txt"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18147"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18303"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18312"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18313"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18329"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18332"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18334"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18338"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18349"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18373"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18375"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18380"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18385"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18387"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18389"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18398"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18407"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18414"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18416"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18423"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18425"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18428"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18436"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18448"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18463"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18517"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18534"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18554"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18582"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18642"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18644"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18674"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18675"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18679"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18908"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18913"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/19230"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/19377"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/25729"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2005/dsa-931"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2005/dsa-932"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2005/dsa-937"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2005/dsa-938"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2005/dsa-940"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-936"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-950"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-961"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-962"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.kde.org/info/security/advisory-20051207-2.txt"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/16143"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.trustix.org/errata/2006/0002/"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2006/0047"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2007/2280"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24022"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9437"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://usn.ubuntu.com/236-1/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Vendor Advisory"
      ],
      "url": "http://scary.beasts.org/security/CESA-2005-003.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18147"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18303"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18312"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18313"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18329"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18332"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18334"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18338"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18349"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18373"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18375"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18380"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18385"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18387"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18389"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18398"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18407"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18414"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18416"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18423"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18425"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18428"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18436"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18448"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18463"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18517"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18534"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18554"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18582"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18642"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18644"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18674"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18675"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18679"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18908"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18913"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19230"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19377"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/25729"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2005/dsa-931"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2005/dsa-932"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2005/dsa-937"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2005/dsa-938"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2005/dsa-940"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-936"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-950"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-961"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-962"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.kde.org/info/security/advisory-20051207-2.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/16143"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.trustix.org/errata/2006/0002/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2006/0047"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/2280"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24022"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9437"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://usn.ubuntu.com/236-1/"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vendorComments": [
    {
      "comment": "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.",
      "lastModified": "2007-03-14T00:00:00",
      "organization": "Red Hat"
    }
  ],
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-189"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2005-12-31 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference.
References
secalert@redhat.comftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt
secalert@redhat.comftp://patches.sgi.com/support/free/security/advisories/20051201-01-U
secalert@redhat.comftp://patches.sgi.com/support/free/security/advisories/20060101-01-U
secalert@redhat.comftp://patches.sgi.com/support/free/security/advisories/20060201-01-U
secalert@redhat.comhttp://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.htmlPatch, Vendor Advisory
secalert@redhat.comhttp://rhn.redhat.com/errata/RHSA-2006-0177.htmlPatch, Vendor Advisory
secalert@redhat.comhttp://scary.beasts.org/security/CESA-2005-003.txtExploit
secalert@redhat.comhttp://secunia.com/advisories/18147
secalert@redhat.comhttp://secunia.com/advisories/18303Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18312Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18313Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18329Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18332Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18334Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18335Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18338Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18349Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18373
secalert@redhat.comhttp://secunia.com/advisories/18375Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18380
secalert@redhat.comhttp://secunia.com/advisories/18385Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18387Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18389Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18398Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18407Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18414
secalert@redhat.comhttp://secunia.com/advisories/18416Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18423Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18425
secalert@redhat.comhttp://secunia.com/advisories/18428
secalert@redhat.comhttp://secunia.com/advisories/18436
secalert@redhat.comhttp://secunia.com/advisories/18448Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18463
secalert@redhat.comhttp://secunia.com/advisories/18517Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18534Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18554Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18582Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18642Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18644Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18674Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18675Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18679Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18908
secalert@redhat.comhttp://secunia.com/advisories/18913
secalert@redhat.comhttp://secunia.com/advisories/19230
secalert@redhat.comhttp://secunia.com/advisories/19377
secalert@redhat.comhttp://secunia.com/advisories/25729
secalert@redhat.comhttp://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683
secalert@redhat.comhttp://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747
secalert@redhat.comhttp://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1
secalert@redhat.comhttp://www.debian.org/security/2005/dsa-931
secalert@redhat.comhttp://www.debian.org/security/2005/dsa-932
secalert@redhat.comhttp://www.debian.org/security/2005/dsa-937
secalert@redhat.comhttp://www.debian.org/security/2005/dsa-938
secalert@redhat.comhttp://www.debian.org/security/2005/dsa-940
secalert@redhat.comhttp://www.debian.org/security/2006/dsa-936Patch, Vendor Advisory
secalert@redhat.comhttp://www.debian.org/security/2006/dsa-950Patch, Vendor Advisory
secalert@redhat.comhttp://www.debian.org/security/2006/dsa-961Patch, Vendor Advisory
secalert@redhat.comhttp://www.debian.org/security/2006/dsa-962
secalert@redhat.comhttp://www.gentoo.org/security/en/glsa/glsa-200601-02.xmlPatch, Vendor Advisory
secalert@redhat.comhttp://www.gentoo.org/security/en/glsa/glsa-200601-17.xml
secalert@redhat.comhttp://www.kde.org/info/security/advisory-20051207-2.txtPatch, Vendor Advisory
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2006:003
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2006:004
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2006:005
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2006:006
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2006:008
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2006:010
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2006:011
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2006:012
secalert@redhat.comhttp://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.htmlPatch
secalert@redhat.comhttp://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.htmlPatch
secalert@redhat.comhttp://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html
secalert@redhat.comhttp://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2006-0160.htmlPatch, Vendor Advisory
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2006-0163.html
secalert@redhat.comhttp://www.securityfocus.com/archive/1/427053/100/0/threaded
secalert@redhat.comhttp://www.securityfocus.com/archive/1/427990/100/0/threaded
secalert@redhat.comhttp://www.securityfocus.com/bid/16143Patch
secalert@redhat.comhttp://www.trustix.org/errata/2006/0002/
secalert@redhat.comhttp://www.vupen.com/english/advisories/2006/0047
secalert@redhat.comhttp://www.vupen.com/english/advisories/2007/2280
secalert@redhat.comhttps://exchange.xforce.ibmcloud.com/vulnerabilities/24026
secalert@redhat.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9992
secalert@redhat.comhttps://usn.ubuntu.com/236-1/
af854a3a-2127-422b-91ae-364da2661108ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt
af854a3a-2127-422b-91ae-364da2661108ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U
af854a3a-2127-422b-91ae-364da2661108ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U
af854a3a-2127-422b-91ae-364da2661108ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U
af854a3a-2127-422b-91ae-364da2661108http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.htmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2006-0177.htmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://scary.beasts.org/security/CESA-2005-003.txtExploit
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18147
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18303Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18312Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18313Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18329Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18332Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18334Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18335Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18338Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18349Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18373
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18375Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18380
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18385Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18387Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18389Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18398Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18407Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18414
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18416Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18423Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18425
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18428
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18436
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18448Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18463
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18517Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18534Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18554Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18582Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18642Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18644Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18674Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18675Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18679Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18908
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18913
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19230
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19377
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/25729
af854a3a-2127-422b-91ae-364da2661108http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683
af854a3a-2127-422b-91ae-364da2661108http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747
af854a3a-2127-422b-91ae-364da2661108http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2005/dsa-931
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2005/dsa-932
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2005/dsa-937
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2005/dsa-938
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2005/dsa-940
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2006/dsa-936Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2006/dsa-950Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2006/dsa-961Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2006/dsa-962
af854a3a-2127-422b-91ae-364da2661108http://www.gentoo.org/security/en/glsa/glsa-200601-02.xmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml
af854a3a-2127-422b-91ae-364da2661108http://www.kde.org/info/security/advisory-20051207-2.txtPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:003
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:004
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:005
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:006
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:008
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:010
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:011
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:012
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.htmlPatch
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.htmlPatch
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2006-0160.htmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2006-0163.html
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/427053/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/427990/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/16143Patch
af854a3a-2127-422b-91ae-364da2661108http://www.trustix.org/errata/2006/0002/
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2006/0047
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2007/2280
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/24026
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9992
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/236-1/
Impacted products
Vendor Product Version
easy_software_products cups 1.1.22
easy_software_products cups 1.1.22_rc1
easy_software_products cups 1.1.23
easy_software_products cups 1.1.23_rc1
kde kdegraphics 3.2
kde kdegraphics 3.4.3
kde koffice 1.4
kde koffice 1.4.1
kde koffice 1.4.2
kde kpdf 3.2
kde kpdf 3.4.3
kde kword 1.4.2
libextractor libextractor *
poppler poppler 0.4.2
sgi propack 3.0
tetex tetex 1.0.7
tetex tetex 2.0
tetex tetex 2.0.1
tetex tetex 2.0.2
tetex tetex 3.0
xpdf xpdf 3.0
conectiva linux 10.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.1
debian debian_linux 3.1
debian debian_linux 3.1
debian debian_linux 3.1
debian debian_linux 3.1
debian debian_linux 3.1
debian debian_linux 3.1
debian debian_linux 3.1
debian debian_linux 3.1
debian debian_linux 3.1
debian debian_linux 3.1
debian debian_linux 3.1
debian debian_linux 3.1
gentoo linux *
mandrakesoft mandrake_linux 10.1
mandrakesoft mandrake_linux 10.1
mandrakesoft mandrake_linux 10.2
mandrakesoft mandrake_linux 10.2
mandrakesoft mandrake_linux 2006
mandrakesoft mandrake_linux 2006
mandrakesoft mandrake_linux_corporate_server 2.1
mandrakesoft mandrake_linux_corporate_server 2.1
mandrakesoft mandrake_linux_corporate_server 3.0
mandrakesoft mandrake_linux_corporate_server 3.0
redhat enterprise_linux 2.1
redhat enterprise_linux 2.1
redhat enterprise_linux 2.1
redhat enterprise_linux 2.1
redhat enterprise_linux 2.1
redhat enterprise_linux 2.1
redhat enterprise_linux 3.0
redhat enterprise_linux 3.0
redhat enterprise_linux 3.0
redhat enterprise_linux 4.0
redhat enterprise_linux 4.0
redhat enterprise_linux 4.0
redhat enterprise_linux_desktop 3.0
redhat enterprise_linux_desktop 4.0
redhat fedora_core core_1.0
redhat fedora_core core_2.0
redhat fedora_core core_3.0
redhat fedora_core core_4.0
redhat linux 7.3
redhat linux 9.0
redhat linux_advanced_workstation 2.1
redhat linux_advanced_workstation 2.1
sco openserver 5.0.7
sco openserver 6.0
slackware slackware_linux 9.0
slackware slackware_linux 9.1
slackware slackware_linux 10.0
slackware slackware_linux 10.1
slackware slackware_linux 10.2
suse suse_linux 1.0
suse suse_linux 9.0
suse suse_linux 9.0
suse suse_linux 9.0
suse suse_linux 9.0
suse suse_linux 9.0
suse suse_linux 9.1
suse suse_linux 9.1
suse suse_linux 9.1
suse suse_linux 9.2
suse suse_linux 9.2
suse suse_linux 9.2
suse suse_linux 9.3
suse suse_linux 9.3
suse suse_linux 9.3
suse suse_linux 10.0
suse suse_linux 10.0
trustix secure_linux 2.0
trustix secure_linux 2.2
trustix secure_linux 3.0
turbolinux turbolinux 10
turbolinux turbolinux fuji
turbolinux turbolinux_appliance_server 1.0_hosting_edition
turbolinux turbolinux_appliance_server 1.0_workgroup_edition
turbolinux turbolinux_desktop 10.0
turbolinux turbolinux_home *
turbolinux turbolinux_multimedia *
turbolinux turbolinux_personal *
turbolinux turbolinux_server 8.0
turbolinux turbolinux_server 10.0
turbolinux turbolinux_server 10.0_x86
turbolinux turbolinux_workstation 8.0
ubuntu ubuntu_linux 4.1
ubuntu ubuntu_linux 4.1
ubuntu ubuntu_linux 5.04
ubuntu ubuntu_linux 5.04
ubuntu ubuntu_linux 5.04
ubuntu ubuntu_linux 5.10
ubuntu ubuntu_linux 5.10
ubuntu ubuntu_linux 5.10



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1512A96-B8E7-4DB7-A4CB-8FD3773BFC97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.22_rc1:*:*:*:*:*:*:*",
              "matchCriteriaId": "787B918D-9CCC-44FE-92AF-E8DF1E91A3C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "C116493B-2837-4531-9291-A9FF03099A97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.23_rc1:*:*:*:*:*:*:*",
              "matchCriteriaId": "525BD04B-387F-4713-BC89-472D0D0BCFD0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:kdegraphics:3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6BF92649-90CE-4E75-A938-61D0916B5A7E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:kdegraphics:3.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CA505B4-0C17-49C8-9533-CA8CE3AA77D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:koffice:1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "37C08E0A-651F-458B-BCEC-A30DCD527E47",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:koffice:1.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6000D6AF-C056-4BC0-A54C-72E23E52AB92",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:koffice:1.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7D036E4-FA49-417D-968B-9D73B16A09BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:kpdf:3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDAF6452-F3B0-4F62-893E-BCFA6AB7AE3B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:kpdf:3.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC2AB9CB-DEAB-45AB-A7CA-D19E069907EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:kword:1.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EAC32BAA-99B3-4B40-83A3-ED9E1B12B295",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libextractor:libextractor:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "679D9520-DE8E-4D06-A227-3B1C1D05977D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "63C92F1C-3005-4EA6-B9C0-2BC2E3D611D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sgi:propack:3.0:sp6:*:*:*:*:*:*",
              "matchCriteriaId": "EF8ABD90-AD2B-4FA0-A355-9D7CD6D3C486",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tetex:tetex:1.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "C86C7D6F-C39E-4403-86C6-F87599570E97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tetex:tetex:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "236005A1-C175-44D3-8D0C-C48F943F3D66",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tetex:tetex:2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0AF2AD80-5E65-4B57-933B-C395E98EF10D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tetex:tetex:2.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "07C92A0E-1DDA-4F83-A904-24A35C38883A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tetex:tetex:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9178B36F-41D5-4AE7-B9C8-56BDEADE76EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B93B3ED-AF82-49A9-8C7F-E5F652F19669",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:conectiva:linux:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A35FC777-A34E-4C7B-9E93-8F17F3AD5180",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CAE037F-111C-4A76-8FFE-716B74D65EF3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:alpha:*:*:*:*:*",
              "matchCriteriaId": "A6B060E4-B5A6-4469-828E-211C52542547",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:arm:*:*:*:*:*",
              "matchCriteriaId": "974C3541-990C-4CD4-A05A-38FA74A84632",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:hppa:*:*:*:*:*",
              "matchCriteriaId": "6CBF1E0F-C7F3-4F83-9E60-6E63FA7D2775",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-32:*:*:*:*:*",
              "matchCriteriaId": "58792F77-B06F-4780-BA25-FE1EE6C3FDD9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-64:*:*:*:*:*",
              "matchCriteriaId": "C9419322-572F-4BB6-8416-C5E96541CF33",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:m68k:*:*:*:*:*",
              "matchCriteriaId": "BFC50555-C084-46A3-9C9F-949C5E3BB448",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mips:*:*:*:*:*",
              "matchCriteriaId": "9C25D6E1-D283-4CEA-B47B-60C47A5C0797",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mipsel:*:*:*:*:*",
              "matchCriteriaId": "AD18A446-C634-417E-86AC-B19B6DDDC856",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ppc:*:*:*:*:*",
              "matchCriteriaId": "E4BB852E-61B2-4842-989F-C6C0C901A8D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:s-390:*:*:*:*:*",
              "matchCriteriaId": "24DD9D59-E2A2-4116-A887-39E8CC2004FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:sparc:*:*:*:*:*",
              "matchCriteriaId": "F28D7457-607E-4E0C-909A-413F91CFCD82",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2E0C1F8-31F5-4F61-9DF7-E49B43D3C873",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:alpha:*:*:*:*:*",
              "matchCriteriaId": "5BF84240-1881-4EFB-BB2F-F9CE8AD09C7B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:amd64:*:*:*:*:*",
              "matchCriteriaId": "AF8AE8C4-810F-41AB-A251-5A2D4DD6884D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:arm:*:*:*:*:*",
              "matchCriteriaId": "5EACF214-FA27-44FF-A431-927AB79377A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:hppa:*:*:*:*:*",
              "matchCriteriaId": "E2B58895-0E2A-4466-9CB2-0083349A83B2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:ia-32:*:*:*:*:*",
              "matchCriteriaId": "03F8220A-9B1C-40AA-AEAB-F9A93225FBD5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:ia-64:*:*:*:*:*",
              "matchCriteriaId": "2311919C-7864-469D-B0F6-9B11D8D0A1C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:m68k:*:*:*:*:*",
              "matchCriteriaId": "19876495-4C1A-487C-955A-C5AA46362A1F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:mips:*:*:*:*:*",
              "matchCriteriaId": "D75286DD-50BC-4B72-8AC8-E20730124DC2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:mipsel:*:*:*:*:*",
              "matchCriteriaId": "1998C972-497E-4916-B50E-FB32303EEA8E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:ppc:*:*:*:*:*",
              "matchCriteriaId": "A6CD3DD9-3A8A-4716-A2D1-136A790AFF94",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:s-390:*:*:*:*:*",
              "matchCriteriaId": "6CE2020A-4FB2-4FCD-8561-7BD147CD95EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:sparc:*:*:*:*:*",
              "matchCriteriaId": "08E90AFA-C262-46D0-B60E-26B67C9602D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "647BA336-5538-4972-9271-383A0EC9378E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3528DABD-B821-4D23-AE12-614A9CA92C46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:x86-64:*:*:*:*:*",
              "matchCriteriaId": "0315FB43-D199-4734-B724-50ED031C0020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "11D69B83-4EF3-407B-8E8C-DE623F099C17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.2:*:x86-64:*:*:*:*:*",
              "matchCriteriaId": "7D221688-18A0-453D-8D13-6B68011FCA13",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2006:*:*:*:*:*:*:*",
              "matchCriteriaId": "597094EC-D23F-4EC4-A140-96F287679124",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2006:*:x86-64:*:*:*:*:*",
              "matchCriteriaId": "C4FCF0D3-A6CB-448E-B0D3-DA82BE02DEC8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0F0D201-B1DC-4024-AF77-A284673618F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "052E3862-BFB7-42E7-889D-8590AFA8EF37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2BB0B27C-04EA-426F-9016-7406BACD91DF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "BB2B1BA5-8370-4281-B5C9-3D4FE6C70FBC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*",
              "matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*",
              "matchCriteriaId": "A4A9461E-C117-42EC-9F14-DF2A82BA7C5D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*",
              "matchCriteriaId": "E0B458EA-495E-40FA-9379-C03757F7B1EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:*",
              "matchCriteriaId": "409E324A-C040-494F-A026-9DCAE01C07F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*",
              "matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*",
              "matchCriteriaId": "6474B775-C893-491F-A074-802AFB1FEDD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*",
              "matchCriteriaId": "78B46FFA-5B09-473E-AD33-3DB18BD0DAFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*",
              "matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*",
              "matchCriteriaId": "0EFE2E73-9536-41A9-B83B-0A06B54857F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:advanced_server:*:*:*:*:*",
              "matchCriteriaId": "F9440B25-D206-4914-9557-B5F030890DEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:enterprise_server:*:*:*:*:*",
              "matchCriteriaId": "E9933557-3BCA-4D92-AD4F-27758A0D3347",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:workstation:*:*:*:*:*",
              "matchCriteriaId": "10A60552-15A5-4E95-B3CE-99A4B26260C1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D74A418-50F0-42C0-ABBC-BBBE718FF025",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:fedora_core:core_1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C84296C-2C8A-4DCD-9751-52951F8BEA9F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC80CF67-C51D-442C-9526-CFEDE84A6304",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:fedora_core:core_4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C720DACC-CF4B-4A00-818C-8303A7D7DED6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:7.3:*:i386:*:*:*:*:*",
              "matchCriteriaId": "9B502A61-44FB-4CD4-85BE-88D4ACCCA441",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:9.0:*:i386:*:*:*:*:*",
              "matchCriteriaId": "F3FDE8C4-5FFD-4CC2-9F35-7C32043966D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*",
              "matchCriteriaId": "84A50ED3-FD0D-4038-B3E7-CC65D166C968",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium:*:*:*:*:*",
              "matchCriteriaId": "8DBD9D3C-40AB-449D-A9A8-A09DF2DEDB96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sco:openserver:5.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9D76A8D-832B-411E-A458-186733C66010",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sco:openserver:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7458BA31-812E-40C9-BB92-8688A3BCBA56",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:slackware:slackware_linux:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "300A6A65-05FD-401C-80F6-B5F5B1F056E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:slackware:slackware_linux:9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA3D53C9-3806-45E6-8AE9-7D41280EF64C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:slackware:slackware_linux:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D29C5A03-A7C9-4780-BB63-CF1E874D018D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:slackware:slackware_linux:10.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B85EF0EE-3E61-4CA3-9F00-610AB2E1CFCF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:slackware:slackware_linux:10.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "70440F49-AEE9-41BE-8E1A-43AB657C8E09",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "02EE2D72-B1E6-4380-80B0-E40A23DDD115",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:enterprise_server:*:*:*:*:*",
              "matchCriteriaId": "F7446746-87B7-4BD3-AABF-1E0FAA8265AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:personal:*:*:*:*:*",
              "matchCriteriaId": "F239BA8A-6B41-4B08-8C7C-25D235812C50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:professional:*:*:*:*:*",
              "matchCriteriaId": "89BA858B-9466-4640-84AE-DC5BDC65D6B8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:s_390:*:*:*:*:*",
              "matchCriteriaId": "85F2D904-E830-4034-9CCB-0FF65019622C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "56EF103F-5668-4754-A83B-D3662D0CE815",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:personal:*:*:*:*:*",
              "matchCriteriaId": "3EA56868-ACA1-4C65-9FFB-A68129D2428A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:professional:*:*:*:*:*",
              "matchCriteriaId": "1BA2E629-58C6-4BA0-A447-F8F570B35E74",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "D5F98B9A-880E-45F0-8C16-12B22970F0D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:personal:*:*:*:*:*",
              "matchCriteriaId": "3BEE15E9-9194-4E37-AB3B-66ECD5AC9E11",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:professional:*:*:*:*:*",
              "matchCriteriaId": "C89BA3B6-370B-4911-A363-935A9C9EACF5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "B905C6E9-5058-4FD7-95B6-CD6AB6B2F516",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.3:*:personal:*:*:*:*:*",
              "matchCriteriaId": "4F1B4D15-0562-44D6-B80B-35A8F432BD41",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.3:*:professional:*:*:*:*:*",
              "matchCriteriaId": "D84ABF78-0D85-4E15-907E-B5ACE86EB8C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.3:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "9C7018E7-F90C-435D-A07A-05A294EA2827",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:10.0:*:oss:*:*:*:*:*",
              "matchCriteriaId": "16915004-1006-41D6-9E42-D1A5041E442D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:10.0:*:professional:*:*:*:*:*",
              "matchCriteriaId": "994ABCE2-3B9E-4E4E-83F7-CE2A79C70F64",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:trustix:secure_linux:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "53AF1A2D-B0A2-4097-AD1D-DF3AF27171BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:trustix:secure_linux:2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5AB70F82-52BB-4D0D-9A24-9AF67278466D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:trustix:secure_linux:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "100A2456-BF20-4461-8DC9-C61889322B29",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux:10:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C7D4F57-E186-497A-B390-92E5D2C7E894",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux:fuji:*:*:*:*:*:*:*",
              "matchCriteriaId": "CEC3F6F3-9A6E-4A98-A967-6776C872475C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_appliance_server:1.0_hosting_edition:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC3218DD-A565-4AB8-86FE-E7F59AC0535F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_appliance_server:1.0_workgroup_edition:*:*:*:*:*:*:*",
              "matchCriteriaId": "97AEDB57-202F-4B53-8815-21836F177060",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_desktop:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "31C3FFDD-03BF-4FD4-B7A7-B62AFD5DBA19",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_home:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "065FF0F1-7FAC-4584-92EA-EAA87DC76FA1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_multimedia:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E27180A1-9767-4CD3-978C-7538155B162D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_personal:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BAAA9376-A060-49AE-86A7-6B28E26ED5D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_server:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E06DCF0D-3241-453A-A0E4-937FE25EC404",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_server:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B484D091-62DE-4EF2-AC54-26896CA8B315",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_server:10.0_x86:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC5AC26E-3F3F-4D14-BE65-82B4432AB382",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_workstation:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9428589A-0BD2-469E-978D-38239117D972",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ia64:*:*:*:*:*",
              "matchCriteriaId": "6E94583A-5184-462E-9FC4-57B35DA06DA7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ppc:*:*:*:*:*",
              "matchCriteriaId": "E905FAAD-37B6-4DD0-A752-2974F8336273",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:amd64:*:*:*:*:*",
              "matchCriteriaId": "3BD12488-1ED8-4751-ABF5-3578D54750A8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:i386:*:*:*:*:*",
              "matchCriteriaId": "AE3733CF-4C88-443C-9B90-6477C9C500D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:powerpc:*:*:*:*:*",
              "matchCriteriaId": "9C500A75-D75E-45B4-B582-0F0DF27C3C04",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:amd64:*:*:*:*:*",
              "matchCriteriaId": "86FD134D-A5C5-4B08-962D-70CF07C74923",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:i386:*:*:*:*:*",
              "matchCriteriaId": "FA84692E-F99D-4207-B4F2-799A6ADB88AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:powerpc:*:*:*:*:*",
              "matchCriteriaId": "8B0F1091-4B76-44F5-B896-6D37E2F909A2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference."
    }
  ],
  "id": "CVE-2005-3626",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2005-12-31T05:00:00.000",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt"
    },
    {
      "source": "secalert@redhat.com",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U"
    },
    {
      "source": "secalert@redhat.com",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U"
    },
    {
      "source": "secalert@redhat.com",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Exploit"
      ],
      "url": "http://scary.beasts.org/security/CESA-2005-003.txt"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18147"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18303"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18312"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18313"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18329"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18332"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18334"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18335"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18338"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18349"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18373"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18375"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18380"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18385"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18387"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18389"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18398"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18407"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18414"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18416"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18423"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18425"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18428"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18436"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18448"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18463"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18517"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18534"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18554"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18582"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18642"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18644"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18674"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18675"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18679"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18908"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18913"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/19230"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/19377"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/25729"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2005/dsa-931"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2005/dsa-932"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2005/dsa-937"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2005/dsa-938"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2005/dsa-940"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-936"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-950"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-961"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2006/dsa-962"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.kde.org/info/security/advisory-20051207-2.txt"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/16143"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.trustix.org/errata/2006/0002/"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2006/0047"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2007/2280"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24026"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9992"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://usn.ubuntu.com/236-1/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://scary.beasts.org/security/CESA-2005-003.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18147"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18303"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18312"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18313"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18329"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18332"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18334"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18335"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18338"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18349"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18373"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18375"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18380"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18385"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18387"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18389"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18398"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18407"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18414"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18416"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18423"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18425"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18428"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18436"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18448"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18463"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18517"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18534"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18554"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18582"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18642"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18644"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18674"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18675"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18679"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18908"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18913"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19230"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19377"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/25729"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2005/dsa-931"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2005/dsa-932"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2005/dsa-937"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2005/dsa-938"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2005/dsa-940"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-936"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-950"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-961"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2006/dsa-962"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.kde.org/info/security/advisory-20051207-2.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/16143"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.trustix.org/errata/2006/0002/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2006/0047"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/2280"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24026"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9992"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://usn.ubuntu.com/236-1/"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vendorComments": [
    {
      "comment": "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.",
      "lastModified": "2007-03-14T00:00:00",
      "organization": "Red Hat"
    }
  ],
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-399"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2010-11-05 18:00
Modified
2025-04-11 00:51
Severity ?
Summary
The PostScriptFunction::PostScriptFunction function in poppler/Function.cc in the PDF parser in poppler 0.8.7 and possibly other versions up to 0.15.1, and possibly other products, allows context-dependent attackers to cause a denial of service (crash) via a PDF file that triggers an uninitialized pointer dereference.
References
secalert@redhat.comhttp://cgit.freedesktop.org/poppler/poppler/commit/?id=bf2055088a3a2d3bb3d3c37d464954ec1a25771f
secalert@redhat.comhttp://lists.fedoraproject.org/pipermail/package-announce/2010-October/049392.html
secalert@redhat.comhttp://lists.fedoraproject.org/pipermail/package-announce/2010-October/049523.html
secalert@redhat.comhttp://lists.fedoraproject.org/pipermail/package-announce/2010-October/049545.html
secalert@redhat.comhttp://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html
secalert@redhat.comhttp://secunia.com/advisories/42357
secalert@redhat.comhttp://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.571720
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDVSA-2010:231
secalert@redhat.comhttp://www.openwall.com/lists/oss-security/2010/10/04/6
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2010-0859.html
secalert@redhat.comhttp://www.ubuntu.com/usn/USN-1005-1
secalert@redhat.comhttps://bugzilla.redhat.com/show_bug.cgi?id=639356
af854a3a-2127-422b-91ae-364da2661108http://cgit.freedesktop.org/poppler/poppler/commit/?id=bf2055088a3a2d3bb3d3c37d464954ec1a25771f
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049392.html
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049523.html
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049545.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/42357
af854a3a-2127-422b-91ae-364da2661108http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.571720
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2010:231
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2010/10/04/6
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2010-0859.html
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/USN-1005-1
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.redhat.com/show_bug.cgi?id=639356
Impacted products
Vendor Product Version
poppler poppler 0.8.7
poppler poppler 0.9.0
poppler poppler 0.9.1
poppler poppler 0.9.2
poppler poppler 0.9.3
poppler poppler 0.10.0
poppler poppler 0.10.1
poppler poppler 0.10.2
poppler poppler 0.10.3
poppler poppler 0.10.4
poppler poppler 0.10.5
poppler poppler 0.10.6
poppler poppler 0.10.7
poppler poppler 0.11.0
poppler poppler 0.11.1
poppler poppler 0.11.2
poppler poppler 0.11.3
poppler poppler 0.12.0
poppler poppler 0.12.1
poppler poppler 0.12.2
poppler poppler 0.12.3
poppler poppler 0.12.4
poppler poppler 0.13.0
poppler poppler 0.13.1
poppler poppler 0.13.2
poppler poppler 0.13.3
poppler poppler 0.13.4
poppler poppler 0.14.0
poppler poppler 0.14.1
poppler poppler 0.14.2
poppler poppler 0.14.3
poppler poppler 0.14.4
poppler poppler 0.14.5
poppler poppler 0.15.0
poppler poppler 0.15.1



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "6323ED7A-6FE8-4885-B743-3E2F82ECA08B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "90D3345C-2D35-413C-B6F9-C308BC7C2AA6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "26216EEC-26B7-41C8-ADFB-64D2EA8DAA8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9D3618D-A183-4B09-9CA2-8D622C3486DD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.9.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A88294D9-563E-4AB3-9FE6-971F43B052B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A39F672-B238-4B21-A48E-5121771949F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "58A5D199-E952-44B5-B5E5-170040FA813E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "349B4B75-32E2-49FB-9606-8B057AFA2E3E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "55A8D058-224E-467E-AB61-06F90B541F24",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "77C47EDD-2212-4259-8229-FF05E1A7B5AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "C52995D0-0986-427F-B37D-2F6726EA330D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E4427C5-DBF0-4EF9-8B7A-61D56C14E3FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "B91206CA-7EBE-4E64-9A49-D7EC0D051012",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.11.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BFD43644-7F02-42AF-8EC3-C326A13E2F89",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.11.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "81FE2E6F-44B2-42D5-B986-D1FE2B510968",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.11.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A605079-3705-4E2C-8F6D-C21B4D875817",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.11.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3ABBD590-8092-4920-BBC7-F3ACB9CCC900",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.12.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "14D812D5-BC8B-4907-AA70-F8D7F982A8DD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.12.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E25003C-04CE-401F-B012-F2E13DC8E8C0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.12.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "189FE6D1-C001-4D43-BFD2-B8421C6FAB06",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.12.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "CAF3866C-09D2-4564-A7AE-2C49A5E8480C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.12.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "A43C280F-A571-4EF9-B301-244B05750933",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.13.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D37AC0D5-6811-4FE2-83BB-FEF44B228645",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.13.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2B24274-2F2F-4F3A-8978-390BF69EF0AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.13.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "14959178-17D0-4794-867F-AB62501EEF24",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.13.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1129356-C0B0-4130-A1EF-888B02783317",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.13.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CD0FA23-F797-4FB5-85AD-29AED926E02D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.14.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "77B06D79-50AD-49D0-B372-25CA226EEA80",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.14.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A34735C6-2738-4CCC-9322-8F7584AB616D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.14.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "339A5BC3-7AED-4912-B6D3-BBD5FBF4AA02",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.14.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "325750AA-5E10-457E-88E8-439DFB81FE1E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.14.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "235861C5-B126-4A27-A51F-94568DBA5FBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.14.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "0EE3D5F0-DA69-453A-9729-03FD1151D94E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.15.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "83E52568-A112-4533-9CFA-55D35F40AA9A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.15.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "38A9C7A2-DAC5-4334-9A88-CF9085A34186",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The PostScriptFunction::PostScriptFunction function in poppler/Function.cc in the PDF parser in poppler 0.8.7 and possibly other versions up to 0.15.1, and possibly other products, allows context-dependent attackers to cause a denial of service (crash) via a PDF file that triggers an uninitialized pointer dereference."
    },
    {
      "lang": "es",
      "value": "La funci\u00f3n PostScriptFunction::PostScriptFunction en poppler/Function.cc en el analizador de PDF de poppler v0.8.7 y posiblemente otras versiones hasta v0.15.1, y posiblemente otros, permite provocar una denegaci\u00f3n de servicio (por ca\u00edda de la aplicaci\u00f3n) a atacantes dependientes de contexto a trav\u00e9s de un archivo PDF que desencadena una desreferencia a un puntero no inicializado."
    }
  ],
  "id": "CVE-2010-3703",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2010-11-05T18:00:25.877",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=bf2055088a3a2d3bb3d3c37d464954ec1a25771f"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049392.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049523.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049545.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/42357"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2010\u0026m=slackware-security.571720"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:231"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.openwall.com/lists/oss-security/2010/10/04/6"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2010-0859.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.ubuntu.com/usn/USN-1005-1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=639356"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=bf2055088a3a2d3bb3d3c37d464954ec1a25771f"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049392.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049523.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049545.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/42357"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2010\u0026m=slackware-security.571720"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:231"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2010/10/04/6"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2010-0859.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/USN-1005-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=639356"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2009-04-23 17:30
Modified
2025-04-09 00:30
Severity ?
Summary
The JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service (infinite loop and hang) via a crafted PDF file.
References
secalert@redhat.comhttp://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html
secalert@redhat.comhttp://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html
secalert@redhat.comhttp://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html
secalert@redhat.comhttp://poppler.freedesktop.org/releases.htmlPatch, Vendor Advisory
secalert@redhat.comhttp://rhn.redhat.com/errata/RHSA-2009-0458.htmlPatch
secalert@redhat.comhttp://secunia.com/advisories/34291Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/34481Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/34746Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/34755Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/34756Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/34852Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/34959Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/34963Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/34991Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/35037Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/35064Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/35065Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/35618Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/35685Vendor Advisory
secalert@redhat.comhttp://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.578477
secalert@redhat.comhttp://www.debian.org/security/2009/dsa-1790Patch
secalert@redhat.comhttp://www.debian.org/security/2009/dsa-1793Patch
secalert@redhat.comhttp://www.kb.cert.org/vuls/id/196617US Government Resource
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDVSA-2009:101
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDVSA-2010:087
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDVSA-2011:175
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2009-0429.htmlPatch
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2009-0430.htmlPatch
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2009-0431.html
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2009-0480.htmlPatch
secalert@redhat.comhttp://www.securityfocus.com/bid/34568Patch
secalert@redhat.comhttp://www.securitytracker.com/id?1022072
secalert@redhat.comhttp://www.vupen.com/english/advisories/2009/1065Patch, Vendor Advisory
secalert@redhat.comhttp://www.vupen.com/english/advisories/2009/1066Vendor Advisory
secalert@redhat.comhttp://www.vupen.com/english/advisories/2009/1076Vendor Advisory
secalert@redhat.comhttp://www.vupen.com/english/advisories/2009/1077Vendor Advisory
secalert@redhat.comhttp://www.vupen.com/english/advisories/2010/1040Vendor Advisory
secalert@redhat.comhttps://bugzilla.redhat.com/show_bug.cgi?id=495899
secalert@redhat.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10769
secalert@redhat.comhttps://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html
secalert@redhat.comhttps://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html
secalert@redhat.comhttps://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html
af854a3a-2127-422b-91ae-364da2661108http://poppler.freedesktop.org/releases.htmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2009-0458.htmlPatch
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/34291Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/34481Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/34746Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/34755Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/34756Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/34852Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/34959Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/34963Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/34991Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/35037Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/35064Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/35065Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/35618Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/35685Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.578477
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2009/dsa-1790Patch
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2009/dsa-1793Patch
af854a3a-2127-422b-91ae-364da2661108http://www.kb.cert.org/vuls/id/196617US Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2009:101
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2010:087
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2011:175
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2009-0429.htmlPatch
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2009-0430.htmlPatch
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2009-0431.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2009-0480.htmlPatch
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/34568Patch
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1022072
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2009/1065Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2009/1066Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2009/1076Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2009/1077Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2010/1040Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.redhat.com/show_bug.cgi?id=495899
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10769
af854a3a-2127-422b-91ae-364da2661108https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html
af854a3a-2127-422b-91ae-364da2661108https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html
af854a3a-2127-422b-91ae-364da2661108https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html
Impacted products
Vendor Product Version
foolabs xpdf 0.5a
foolabs xpdf 0.7a
foolabs xpdf 0.91a
foolabs xpdf 0.91b
foolabs xpdf 0.91c
foolabs xpdf 0.92a
foolabs xpdf 0.92b
foolabs xpdf 0.92c
foolabs xpdf 0.92d
foolabs xpdf 0.92e
foolabs xpdf 0.93a
foolabs xpdf 0.93b
foolabs xpdf 0.93c
foolabs xpdf 1.00a
glyphandcog xpdfreader *
glyphandcog xpdfreader 0.2
glyphandcog xpdfreader 0.3
glyphandcog xpdfreader 0.4
glyphandcog xpdfreader 0.5
glyphandcog xpdfreader 0.6
glyphandcog xpdfreader 0.7
glyphandcog xpdfreader 0.80
glyphandcog xpdfreader 0.90
glyphandcog xpdfreader 0.91
glyphandcog xpdfreader 0.92
glyphandcog xpdfreader 0.93
glyphandcog xpdfreader 1.00
glyphandcog xpdfreader 1.01
glyphandcog xpdfreader 2.00
glyphandcog xpdfreader 2.01
glyphandcog xpdfreader 2.02
glyphandcog xpdfreader 2.03
glyphandcog xpdfreader 3.00
glyphandcog xpdfreader 3.01
poppler poppler *
poppler poppler 0.1
poppler poppler 0.1.1
poppler poppler 0.1.2
poppler poppler 0.2.0
poppler poppler 0.3.0
poppler poppler 0.3.1
poppler poppler 0.3.2
poppler poppler 0.3.3
poppler poppler 0.4.0
poppler poppler 0.4.1
poppler poppler 0.4.2
poppler poppler 0.4.3
poppler poppler 0.4.4
poppler poppler 0.5.0
poppler poppler 0.5.1
poppler poppler 0.5.2
poppler poppler 0.5.3
poppler poppler 0.5.4
poppler poppler 0.5.9
poppler poppler 0.5.90
poppler poppler 0.5.91
poppler poppler 0.6.0
poppler poppler 0.6.1
poppler poppler 0.6.2
poppler poppler 0.6.3
poppler poppler 0.6.4
poppler poppler 0.7.0
poppler poppler 0.7.1
poppler poppler 0.7.2
poppler poppler 0.7.3
poppler poppler 0.8.0
poppler poppler 0.8.1
poppler poppler 0.8.2
poppler poppler 0.8.3
poppler poppler 0.8.4
poppler poppler 0.8.5
poppler poppler 0.8.6
poppler poppler 0.8.7
poppler poppler 0.9.0
poppler poppler 0.9.1
poppler poppler 0.9.2
poppler poppler 0.9.3
poppler poppler 0.10.0
poppler poppler 0.10.1
poppler poppler 0.10.2
poppler poppler 0.10.3
poppler poppler 0.10.4
apple cups *
apple cups 1.1
apple cups 1.1.1
apple cups 1.1.2
apple cups 1.1.3
apple cups 1.1.4
apple cups 1.1.5
apple cups 1.1.5-1
apple cups 1.1.5-2
apple cups 1.1.6
apple cups 1.1.6-1
apple cups 1.1.6-2
apple cups 1.1.6-3
apple cups 1.1.7
apple cups 1.1.8
apple cups 1.1.9
apple cups 1.1.9-1
apple cups 1.1.10
apple cups 1.1.10-1
apple cups 1.1.11
apple cups 1.1.12
apple cups 1.1.13
apple cups 1.1.14
apple cups 1.1.15
apple cups 1.1.16
apple cups 1.1.17
apple cups 1.1.18
apple cups 1.1.19
apple cups 1.1.19
apple cups 1.1.19
apple cups 1.1.19
apple cups 1.1.19
apple cups 1.1.19
apple cups 1.1.20
apple cups 1.1.20
apple cups 1.1.20
apple cups 1.1.20
apple cups 1.1.20
apple cups 1.1.20
apple cups 1.1.20
apple cups 1.1.21
apple cups 1.1.21
apple cups 1.1.21
apple cups 1.1.22
apple cups 1.1.22
apple cups 1.1.22
apple cups 1.1.23
apple cups 1.1.23
apple cups 1.2.0
apple cups 1.2.1
apple cups 1.2.2
apple cups 1.2.3
apple cups 1.2.4
apple cups 1.2.5
apple cups 1.2.6
apple cups 1.2.7
apple cups 1.2.8
apple cups 1.2.9
apple cups 1.2.10
apple cups 1.2.11
apple cups 1.2.12
apple cups 1.3.0
apple cups 1.3.1
apple cups 1.3.2
apple cups 1.3.3
apple cups 1.3.4
apple cups 1.3.5
apple cups 1.3.6
apple cups 1.3.7
apple cups 1.3.8
apple cups 1.3.10
apple cups 1.3.11



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.5a:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8ABE533-8FC1-45E6-B574-A4CC7571EF7C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.7a:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B02805E-7BD0-4563-82C8-6FFB982D4913",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.91a:*:*:*:*:*:*:*",
              "matchCriteriaId": "852F526D-F388-4FF0-BDD9-DF7635DB46D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.91b:*:*:*:*:*:*:*",
              "matchCriteriaId": "478D53EA-CC8C-4ECB-8410-0910505AD819",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.91c:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C84FB90-FF1C-4502-B2D2-390438DD422F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.92a:*:*:*:*:*:*:*",
              "matchCriteriaId": "13341DAE-D16D-41A7-BF17-FEC802997B15",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.92b:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E30BAEA-231C-4A82-B014-9EE3D1E81545",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.92c:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE1DE5A5-6448-43F6-A612-56998D16E6B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.92d:*:*:*:*:*:*:*",
              "matchCriteriaId": "35F84699-D4CF-4FD1-A959-53E316559EBE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.92e:*:*:*:*:*:*:*",
              "matchCriteriaId": "D820DFD5-0EF9-4C9A-B281-D553A4F63141",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.93a:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2EFC7E4-E513-42DB-BDA5-8D1E497971DD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.93b:*:*:*:*:*:*:*",
              "matchCriteriaId": "0AA5CDDC-BFDE-4C5E-920F-5DA1B3C51B52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.93c:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4CF839D-D034-4D47-977F-7E27B36EF04F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:1.00a:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3B3E8A4-14FE-42DA-B82E-839B092B5302",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "32628280-E2DB-45E0-AB8A-CFC90419A182",
              "versionEndIncluding": "3.02",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEF5EC54-9145-4B51-8241-C9343160BF80",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D33C2C1D-C1C1-4B1D-BDC8-6480CE8EC24B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1344DF7-9917-4DB0-9256-9E8131C55B0A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "309F0CF2-4AF7-4F46-91EA-39BA07BAF312",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "36FA872B-74B8-48E4-9D5C-5ACA6FCB8026",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "20311EDE-0E34-432A-AE41-F61EA68F134A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.80:*:*:*:*:*:*:*",
              "matchCriteriaId": "16FEF460-3569-4294-ABA4-D7C251D67071",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.90:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB41E8C2-BBCC-48CB-805B-23411D39E936",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.91:*:*:*:*:*:*:*",
              "matchCriteriaId": "16670F8A-E70B-4CDF-8C61-414D86E20C84",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.92:*:*:*:*:*:*:*",
              "matchCriteriaId": "69483A91-53DB-4736-908F-7B14EFB40888",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.93:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B3E7962-0A95-4E7B-A983-683B02350B93",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:1.00:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD1120B3-3372-417B-BCA0-FD515638FBFB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:1.01:*:*:*:*:*:*:*",
              "matchCriteriaId": "F7397645-3225-4980-8465-28F93322B58B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.00:*:*:*:*:*:*:*",
              "matchCriteriaId": "1672587F-ED28-4A8A-A6C1-AD1D6B5DF9F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.01:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5A45EAF-B511-4360-A201-D588E7EEB39D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.02:*:*:*:*:*:*:*",
              "matchCriteriaId": "D14637F7-DC99-4AC4-854C-DBA0B4C6BE54",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.03:*:*:*:*:*:*:*",
              "matchCriteriaId": "9EE03979-D564-4ABD-BEBD-E86E7C1BAF9D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.00:*:*:*:*:*:*:*",
              "matchCriteriaId": "15D08CFD-BEE1-4DEE-926D-F4291F88224D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.01:*:*:*:*:*:*:*",
              "matchCriteriaId": "D244903F-5407-4C35-AE2C-1A05D3C227D4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:poppler:poppler:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0299F4A-A027-430C-9A53-AFEF9022960C",
              "versionEndIncluding": "0.10.5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E23EBF88-10DE-4EA6-9F0E-F33C88541F65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "54F75CFD-3523-4017-992C-4FA6406D49F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB116A19-6436-40BE-B5C6-32C22D888B9A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A4C1429-593B-47B6-AC84-832F2296FAB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "18240BA6-3390-4925-AC25-DA4C42397CF7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3090A142-2240-4A8D-A122-C037931A277C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EFD63240-4599-4212-8AF2-7C4089CA9D28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C7EE965-EE3F-4B17-AF38-FA3AA0B11164",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7BE488E5-B3D9-4723-ABBA-A8753EC2DA2D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1259C59E-517F-40BE-8BA6-01AB76257C9A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "63C92F1C-3005-4EA6-B9C0-2BC2E3D611D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "576152B4-9ACD-4C4E-B423-4A5EF44332D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "322F9E62-6A74-4805-8F6B-9C61739B2D4E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F51C453F-6A87-49FB-83F6-22316F28161F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "75F532F0-6653-4275-A85A-BD9A9A611E96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CC7300E-0CBE-47FD-A241-B4B4F0164EBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "255102DA-A2C0-4795-9539-B4CBD587554A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "349B06F1-772A-4A12-A7B9-EA220ED96D2C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "B779800A-FF4B-47DD-B56F-77D10D6A335C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.90:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0213390-08FA-4E04-835B-8BE0FC61B464",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.91:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B304657-740A-4F8D-99CD-22E283FEE6F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "178680C2-DB1B-4250-9B6E-6ADABA60DE44",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCA9036F-92DA-45C2-9FBC-DE03444D34F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6855B98-DAA2-4850-A765-2F4D6D93A424",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "4743EC55-B61D-4C1A-9ED7-060268F2DB27",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CD4454E-3D2B-4582-B5E5-0317A6417654",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "96402B67-A7A8-44E3-914E-A10A69FAD735",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "66C608C8-F382-4D6B-A638-98763C1CBB66",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "21F0F4E0-91B7-4B1F-BFA9-829101A7F90A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.7.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "22287102-80B1-4E1F-85E4-488B020A51E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF3030D6-DE07-418B-AB40-87C85FCA3C58",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3583D56-F653-457A-B1F8-25842A15CB82",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6EEA5DBB-5A80-439E-A135-77CB40772916",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4A5C43B-3978-4D0A-8166-A99622106781",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A940AF2-A7CA-408F-86E2-797C7BA8A6BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B2CD8A0-2DBA-4AC9-A97D-D4DAEB6C7A74",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA56CB7C-E7B3-4F0B-8BEB-F133FAF0D6FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "6323ED7A-6FE8-4885-B743-3E2F82ECA08B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "90D3345C-2D35-413C-B6F9-C308BC7C2AA6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "26216EEC-26B7-41C8-ADFB-64D2EA8DAA8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9D3618D-A183-4B09-9CA2-8D622C3486DD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.9.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A88294D9-563E-4AB3-9FE6-971F43B052B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A39F672-B238-4B21-A48E-5121771949F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "58A5D199-E952-44B5-B5E5-170040FA813E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "349B4B75-32E2-49FB-9606-8B057AFA2E3E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "55A8D058-224E-467E-AB61-06F90B541F24",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "77C47EDD-2212-4259-8229-FF05E1A7B5AD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:apple:cups:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4E90153-8D18-4A50-9581-895C851F6489",
              "versionEndIncluding": "1.3.9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4D89E03-94D0-4F7F-9A54-3021E3E5A321",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "298D6BE7-7683-4225-8DD6-4C0FC5EB48BC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "230B77E7-B1AE-4470-859D-7B5F99749D74",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8FECBBD-B1A2-4F42-8A68-32AB8331BDC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B6070FC-4566-4314-940E-0AAE34B56E28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC691F07-8B38-4867-AB18-51F380CAEA46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.5-1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E943EFBF-39A7-408F-8AC5-677E83DFDBB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.5-2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EA7725A-4398-4C76-BEBF-10E56C7F34F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7415295-0FBF-4946-8D99-8CB2EC391319",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.6-1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C702EE3-4B7C-42EA-92AA-8717807CF67C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.6-2:*:*:*:*:*:*:*",
              "matchCriteriaId": "73F74581-D71C-4FEC-BA8C-85EF4C1991BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.6-3:*:*:*:*:*:*:*",
              "matchCriteriaId": "7ABCFB52-33D3-428C-B1D5-DCE504170A37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "45F03F2B-6AC3-4872-9032-293C2E9B837C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E02B6FB-C36D-45F3-95F3-566CA03B29A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "96093309-A87D-48D0-84DA-446255ABF231",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.9-1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF67F149-614B-4507-A15F-E557A1B73423",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4A14432-D8A1-4D19-9408-B9B4F2FC6B0A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.10-1:*:*:*:*:*:*:*",
              "matchCriteriaId": "49862F77-B8DE-4AA7-AE17-B348B05AC00E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "78D7719F-03E0-4E66-A50A-F8E857A9B6AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3139FDA-9476-4414-B349-7119E63FD268",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "523FE78C-441F-4ACD-B9F2-3E5293E277AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "F887B5B1-7528-4086-AE6C-134F54A93342",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D6D24ED-0D73-4CF2-B746-6EF29F2EF56F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "E8C5C552-6276-4791-80CD-6B3EB425EF04",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "8335D4E3-563D-4288-B708-A9635BCA595F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "5279D055-248A-4BD1-9FBB-0024BA16DF5B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF791C1D-9AF8-4F0F-8F4B-844BC9A55DFD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.19:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "16519855-FCB9-44A8-9C7E-116192327BAB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.19:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "B1D9330B-C51A-4C7D-A322-85103C64D86C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.19:rc3:*:*:*:*:*:*",
              "matchCriteriaId": "2DA0C19F-95EB-429C-AF06-A2C1D5643662",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.19:rc4:*:*:*:*:*:*",
              "matchCriteriaId": "225CCE80-FF4B-4B39-B8BD-EB4710047524",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.19:rc5:*:*:*:*:*:*",
              "matchCriteriaId": "07925DD8-50C0-4908-95D1-7342A4617BBC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "48A519DB-6C6D-4094-814D-33BD5EF389BC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.20:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "B6ED7566-5092-4B08-97A9-B2B53117A224",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.20:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "98DCAC0C-896F-4353-A665-5BCD0D8AEBA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.20:rc3:*:*:*:*:*:*",
              "matchCriteriaId": "E72614CD-8F70-4E07-AD83-8FDE8026CEC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.20:rc4:*:*:*:*:*:*",
              "matchCriteriaId": "48E62419-C165-4B42-8C23-E24821BD4BB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.20:rc5:*:*:*:*:*:*",
              "matchCriteriaId": "217D804B-CA56-49CE-B9EB-2A297EB1763C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.20:rc6:*:*:*:*:*:*",
              "matchCriteriaId": "A41E8583-C837-4871-B4D2-FD41C78D538E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "D480C37B-0DA8-4096-80B0-5198FE589A4B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.21:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "74F5A83B-3C1A-49F3-A9D6-F7B9B897E447",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.21:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "241D4183-879D-4974-BACB-A6987EDA2E7D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "96592A93-4967-4B91-BCF7-558DC472E7BC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.22:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "8758715D-B973-4960-8B7D-6F9A11E73288",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.22:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "0370E9EB-B830-4362-B83C-912579695691",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA3EC6EE-720D-4F27-A2E1-88AE53FC41A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.23:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "D644926A-C2A5-45FE-85A3-2782CE87ED86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0696E675-0A13-45FC-8917-845E6FF7A311",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "78BAC98C-1FE6-42A3-8B62-E3C321914F6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "BCC3EF2F-0140-4185-9FB3-2B595B61CDC1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C36785A-F735-45C0-986B-9624AD65F0C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C1D3916-607F-44E8-9D47-93C6C0789083",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "174613C3-A04B-4701-849B-BAA598BF4F72",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "81C1137C-BE3D-45F9-83C9-D212107F0E14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CBC1F81-E93A-42A7-8BC8-4B903688F2E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FA876FF-C58A-45CF-A8E8-E2068DF79421",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.2.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "5FD78771-BD9A-4AC2-B664-B189DD288FB2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.2.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "50A16424-732F-4B76-A753-1642A97BC1EA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.2.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "E189C976-2DD2-485C-828E-7FC3DC6A8F32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.2.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "A86CA90F-A944-4F3E-B75F-8147125335D2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FAFABDC-E40F-4C53-AC66-94EFD077665D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "42A2F7B3-F4A7-416E-A07F-D4C5F0768B6F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F96C1B80-9E20-4832-8308-BF7911569EF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F2D7DB3-F467-4BC0-83BB-4706D067A2C5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABD33C2C-7D39-4CCE-AC99-BC7B1B205A4F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "46C394DC-65A7-4713-B823-6F5D329A0C5C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5E9F74F-3C7D-486A-8BA1-EE2A73160B39",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "69BD64BB-BDA7-4F82-8324-B7C7C941133C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCAEE03E-0B8A-4D10-BD4D-2DA25B7BBE16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.3.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8814509-8B08-46C6-AE50-19B7D30DCF40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "0718FB6B-D787-409A-B535-0318F2C63A81",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service (infinite loop and hang) via a crafted PDF file."
    },
    {
      "lang": "es",
      "value": "El decodificador JBIG2 MMR en Xpdf versi\u00f3n 3.02 PL2 y anteriores, CUPS versi\u00f3n 1.3.9 y anteriores, Poppler versi\u00f3n anterior a 0.10.6, y otros productos permite a los atacantes remotos causar una denegaci\u00f3n de servicio (bucle infinito y colgar) por medio de un archivo PDF creado."
    }
  ],
  "id": "CVE-2009-1183",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2009-04-23T17:30:01.827",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://poppler.freedesktop.org/releases.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34291"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34481"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34746"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34755"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34756"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34852"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34959"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34963"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34991"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35037"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35064"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35065"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35618"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35685"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://www.debian.org/security/2009/dsa-1790"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://www.debian.org/security/2009/dsa-1793"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/196617"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/34568"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securitytracker.com/id?1022072"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/1065"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/1066"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/1076"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/1077"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2010/1040"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=495899"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10769"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://poppler.freedesktop.org/releases.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34291"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34481"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34746"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34755"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34756"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34852"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34959"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34963"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34991"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35037"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35064"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35065"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35618"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35685"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.debian.org/security/2009/dsa-1790"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.debian.org/security/2009/dsa-1793"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/196617"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/34568"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1022072"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/1065"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/1066"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/1076"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/1077"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2010/1040"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=495899"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10769"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-399"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2009-11-02 15:30
Modified
2025-04-09 00:30
Severity ?
Summary
Multiple integer overflows in Poppler 0.10.5 and earlier allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF file, related to (1) glib/poppler-page.cc; (2) ArthurOutputDev.cc, (3) CairoOutputDev.cc, (4) GfxState.cc, (5) JBIG2Stream.cc, (6) PSOutputDev.cc, and (7) SplashOutputDev.cc in poppler/; and (8) SplashBitmap.cc, (9) Splash.cc, and (10) SplashFTFont.cc in splash/. NOTE: this may overlap CVE-2009-0791.
References
secalert@redhat.comhttp://cgit.freedesktop.org/poppler/poppler/commit/?id=284a92899602daa4a7f429e61849e794569310b5
secalert@redhat.comhttp://cgit.freedesktop.org/poppler/poppler/commit/?id=7b2d314a61fd0e12f47c62996cb49ec0d1ba747a
secalert@redhat.comhttp://cgit.freedesktop.org/poppler/poppler/commit/?id=9cf2325fb22f812b31858e519411f57747d39bd8
secalert@redhat.comhttp://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html
secalert@redhat.comhttp://secunia.com/advisories/37114Vendor Advisory
secalert@redhat.comhttp://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1
secalert@redhat.comhttp://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDVSA-2009:334
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDVSA-2011:175
secalert@redhat.comhttp://www.ubuntu.com/usn/USN-850-1
secalert@redhat.comhttps://bugs.launchpad.net/bugs/cve/2009-3605
secalert@redhat.comhttps://bugzilla.redhat.com/show_bug.cgi?id=491840
secalert@redhat.comhttps://launchpad.net/ubuntu/+archive/primary/+files/poppler_0.10.5-1ubuntu2.4.diff.gz
secalert@redhat.comhttps://launchpad.net/ubuntu/+archive/primary/+files/poppler_0.8.7-1ubuntu0.4.diff.gz
secalert@redhat.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7731
af854a3a-2127-422b-91ae-364da2661108http://cgit.freedesktop.org/poppler/poppler/commit/?id=284a92899602daa4a7f429e61849e794569310b5
af854a3a-2127-422b-91ae-364da2661108http://cgit.freedesktop.org/poppler/poppler/commit/?id=7b2d314a61fd0e12f47c62996cb49ec0d1ba747a
af854a3a-2127-422b-91ae-364da2661108http://cgit.freedesktop.org/poppler/poppler/commit/?id=9cf2325fb22f812b31858e519411f57747d39bd8
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/37114Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1
af854a3a-2127-422b-91ae-364da2661108http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2009:334
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2011:175
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/USN-850-1
af854a3a-2127-422b-91ae-364da2661108https://bugs.launchpad.net/bugs/cve/2009-3605
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.redhat.com/show_bug.cgi?id=491840
af854a3a-2127-422b-91ae-364da2661108https://launchpad.net/ubuntu/+archive/primary/+files/poppler_0.10.5-1ubuntu2.4.diff.gz
af854a3a-2127-422b-91ae-364da2661108https://launchpad.net/ubuntu/+archive/primary/+files/poppler_0.8.7-1ubuntu0.4.diff.gz
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7731



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:poppler:poppler:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0299F4A-A027-430C-9A53-AFEF9022960C",
              "versionEndIncluding": "0.10.5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E23EBF88-10DE-4EA6-9F0E-F33C88541F65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "54F75CFD-3523-4017-992C-4FA6406D49F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB116A19-6436-40BE-B5C6-32C22D888B9A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A4C1429-593B-47B6-AC84-832F2296FAB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "18240BA6-3390-4925-AC25-DA4C42397CF7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3090A142-2240-4A8D-A122-C037931A277C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EFD63240-4599-4212-8AF2-7C4089CA9D28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C7EE965-EE3F-4B17-AF38-FA3AA0B11164",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7BE488E5-B3D9-4723-ABBA-A8753EC2DA2D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1259C59E-517F-40BE-8BA6-01AB76257C9A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "63C92F1C-3005-4EA6-B9C0-2BC2E3D611D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "576152B4-9ACD-4C4E-B423-4A5EF44332D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "322F9E62-6A74-4805-8F6B-9C61739B2D4E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F51C453F-6A87-49FB-83F6-22316F28161F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "75F532F0-6653-4275-A85A-BD9A9A611E96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CC7300E-0CBE-47FD-A241-B4B4F0164EBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "255102DA-A2C0-4795-9539-B4CBD587554A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "349B06F1-772A-4A12-A7B9-EA220ED96D2C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "B779800A-FF4B-47DD-B56F-77D10D6A335C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.90:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0213390-08FA-4E04-835B-8BE0FC61B464",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.91:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B304657-740A-4F8D-99CD-22E283FEE6F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "178680C2-DB1B-4250-9B6E-6ADABA60DE44",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCA9036F-92DA-45C2-9FBC-DE03444D34F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6855B98-DAA2-4850-A765-2F4D6D93A424",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "4743EC55-B61D-4C1A-9ED7-060268F2DB27",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CD4454E-3D2B-4582-B5E5-0317A6417654",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "96402B67-A7A8-44E3-914E-A10A69FAD735",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "66C608C8-F382-4D6B-A638-98763C1CBB66",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "21F0F4E0-91B7-4B1F-BFA9-829101A7F90A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.7.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "22287102-80B1-4E1F-85E4-488B020A51E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF3030D6-DE07-418B-AB40-87C85FCA3C58",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3583D56-F653-457A-B1F8-25842A15CB82",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6EEA5DBB-5A80-439E-A135-77CB40772916",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4A5C43B-3978-4D0A-8166-A99622106781",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A940AF2-A7CA-408F-86E2-797C7BA8A6BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B2CD8A0-2DBA-4AC9-A97D-D4DAEB6C7A74",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA56CB7C-E7B3-4F0B-8BEB-F133FAF0D6FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "6323ED7A-6FE8-4885-B743-3E2F82ECA08B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "90D3345C-2D35-413C-B6F9-C308BC7C2AA6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "26216EEC-26B7-41C8-ADFB-64D2EA8DAA8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9D3618D-A183-4B09-9CA2-8D622C3486DD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.9.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A88294D9-563E-4AB3-9FE6-971F43B052B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A39F672-B238-4B21-A48E-5121771949F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "58A5D199-E952-44B5-B5E5-170040FA813E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "349B4B75-32E2-49FB-9606-8B057AFA2E3E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "55A8D058-224E-467E-AB61-06F90B541F24",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "77C47EDD-2212-4259-8229-FF05E1A7B5AD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple integer overflows in Poppler 0.10.5 and earlier allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF file, related to (1) glib/poppler-page.cc; (2) ArthurOutputDev.cc, (3) CairoOutputDev.cc, (4) GfxState.cc, (5) JBIG2Stream.cc, (6) PSOutputDev.cc, and (7) SplashOutputDev.cc in poppler/; and (8) SplashBitmap.cc, (9) Splash.cc, and (10) SplashFTFont.cc in splash/.  NOTE: this may overlap CVE-2009-0791."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples desbordamientos de entero en Poppler v0.10.5 y anteriores permiten a usuarios remotos provocar una denegaci\u00f3n de servicio (caida de la aplicaci\u00f3n) o probablemente ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un fichero PDF modificado. Relacionado con (1) glib/poppler-page.cc; (2) ArthurOutputDev.cc, (3) CairoOutputDev.cc, (4) GfxState.cc, (5) JBIG2Stream.cc, (6) PSOutputDev.cc y (7) SplashOutputDev.cc en poppler/; y (8) SplashBitmap.cc, (9) Splash.cc y (10) SplashFTFont.cc en splash/.  NOTA: esta vulnerabilidad se puede sobrelapar con CVE-2009-0791."
    }
  ],
  "id": "CVE-2009-3605",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.8,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2009-11-02T15:30:00.483",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=284a92899602daa4a7f429e61849e794569310b5"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=7b2d314a61fd0e12f47c62996cb49ec0d1ba747a"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=9cf2325fb22f812b31858e519411f57747d39bd8"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/37114"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:334"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.ubuntu.com/usn/USN-850-1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://bugs.launchpad.net/bugs/cve/2009-3605"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=491840"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://launchpad.net/ubuntu/+archive/primary/+files/poppler_0.10.5-1ubuntu2.4.diff.gz"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://launchpad.net/ubuntu/+archive/primary/+files/poppler_0.8.7-1ubuntu0.4.diff.gz"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7731"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=284a92899602daa4a7f429e61849e794569310b5"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=7b2d314a61fd0e12f47c62996cb49ec0d1ba747a"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=9cf2325fb22f812b31858e519411f57747d39bd8"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/37114"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:334"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/USN-850-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugs.launchpad.net/bugs/cve/2009-3605"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=491840"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://launchpad.net/ubuntu/+archive/primary/+files/poppler_0.10.5-1ubuntu2.4.diff.gz"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://launchpad.net/ubuntu/+archive/primary/+files/poppler_0.8.7-1ubuntu0.4.diff.gz"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7731"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-189"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2009-10-21 17:30
Modified
2025-04-09 00:30
Severity ?
Summary
Integer overflow in the ObjectStream::ObjectStream function in XRef.cc in Xpdf 3.x before 3.02pl4 and Poppler before 0.12.1, as used in GPdf, kdegraphics KPDF, CUPS pdftops, and teTeX, might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow.
References
secalert@redhat.comftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl4.patchPatch
secalert@redhat.comhttp://lists.fedoraproject.org/pipermail/package-announce/2010-February/035340.html
secalert@redhat.comhttp://lists.fedoraproject.org/pipermail/package-announce/2010-February/035399.html
secalert@redhat.comhttp://lists.fedoraproject.org/pipermail/package-announce/2010-February/035408.html
secalert@redhat.comhttp://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html
secalert@redhat.comhttp://poppler.freedesktop.org/Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/37028Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/37034Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/37037Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/37043Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/37051Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/37053Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/37054Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/37061Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/37077Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/37079Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/37114
secalert@redhat.comhttp://secunia.com/advisories/37159
secalert@redhat.comhttp://secunia.com/advisories/39327
secalert@redhat.comhttp://secunia.com/advisories/39938
secalert@redhat.comhttp://securitytracker.com/id?1023029Patch
secalert@redhat.comhttp://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1
secalert@redhat.comhttp://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1
secalert@redhat.comhttp://www.debian.org/security/2009/dsa-1941
secalert@redhat.comhttp://www.debian.org/security/2010/dsa-2028
secalert@redhat.comhttp://www.debian.org/security/2010/dsa-2050
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDVSA-2009:287
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDVSA-2009:334
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDVSA-2011:175
secalert@redhat.comhttp://www.ocert.org/advisories/ocert-2009-016.html
secalert@redhat.comhttp://www.openwall.com/lists/oss-security/2009/12/01/1
secalert@redhat.comhttp://www.openwall.com/lists/oss-security/2009/12/01/5
secalert@redhat.comhttp://www.openwall.com/lists/oss-security/2009/12/01/6
secalert@redhat.comhttp://www.securityfocus.com/bid/36703Exploit, Patch
secalert@redhat.comhttp://www.ubuntu.com/usn/USN-850-1
secalert@redhat.comhttp://www.ubuntu.com/usn/USN-850-3
secalert@redhat.comhttp://www.vupen.com/english/advisories/2009/2924Patch, Vendor Advisory
secalert@redhat.comhttp://www.vupen.com/english/advisories/2009/2925Vendor Advisory
secalert@redhat.comhttp://www.vupen.com/english/advisories/2009/2926Vendor Advisory
secalert@redhat.comhttp://www.vupen.com/english/advisories/2009/2928Vendor Advisory
secalert@redhat.comhttp://www.vupen.com/english/advisories/2010/0802
secalert@redhat.comhttp://www.vupen.com/english/advisories/2010/1220
secalert@redhat.comhttps://bugzilla.redhat.com/show_bug.cgi?id=526637Patch
secalert@redhat.comhttps://exchange.xforce.ibmcloud.com/vulnerabilities/53794
secalert@redhat.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9536
secalert@redhat.comhttps://rhn.redhat.com/errata/RHSA-2009-1501.html
secalert@redhat.comhttps://rhn.redhat.com/errata/RHSA-2009-1502.html
secalert@redhat.comhttps://rhn.redhat.com/errata/RHSA-2009-1503.html
secalert@redhat.comhttps://rhn.redhat.com/errata/RHSA-2009-1504.html
secalert@redhat.comhttps://rhn.redhat.com/errata/RHSA-2009-1512.html
secalert@redhat.comhttps://rhn.redhat.com/errata/RHSA-2009-1513.html
secalert@redhat.comhttps://www.redhat.com/archives/fedora-package-announce/2009-October/msg00750.html
secalert@redhat.comhttps://www.redhat.com/archives/fedora-package-announce/2009-October/msg00784.html
af854a3a-2127-422b-91ae-364da2661108ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl4.patchPatch
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035340.html
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035399.html
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035408.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html
af854a3a-2127-422b-91ae-364da2661108http://poppler.freedesktop.org/Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/37028Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/37034Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/37037Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/37043Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/37051Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/37053Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/37054Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/37061Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/37077Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/37079Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/37114
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/37159
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/39327
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/39938
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1023029Patch
af854a3a-2127-422b-91ae-364da2661108http://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1
af854a3a-2127-422b-91ae-364da2661108http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2009/dsa-1941
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2010/dsa-2028
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2010/dsa-2050
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2009:287
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2009:334
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2011:175
af854a3a-2127-422b-91ae-364da2661108http://www.ocert.org/advisories/ocert-2009-016.html
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2009/12/01/1
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2009/12/01/5
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2009/12/01/6
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/36703Exploit, Patch
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/USN-850-1
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/USN-850-3
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2009/2924Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2009/2925Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2009/2926Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2009/2928Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2010/0802
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2010/1220
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.redhat.com/show_bug.cgi?id=526637Patch
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/53794
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9536
af854a3a-2127-422b-91ae-364da2661108https://rhn.redhat.com/errata/RHSA-2009-1501.html
af854a3a-2127-422b-91ae-364da2661108https://rhn.redhat.com/errata/RHSA-2009-1502.html
af854a3a-2127-422b-91ae-364da2661108https://rhn.redhat.com/errata/RHSA-2009-1503.html
af854a3a-2127-422b-91ae-364da2661108https://rhn.redhat.com/errata/RHSA-2009-1504.html
af854a3a-2127-422b-91ae-364da2661108https://rhn.redhat.com/errata/RHSA-2009-1512.html
af854a3a-2127-422b-91ae-364da2661108https://rhn.redhat.com/errata/RHSA-2009-1513.html
af854a3a-2127-422b-91ae-364da2661108https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00750.html
af854a3a-2127-422b-91ae-364da2661108https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00784.html



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:3.02pl1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BC500DA-7B3F-4CD5-BB0E-B244000CD19D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:3.02pl2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D5D9CEA-0707-46FC-AEC3-9EC540B22BC3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:3.02pl3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD38AC59-7518-40FB-BC29-EC64142DE682",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.00:*:*:*:*:*:*:*",
              "matchCriteriaId": "15D08CFD-BEE1-4DEE-926D-F4291F88224D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.01:*:*:*:*:*:*:*",
              "matchCriteriaId": "D244903F-5407-4C35-AE2C-1A05D3C227D4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.02:*:*:*:*:*:*:*",
              "matchCriteriaId": "F7D4E256-FF91-47BA-B1D4-940FB2D970AF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C16CA37E-F28E-47E6-B77B-4CB0A859F831",
              "versionEndIncluding": "0.12.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E23EBF88-10DE-4EA6-9F0E-F33C88541F65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "54F75CFD-3523-4017-992C-4FA6406D49F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB116A19-6436-40BE-B5C6-32C22D888B9A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A4C1429-593B-47B6-AC84-832F2296FAB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "18240BA6-3390-4925-AC25-DA4C42397CF7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3090A142-2240-4A8D-A122-C037931A277C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EFD63240-4599-4212-8AF2-7C4089CA9D28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C7EE965-EE3F-4B17-AF38-FA3AA0B11164",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7BE488E5-B3D9-4723-ABBA-A8753EC2DA2D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1259C59E-517F-40BE-8BA6-01AB76257C9A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "63C92F1C-3005-4EA6-B9C0-2BC2E3D611D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "576152B4-9ACD-4C4E-B423-4A5EF44332D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "322F9E62-6A74-4805-8F6B-9C61739B2D4E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F51C453F-6A87-49FB-83F6-22316F28161F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "75F532F0-6653-4275-A85A-BD9A9A611E96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CC7300E-0CBE-47FD-A241-B4B4F0164EBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "255102DA-A2C0-4795-9539-B4CBD587554A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "349B06F1-772A-4A12-A7B9-EA220ED96D2C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "B779800A-FF4B-47DD-B56F-77D10D6A335C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "178680C2-DB1B-4250-9B6E-6ADABA60DE44",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCA9036F-92DA-45C2-9FBC-DE03444D34F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6855B98-DAA2-4850-A765-2F4D6D93A424",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "4743EC55-B61D-4C1A-9ED7-060268F2DB27",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CD4454E-3D2B-4582-B5E5-0317A6417654",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "96402B67-A7A8-44E3-914E-A10A69FAD735",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "66C608C8-F382-4D6B-A638-98763C1CBB66",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "21F0F4E0-91B7-4B1F-BFA9-829101A7F90A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.7.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "22287102-80B1-4E1F-85E4-488B020A51E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF3030D6-DE07-418B-AB40-87C85FCA3C58",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3583D56-F653-457A-B1F8-25842A15CB82",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6EEA5DBB-5A80-439E-A135-77CB40772916",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4A5C43B-3978-4D0A-8166-A99622106781",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A940AF2-A7CA-408F-86E2-797C7BA8A6BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA56CB7C-E7B3-4F0B-8BEB-F133FAF0D6FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "6323ED7A-6FE8-4885-B743-3E2F82ECA08B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "90D3345C-2D35-413C-B6F9-C308BC7C2AA6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "26216EEC-26B7-41C8-ADFB-64D2EA8DAA8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9D3618D-A183-4B09-9CA2-8D622C3486DD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.9.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A88294D9-563E-4AB3-9FE6-971F43B052B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A39F672-B238-4B21-A48E-5121771949F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "58A5D199-E952-44B5-B5E5-170040FA813E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "349B4B75-32E2-49FB-9606-8B057AFA2E3E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "55A8D058-224E-467E-AB61-06F90B541F24",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "77C47EDD-2212-4259-8229-FF05E1A7B5AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "C52995D0-0986-427F-B37D-2F6726EA330D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E4427C5-DBF0-4EF9-8B7A-61D56C14E3FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "B91206CA-7EBE-4E64-9A49-D7EC0D051012",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.11.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BFD43644-7F02-42AF-8EC3-C326A13E2F89",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.11.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "81FE2E6F-44B2-42D5-B986-D1FE2B510968",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.11.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A605079-3705-4E2C-8F6D-C21B4D875817",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.11.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3ABBD590-8092-4920-BBC7-F3ACB9CCC900",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:glyph_and_cog:pdftops:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1833267E-3B18-4CF8-B996-6226D5439F5F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:gnome:gpdf:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4A9A98B-5E37-4938-9506-927E0C8FACB8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:kde:kpdf:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "41EF2714-DEC9-407F-9D1B-EF2A4D8B4DC3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:tetex:tetex:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "87CCAA71-B817-48A0-81C0-9E4DC4953C9C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Integer overflow in the ObjectStream::ObjectStream function in XRef.cc in Xpdf 3.x before 3.02pl4 and Poppler before 0.12.1, as used in GPdf, kdegraphics KPDF, CUPS pdftops, and teTeX, might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de entero en la funci\u00f3n ObjectStream::ObjectStream  en XRef.cc en Xpdf  y Poppler, usado en GPdf, kdegraphics KPDF, y CUPS pdftopf y teTeX, podr\u00eda permitir a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un documento PDF manipulado que provoca un desbordamiento de b\u00fafer basado en memoria din\u00e1mica (heap)."
    }
  ],
  "id": "CVE-2009-3608",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2009-10-21T17:30:00.407",
  "references": [
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl4.patch"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035340.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035399.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035408.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://poppler.freedesktop.org/"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/37028"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/37034"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/37037"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/37043"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/37051"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/37053"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/37054"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/37061"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/37077"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/37079"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/37114"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/37159"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/39327"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/39938"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://securitytracker.com/id?1023029"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2009/dsa-1941"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2010/dsa-2028"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2010/dsa-2050"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:287"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:334"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.ocert.org/advisories/ocert-2009-016.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.openwall.com/lists/oss-security/2009/12/01/1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.openwall.com/lists/oss-security/2009/12/01/5"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.openwall.com/lists/oss-security/2009/12/01/6"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Exploit",
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/36703"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.ubuntu.com/usn/USN-850-1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.ubuntu.com/usn/USN-850-3"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/2924"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/2925"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/2926"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/2928"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2010/0802"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2010/1220"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=526637"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53794"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9536"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://rhn.redhat.com/errata/RHSA-2009-1501.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://rhn.redhat.com/errata/RHSA-2009-1502.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://rhn.redhat.com/errata/RHSA-2009-1503.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://rhn.redhat.com/errata/RHSA-2009-1504.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://rhn.redhat.com/errata/RHSA-2009-1512.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://rhn.redhat.com/errata/RHSA-2009-1513.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00750.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00784.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl4.patch"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035340.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035399.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035408.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://poppler.freedesktop.org/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/37028"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/37034"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/37037"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/37043"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/37051"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/37053"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/37054"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/37061"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/37077"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/37079"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/37114"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/37159"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/39327"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/39938"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://securitytracker.com/id?1023029"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2009/dsa-1941"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2010/dsa-2028"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2010/dsa-2050"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:287"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:334"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ocert.org/advisories/ocert-2009-016.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2009/12/01/1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2009/12/01/5"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2009/12/01/6"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/36703"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/USN-850-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/USN-850-3"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/2924"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/2925"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/2926"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/2928"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2010/0802"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2010/1220"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=526637"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53794"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9536"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://rhn.redhat.com/errata/RHSA-2009-1501.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://rhn.redhat.com/errata/RHSA-2009-1502.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://rhn.redhat.com/errata/RHSA-2009-1503.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://rhn.redhat.com/errata/RHSA-2009-1504.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://rhn.redhat.com/errata/RHSA-2009-1512.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://rhn.redhat.com/errata/RHSA-2009-1513.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00750.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00784.html"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-189"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2009-04-23 17:30
Modified
2025-04-09 00:30
Severity ?
Summary
Multiple buffer overflows in the JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allow remote attackers to execute arbitrary code via a crafted PDF file.
References
secalert@redhat.comhttp://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html
secalert@redhat.comhttp://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html
secalert@redhat.comhttp://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html
secalert@redhat.comhttp://poppler.freedesktop.org/releases.html
secalert@redhat.comhttp://rhn.redhat.com/errata/RHSA-2009-0458.htmlVendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/34291Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/34481Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/34746Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/34755Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/34756Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/34852Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/34959Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/34963Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/34991Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/35037Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/35064Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/35065Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/35618Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/35685Vendor Advisory
secalert@redhat.comhttp://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.578477
secalert@redhat.comhttp://www.debian.org/security/2009/dsa-1790
secalert@redhat.comhttp://www.debian.org/security/2009/dsa-1793
secalert@redhat.comhttp://www.kb.cert.org/vuls/id/196617US Government Resource
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDVSA-2009:101
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDVSA-2010:087
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDVSA-2011:175
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2009-0429.html
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2009-0430.html
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2009-0431.html
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2009-0480.html
secalert@redhat.comhttp://www.securityfocus.com/bid/34568
secalert@redhat.comhttp://www.securitytracker.com/id?1022073
secalert@redhat.comhttp://www.vupen.com/english/advisories/2009/1065Vendor Advisory
secalert@redhat.comhttp://www.vupen.com/english/advisories/2009/1066Vendor Advisory
secalert@redhat.comhttp://www.vupen.com/english/advisories/2009/1076Vendor Advisory
secalert@redhat.comhttp://www.vupen.com/english/advisories/2009/1077Vendor Advisory
secalert@redhat.comhttp://www.vupen.com/english/advisories/2010/1040Vendor Advisory
secalert@redhat.comhttps://bugzilla.redhat.com/show_bug.cgi?id=495896
secalert@redhat.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10735
secalert@redhat.comhttps://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html
secalert@redhat.comhttps://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html
secalert@redhat.comhttps://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html
af854a3a-2127-422b-91ae-364da2661108http://poppler.freedesktop.org/releases.html
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2009-0458.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/34291Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/34481Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/34746Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/34755Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/34756Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/34852Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/34959Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/34963Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/34991Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/35037Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/35064Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/35065Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/35618Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/35685Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.578477
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2009/dsa-1790
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2009/dsa-1793
af854a3a-2127-422b-91ae-364da2661108http://www.kb.cert.org/vuls/id/196617US Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2009:101
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2010:087
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2011:175
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2009-0429.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2009-0430.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2009-0431.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2009-0480.html
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/34568
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1022073
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2009/1065Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2009/1066Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2009/1076Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2009/1077Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2010/1040Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.redhat.com/show_bug.cgi?id=495896
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10735
af854a3a-2127-422b-91ae-364da2661108https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html
af854a3a-2127-422b-91ae-364da2661108https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html
af854a3a-2127-422b-91ae-364da2661108https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html
Impacted products
Vendor Product Version
foolabs xpdf 0.5a
foolabs xpdf 0.7a
foolabs xpdf 0.91a
foolabs xpdf 0.91b
foolabs xpdf 0.91c
foolabs xpdf 0.92a
foolabs xpdf 0.92b
foolabs xpdf 0.92c
foolabs xpdf 0.92d
foolabs xpdf 0.92e
foolabs xpdf 0.93a
foolabs xpdf 0.93b
foolabs xpdf 0.93c
foolabs xpdf 1.00a
glyphandcog xpdfreader *
glyphandcog xpdfreader 0.2
glyphandcog xpdfreader 0.3
glyphandcog xpdfreader 0.4
glyphandcog xpdfreader 0.5
glyphandcog xpdfreader 0.6
glyphandcog xpdfreader 0.7
glyphandcog xpdfreader 0.80
glyphandcog xpdfreader 0.90
glyphandcog xpdfreader 0.91
glyphandcog xpdfreader 0.92
glyphandcog xpdfreader 0.93
glyphandcog xpdfreader 1.00
glyphandcog xpdfreader 1.01
glyphandcog xpdfreader 2.00
glyphandcog xpdfreader 2.01
glyphandcog xpdfreader 2.02
glyphandcog xpdfreader 2.03
glyphandcog xpdfreader 3.00
glyphandcog xpdfreader 3.01
poppler poppler *
poppler poppler 0.1
poppler poppler 0.1.1
poppler poppler 0.1.2
poppler poppler 0.2.0
poppler poppler 0.3.0
poppler poppler 0.3.1
poppler poppler 0.3.2
poppler poppler 0.3.3
poppler poppler 0.4.0
poppler poppler 0.4.1
poppler poppler 0.4.2
poppler poppler 0.4.3
poppler poppler 0.4.4
poppler poppler 0.5.0
poppler poppler 0.5.1
poppler poppler 0.5.2
poppler poppler 0.5.3
poppler poppler 0.5.4
poppler poppler 0.5.9
poppler poppler 0.5.90
poppler poppler 0.5.91
poppler poppler 0.6.0
poppler poppler 0.6.1
poppler poppler 0.6.2
poppler poppler 0.6.3
poppler poppler 0.6.4
poppler poppler 0.7.0
poppler poppler 0.7.1
poppler poppler 0.7.2
poppler poppler 0.7.3
poppler poppler 0.8.0
poppler poppler 0.8.1
poppler poppler 0.8.2
poppler poppler 0.8.3
poppler poppler 0.8.4
poppler poppler 0.8.5
poppler poppler 0.8.6
poppler poppler 0.8.7
poppler poppler 0.9.0
poppler poppler 0.9.1
poppler poppler 0.9.2
poppler poppler 0.9.3
poppler poppler 0.10.0
poppler poppler 0.10.1
poppler poppler 0.10.2
poppler poppler 0.10.3
poppler poppler 0.10.4
apple cups *
apple cups 1.1
apple cups 1.1.1
apple cups 1.1.2
apple cups 1.1.3
apple cups 1.1.4
apple cups 1.1.5
apple cups 1.1.5-1
apple cups 1.1.5-2
apple cups 1.1.6
apple cups 1.1.6-1
apple cups 1.1.6-2
apple cups 1.1.6-3
apple cups 1.1.7
apple cups 1.1.8
apple cups 1.1.9
apple cups 1.1.9-1
apple cups 1.1.10
apple cups 1.1.10-1
apple cups 1.1.11
apple cups 1.1.12
apple cups 1.1.13
apple cups 1.1.14
apple cups 1.1.15
apple cups 1.1.16
apple cups 1.1.17
apple cups 1.1.18
apple cups 1.1.19
apple cups 1.1.19
apple cups 1.1.19
apple cups 1.1.19
apple cups 1.1.19
apple cups 1.1.19
apple cups 1.1.20
apple cups 1.1.20
apple cups 1.1.20
apple cups 1.1.20
apple cups 1.1.20
apple cups 1.1.20
apple cups 1.1.20
apple cups 1.1.21
apple cups 1.1.21
apple cups 1.1.21
apple cups 1.1.22
apple cups 1.1.22
apple cups 1.1.22
apple cups 1.1.23
apple cups 1.1.23
apple cups 1.2.0
apple cups 1.2.1
apple cups 1.2.2
apple cups 1.2.3
apple cups 1.2.4
apple cups 1.2.5
apple cups 1.2.6
apple cups 1.2.7
apple cups 1.2.8
apple cups 1.2.9
apple cups 1.2.10
apple cups 1.2.11
apple cups 1.2.12
apple cups 1.3.0
apple cups 1.3.1
apple cups 1.3.2
apple cups 1.3.3
apple cups 1.3.4
apple cups 1.3.5
apple cups 1.3.6
apple cups 1.3.7
apple cups 1.3.8
apple cups 1.3.10
apple cups 1.3.11



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.5a:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8ABE533-8FC1-45E6-B574-A4CC7571EF7C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.7a:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B02805E-7BD0-4563-82C8-6FFB982D4913",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.91a:*:*:*:*:*:*:*",
              "matchCriteriaId": "852F526D-F388-4FF0-BDD9-DF7635DB46D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.91b:*:*:*:*:*:*:*",
              "matchCriteriaId": "478D53EA-CC8C-4ECB-8410-0910505AD819",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.91c:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C84FB90-FF1C-4502-B2D2-390438DD422F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.92a:*:*:*:*:*:*:*",
              "matchCriteriaId": "13341DAE-D16D-41A7-BF17-FEC802997B15",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.92b:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E30BAEA-231C-4A82-B014-9EE3D1E81545",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.92c:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE1DE5A5-6448-43F6-A612-56998D16E6B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.92d:*:*:*:*:*:*:*",
              "matchCriteriaId": "35F84699-D4CF-4FD1-A959-53E316559EBE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.92e:*:*:*:*:*:*:*",
              "matchCriteriaId": "D820DFD5-0EF9-4C9A-B281-D553A4F63141",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.93a:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2EFC7E4-E513-42DB-BDA5-8D1E497971DD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.93b:*:*:*:*:*:*:*",
              "matchCriteriaId": "0AA5CDDC-BFDE-4C5E-920F-5DA1B3C51B52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.93c:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4CF839D-D034-4D47-977F-7E27B36EF04F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:1.00a:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3B3E8A4-14FE-42DA-B82E-839B092B5302",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "32628280-E2DB-45E0-AB8A-CFC90419A182",
              "versionEndIncluding": "3.02",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEF5EC54-9145-4B51-8241-C9343160BF80",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D33C2C1D-C1C1-4B1D-BDC8-6480CE8EC24B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1344DF7-9917-4DB0-9256-9E8131C55B0A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "309F0CF2-4AF7-4F46-91EA-39BA07BAF312",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "36FA872B-74B8-48E4-9D5C-5ACA6FCB8026",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "20311EDE-0E34-432A-AE41-F61EA68F134A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.80:*:*:*:*:*:*:*",
              "matchCriteriaId": "16FEF460-3569-4294-ABA4-D7C251D67071",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.90:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB41E8C2-BBCC-48CB-805B-23411D39E936",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.91:*:*:*:*:*:*:*",
              "matchCriteriaId": "16670F8A-E70B-4CDF-8C61-414D86E20C84",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.92:*:*:*:*:*:*:*",
              "matchCriteriaId": "69483A91-53DB-4736-908F-7B14EFB40888",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.93:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B3E7962-0A95-4E7B-A983-683B02350B93",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:1.00:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD1120B3-3372-417B-BCA0-FD515638FBFB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:1.01:*:*:*:*:*:*:*",
              "matchCriteriaId": "F7397645-3225-4980-8465-28F93322B58B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.00:*:*:*:*:*:*:*",
              "matchCriteriaId": "1672587F-ED28-4A8A-A6C1-AD1D6B5DF9F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.01:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5A45EAF-B511-4360-A201-D588E7EEB39D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.02:*:*:*:*:*:*:*",
              "matchCriteriaId": "D14637F7-DC99-4AC4-854C-DBA0B4C6BE54",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.03:*:*:*:*:*:*:*",
              "matchCriteriaId": "9EE03979-D564-4ABD-BEBD-E86E7C1BAF9D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.00:*:*:*:*:*:*:*",
              "matchCriteriaId": "15D08CFD-BEE1-4DEE-926D-F4291F88224D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.01:*:*:*:*:*:*:*",
              "matchCriteriaId": "D244903F-5407-4C35-AE2C-1A05D3C227D4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:poppler:poppler:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0299F4A-A027-430C-9A53-AFEF9022960C",
              "versionEndIncluding": "0.10.5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E23EBF88-10DE-4EA6-9F0E-F33C88541F65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "54F75CFD-3523-4017-992C-4FA6406D49F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB116A19-6436-40BE-B5C6-32C22D888B9A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A4C1429-593B-47B6-AC84-832F2296FAB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "18240BA6-3390-4925-AC25-DA4C42397CF7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3090A142-2240-4A8D-A122-C037931A277C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EFD63240-4599-4212-8AF2-7C4089CA9D28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C7EE965-EE3F-4B17-AF38-FA3AA0B11164",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7BE488E5-B3D9-4723-ABBA-A8753EC2DA2D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1259C59E-517F-40BE-8BA6-01AB76257C9A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "63C92F1C-3005-4EA6-B9C0-2BC2E3D611D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "576152B4-9ACD-4C4E-B423-4A5EF44332D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "322F9E62-6A74-4805-8F6B-9C61739B2D4E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F51C453F-6A87-49FB-83F6-22316F28161F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "75F532F0-6653-4275-A85A-BD9A9A611E96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CC7300E-0CBE-47FD-A241-B4B4F0164EBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "255102DA-A2C0-4795-9539-B4CBD587554A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "349B06F1-772A-4A12-A7B9-EA220ED96D2C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "B779800A-FF4B-47DD-B56F-77D10D6A335C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.90:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0213390-08FA-4E04-835B-8BE0FC61B464",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.91:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B304657-740A-4F8D-99CD-22E283FEE6F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "178680C2-DB1B-4250-9B6E-6ADABA60DE44",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCA9036F-92DA-45C2-9FBC-DE03444D34F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6855B98-DAA2-4850-A765-2F4D6D93A424",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "4743EC55-B61D-4C1A-9ED7-060268F2DB27",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CD4454E-3D2B-4582-B5E5-0317A6417654",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "96402B67-A7A8-44E3-914E-A10A69FAD735",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "66C608C8-F382-4D6B-A638-98763C1CBB66",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "21F0F4E0-91B7-4B1F-BFA9-829101A7F90A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.7.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "22287102-80B1-4E1F-85E4-488B020A51E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF3030D6-DE07-418B-AB40-87C85FCA3C58",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3583D56-F653-457A-B1F8-25842A15CB82",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6EEA5DBB-5A80-439E-A135-77CB40772916",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4A5C43B-3978-4D0A-8166-A99622106781",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A940AF2-A7CA-408F-86E2-797C7BA8A6BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B2CD8A0-2DBA-4AC9-A97D-D4DAEB6C7A74",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA56CB7C-E7B3-4F0B-8BEB-F133FAF0D6FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "6323ED7A-6FE8-4885-B743-3E2F82ECA08B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "90D3345C-2D35-413C-B6F9-C308BC7C2AA6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "26216EEC-26B7-41C8-ADFB-64D2EA8DAA8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9D3618D-A183-4B09-9CA2-8D622C3486DD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.9.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A88294D9-563E-4AB3-9FE6-971F43B052B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A39F672-B238-4B21-A48E-5121771949F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "58A5D199-E952-44B5-B5E5-170040FA813E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "349B4B75-32E2-49FB-9606-8B057AFA2E3E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "55A8D058-224E-467E-AB61-06F90B541F24",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "77C47EDD-2212-4259-8229-FF05E1A7B5AD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:apple:cups:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4E90153-8D18-4A50-9581-895C851F6489",
              "versionEndIncluding": "1.3.9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4D89E03-94D0-4F7F-9A54-3021E3E5A321",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "298D6BE7-7683-4225-8DD6-4C0FC5EB48BC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "230B77E7-B1AE-4470-859D-7B5F99749D74",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8FECBBD-B1A2-4F42-8A68-32AB8331BDC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B6070FC-4566-4314-940E-0AAE34B56E28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC691F07-8B38-4867-AB18-51F380CAEA46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.5-1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E943EFBF-39A7-408F-8AC5-677E83DFDBB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.5-2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EA7725A-4398-4C76-BEBF-10E56C7F34F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7415295-0FBF-4946-8D99-8CB2EC391319",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.6-1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C702EE3-4B7C-42EA-92AA-8717807CF67C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.6-2:*:*:*:*:*:*:*",
              "matchCriteriaId": "73F74581-D71C-4FEC-BA8C-85EF4C1991BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.6-3:*:*:*:*:*:*:*",
              "matchCriteriaId": "7ABCFB52-33D3-428C-B1D5-DCE504170A37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "45F03F2B-6AC3-4872-9032-293C2E9B837C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E02B6FB-C36D-45F3-95F3-566CA03B29A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "96093309-A87D-48D0-84DA-446255ABF231",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.9-1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF67F149-614B-4507-A15F-E557A1B73423",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4A14432-D8A1-4D19-9408-B9B4F2FC6B0A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.10-1:*:*:*:*:*:*:*",
              "matchCriteriaId": "49862F77-B8DE-4AA7-AE17-B348B05AC00E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "78D7719F-03E0-4E66-A50A-F8E857A9B6AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3139FDA-9476-4414-B349-7119E63FD268",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "523FE78C-441F-4ACD-B9F2-3E5293E277AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "F887B5B1-7528-4086-AE6C-134F54A93342",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D6D24ED-0D73-4CF2-B746-6EF29F2EF56F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "E8C5C552-6276-4791-80CD-6B3EB425EF04",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "8335D4E3-563D-4288-B708-A9635BCA595F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "5279D055-248A-4BD1-9FBB-0024BA16DF5B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF791C1D-9AF8-4F0F-8F4B-844BC9A55DFD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.19:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "16519855-FCB9-44A8-9C7E-116192327BAB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.19:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "B1D9330B-C51A-4C7D-A322-85103C64D86C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.19:rc3:*:*:*:*:*:*",
              "matchCriteriaId": "2DA0C19F-95EB-429C-AF06-A2C1D5643662",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.19:rc4:*:*:*:*:*:*",
              "matchCriteriaId": "225CCE80-FF4B-4B39-B8BD-EB4710047524",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.19:rc5:*:*:*:*:*:*",
              "matchCriteriaId": "07925DD8-50C0-4908-95D1-7342A4617BBC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "48A519DB-6C6D-4094-814D-33BD5EF389BC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.20:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "B6ED7566-5092-4B08-97A9-B2B53117A224",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.20:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "98DCAC0C-896F-4353-A665-5BCD0D8AEBA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.20:rc3:*:*:*:*:*:*",
              "matchCriteriaId": "E72614CD-8F70-4E07-AD83-8FDE8026CEC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.20:rc4:*:*:*:*:*:*",
              "matchCriteriaId": "48E62419-C165-4B42-8C23-E24821BD4BB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.20:rc5:*:*:*:*:*:*",
              "matchCriteriaId": "217D804B-CA56-49CE-B9EB-2A297EB1763C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.20:rc6:*:*:*:*:*:*",
              "matchCriteriaId": "A41E8583-C837-4871-B4D2-FD41C78D538E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "D480C37B-0DA8-4096-80B0-5198FE589A4B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.21:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "74F5A83B-3C1A-49F3-A9D6-F7B9B897E447",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.21:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "241D4183-879D-4974-BACB-A6987EDA2E7D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "96592A93-4967-4B91-BCF7-558DC472E7BC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.22:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "8758715D-B973-4960-8B7D-6F9A11E73288",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.22:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "0370E9EB-B830-4362-B83C-912579695691",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA3EC6EE-720D-4F27-A2E1-88AE53FC41A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.23:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "D644926A-C2A5-45FE-85A3-2782CE87ED86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0696E675-0A13-45FC-8917-845E6FF7A311",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "78BAC98C-1FE6-42A3-8B62-E3C321914F6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "BCC3EF2F-0140-4185-9FB3-2B595B61CDC1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C36785A-F735-45C0-986B-9624AD65F0C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C1D3916-607F-44E8-9D47-93C6C0789083",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "174613C3-A04B-4701-849B-BAA598BF4F72",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "81C1137C-BE3D-45F9-83C9-D212107F0E14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CBC1F81-E93A-42A7-8BC8-4B903688F2E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FA876FF-C58A-45CF-A8E8-E2068DF79421",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.2.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "5FD78771-BD9A-4AC2-B664-B189DD288FB2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.2.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "50A16424-732F-4B76-A753-1642A97BC1EA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.2.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "E189C976-2DD2-485C-828E-7FC3DC6A8F32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.2.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "A86CA90F-A944-4F3E-B75F-8147125335D2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FAFABDC-E40F-4C53-AC66-94EFD077665D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "42A2F7B3-F4A7-416E-A07F-D4C5F0768B6F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F96C1B80-9E20-4832-8308-BF7911569EF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F2D7DB3-F467-4BC0-83BB-4706D067A2C5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABD33C2C-7D39-4CCE-AC99-BC7B1B205A4F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "46C394DC-65A7-4713-B823-6F5D329A0C5C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5E9F74F-3C7D-486A-8BA1-EE2A73160B39",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "69BD64BB-BDA7-4F82-8324-B7C7C941133C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCAEE03E-0B8A-4D10-BD4D-2DA25B7BBE16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.3.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8814509-8B08-46C6-AE50-19B7D30DCF40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "0718FB6B-D787-409A-B535-0318F2C63A81",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple buffer overflows in the JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allow remote attackers to execute arbitrary code via a crafted PDF file."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples desbordamientos del b\u00fafer en el decodificador JBIG2 MMR en Xpdf versi\u00f3n 3.02 PL2 y anteriores, CUPS versi\u00f3n 1.3.9 y anteriores, Poppler versi\u00f3n anterior a 0.10.6, y otros productos, permiten a los atacantes remotos ejecutar c\u00f3digo arbitrario por medio de un archivo PDF creado."
    }
  ],
  "id": "CVE-2009-1182",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": true,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2009-04-23T17:30:01.813",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://poppler.freedesktop.org/releases.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34291"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34481"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34746"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34755"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34756"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34852"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34959"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34963"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34991"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35037"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35064"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35065"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35618"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35685"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2009/dsa-1790"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2009/dsa-1793"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/196617"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/bid/34568"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securitytracker.com/id?1022073"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/1065"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/1066"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/1076"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/1077"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2010/1040"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=495896"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10735"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://poppler.freedesktop.org/releases.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34291"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34481"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34746"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34755"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34756"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34852"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34959"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34963"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34991"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35037"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35064"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35065"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35618"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35685"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2009/dsa-1790"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2009/dsa-1793"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/196617"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/34568"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1022073"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/1065"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/1066"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/1076"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/1077"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2010/1040"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=495896"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10735"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2009-11-13 16:30
Modified
2025-04-09 00:30
Severity ?
Summary
Buffer overflow in the ABWOutputDev::endWord function in poppler/ABWOutputDev.cc in Poppler (aka libpoppler) 0.10.6, 0.12.0, and possibly other versions, as used by the Abiword pdftoabw utility, allows user-assisted remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted PDF file.
Impacted products
Vendor Product Version
poppler poppler 0.10.6
poppler poppler 0.12.0



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E4427C5-DBF0-4EF9-8B7A-61D56C14E3FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.12.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "14D812D5-BC8B-4907-AA70-F8D7F982A8DD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Buffer overflow in the ABWOutputDev::endWord function in poppler/ABWOutputDev.cc in Poppler (aka libpoppler) 0.10.6, 0.12.0, and possibly other versions, as used by the Abiword pdftoabw utility, allows user-assisted remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted PDF file."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de b\u00fafer en la funci\u00f3n ABWOutputDev::endWord en poppler/ABWOutputDev.cc en Poppler (alias libpoppler) 0.10.6, 0.12.0 y posiblemente otras versiones, tal como se usa en la utilidad Abiword pdftoabw, permite a atacantes remotos asistidos por el usuario provocar una denegaci\u00f3n de servicio y posiblemente ejecutar c\u00f3digo de su elecci\u00f3n mediante un fichero PDF manipulado."
    }
  ],
  "id": "CVE-2009-3938",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.8,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2009-11-13T16:30:00.297",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ],
      "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=534680"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://bugs.freedesktop.org/attachment.cgi?id=30599\u0026action=edit"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ],
      "url": "http://bugs.freedesktop.org/show_bug.cgi?id=23074"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/37333"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.debian.org/security/2009/dsa-1941"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/36976"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/3227"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54215"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=534680"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://bugs.freedesktop.org/attachment.cgi?id=30599\u0026action=edit"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://bugs.freedesktop.org/show_bug.cgi?id=23074"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/37333"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2009/dsa-1941"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/36976"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/3227"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54215"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vendorComments": [
    {
      "comment": "Not vulnerable. This issue did not affect the versions of poppler as shipped with Red Hat Enterprise Linux 5.\n",
      "lastModified": "2009-11-23T00:00:00",
      "organization": "Red Hat"
    }
  ],
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2009-04-23 19:30
Modified
2025-04-09 00:30
Severity ?
Summary
Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, as used in Poppler and other products, when running on Mac OS X, has unspecified impact, related to "g*allocn."
References
cve@mitre.orghttp://bugs.gentoo.org/show_bug.cgi?id=263028Patch
cve@mitre.orghttp://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html
cve@mitre.orghttp://lists.apple.com/archives/security-announce/2009/May/msg00002.html
cve@mitre.orghttp://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html
cve@mitre.orghttp://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html
cve@mitre.orghttp://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html
cve@mitre.orghttp://secunia.com/advisories/34852
cve@mitre.orghttp://secunia.com/advisories/34959
cve@mitre.orghttp://secunia.com/advisories/34991
cve@mitre.orghttp://secunia.com/advisories/35037
cve@mitre.orghttp://secunia.com/advisories/35065
cve@mitre.orghttp://secunia.com/advisories/35074
cve@mitre.orghttp://secunia.com/advisories/35685
cve@mitre.orghttp://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.578477
cve@mitre.orghttp://support.apple.com/kb/HT3549
cve@mitre.orghttp://support.apple.com/kb/HT3639
cve@mitre.orghttp://www.debian.org/security/2009/dsa-1790
cve@mitre.orghttp://www.debian.org/security/2009/dsa-1793
cve@mitre.orghttp://www.mandriva.com/security/advisories?name=MDVSA-2009:101
cve@mitre.orghttp://www.securityfocus.com/bid/34568
cve@mitre.orghttp://www.us-cert.gov/cas/techalerts/TA09-133A.htmlUS Government Resource
cve@mitre.orghttp://www.vupen.com/english/advisories/2009/1297
cve@mitre.orghttp://www.vupen.com/english/advisories/2009/1621
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/50377
af854a3a-2127-422b-91ae-364da2661108http://bugs.gentoo.org/show_bug.cgi?id=263028Patch
af854a3a-2127-422b-91ae-364da2661108http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html
af854a3a-2127-422b-91ae-364da2661108http://lists.apple.com/archives/security-announce/2009/May/msg00002.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/34852
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/34959
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/34991
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/35037
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/35065
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/35074
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/35685
af854a3a-2127-422b-91ae-364da2661108http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.578477
af854a3a-2127-422b-91ae-364da2661108http://support.apple.com/kb/HT3549
af854a3a-2127-422b-91ae-364da2661108http://support.apple.com/kb/HT3639
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2009/dsa-1790
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2009/dsa-1793
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2009:101
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/34568
af854a3a-2127-422b-91ae-364da2661108http://www.us-cert.gov/cas/techalerts/TA09-133A.htmlUS Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2009/1297
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2009/1621
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/50377



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.5a:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8ABE533-8FC1-45E6-B574-A4CC7571EF7C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.7a:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B02805E-7BD0-4563-82C8-6FFB982D4913",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.91a:*:*:*:*:*:*:*",
              "matchCriteriaId": "852F526D-F388-4FF0-BDD9-DF7635DB46D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.91b:*:*:*:*:*:*:*",
              "matchCriteriaId": "478D53EA-CC8C-4ECB-8410-0910505AD819",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.91c:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C84FB90-FF1C-4502-B2D2-390438DD422F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.92a:*:*:*:*:*:*:*",
              "matchCriteriaId": "13341DAE-D16D-41A7-BF17-FEC802997B15",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.92b:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E30BAEA-231C-4A82-B014-9EE3D1E81545",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.92c:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE1DE5A5-6448-43F6-A612-56998D16E6B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.92d:*:*:*:*:*:*:*",
              "matchCriteriaId": "35F84699-D4CF-4FD1-A959-53E316559EBE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.92e:*:*:*:*:*:*:*",
              "matchCriteriaId": "D820DFD5-0EF9-4C9A-B281-D553A4F63141",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.93a:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2EFC7E4-E513-42DB-BDA5-8D1E497971DD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.93b:*:*:*:*:*:*:*",
              "matchCriteriaId": "0AA5CDDC-BFDE-4C5E-920F-5DA1B3C51B52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.93c:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4CF839D-D034-4D47-977F-7E27B36EF04F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:1.00a:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3B3E8A4-14FE-42DA-B82E-839B092B5302",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:3.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "52D79ABD-202F-464F-B6C3-B225FD37DD3F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "32628280-E2DB-45E0-AB8A-CFC90419A182",
              "versionEndIncluding": "3.02",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEF5EC54-9145-4B51-8241-C9343160BF80",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D33C2C1D-C1C1-4B1D-BDC8-6480CE8EC24B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1344DF7-9917-4DB0-9256-9E8131C55B0A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "309F0CF2-4AF7-4F46-91EA-39BA07BAF312",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "36FA872B-74B8-48E4-9D5C-5ACA6FCB8026",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "20311EDE-0E34-432A-AE41-F61EA68F134A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.80:*:*:*:*:*:*:*",
              "matchCriteriaId": "16FEF460-3569-4294-ABA4-D7C251D67071",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.90:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB41E8C2-BBCC-48CB-805B-23411D39E936",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.91:*:*:*:*:*:*:*",
              "matchCriteriaId": "16670F8A-E70B-4CDF-8C61-414D86E20C84",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.92:*:*:*:*:*:*:*",
              "matchCriteriaId": "69483A91-53DB-4736-908F-7B14EFB40888",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.93:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B3E7962-0A95-4E7B-A983-683B02350B93",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:1.00:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD1120B3-3372-417B-BCA0-FD515638FBFB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:1.01:*:*:*:*:*:*:*",
              "matchCriteriaId": "F7397645-3225-4980-8465-28F93322B58B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.00:*:*:*:*:*:*:*",
              "matchCriteriaId": "1672587F-ED28-4A8A-A6C1-AD1D6B5DF9F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.01:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5A45EAF-B511-4360-A201-D588E7EEB39D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.02:*:*:*:*:*:*:*",
              "matchCriteriaId": "D14637F7-DC99-4AC4-854C-DBA0B4C6BE54",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.03:*:*:*:*:*:*:*",
              "matchCriteriaId": "9EE03979-D564-4ABD-BEBD-E86E7C1BAF9D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.00:*:*:*:*:*:*:*",
              "matchCriteriaId": "15D08CFD-BEE1-4DEE-926D-F4291F88224D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.01:*:*:*:*:*:*:*",
              "matchCriteriaId": "D244903F-5407-4C35-AE2C-1A05D3C227D4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:poppler:poppler:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9A63FAB9-7E4D-4D2D-808B-F96F2015BF63",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, as used in Poppler and other products, when running on Mac OS X, has unspecified impact, related to \"g*allocn.\""
    },
    {
      "lang": "es",
      "value": "Desbordamiento de entero en el decodificador JBIG2 en Xpdf v3.02p12 y anteriores, como se utiliza en Poppler y otros productos, cuando corre en Mac OS X, tiene un impacto desconocido, relacionado con \"g*allocn.\""
    }
  ],
  "id": "CVE-2009-0165",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": true,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2009-04-23T19:30:00.500",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://bugs.gentoo.org/show_bug.cgi?id=263028"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/34852"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/34959"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/34991"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/35037"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/35065"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/35074"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/35685"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://support.apple.com/kb/HT3549"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://support.apple.com/kb/HT3639"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.debian.org/security/2009/dsa-1790"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.debian.org/security/2009/dsa-1793"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/34568"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2009/1297"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2009/1621"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50377"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://bugs.gentoo.org/show_bug.cgi?id=263028"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/34852"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/34959"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/34991"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/35037"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/35065"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/35074"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/35685"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.apple.com/kb/HT3549"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.apple.com/kb/HT3639"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2009/dsa-1790"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2009/dsa-1793"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/34568"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2009/1297"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2009/1621"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50377"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-189"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2010-11-05 18:00
Modified
2025-04-11 00:51
Severity ?
Summary
The FoFiType1::parse function in fofi/FoFiType1.cc in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, kdegraphics, and possibly other products allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a PDF file with a crafted PostScript Type1 font that contains a negative array index, which bypasses input validation and triggers memory corruption.
References
secalert@redhat.comftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl5.patchPatch
secalert@redhat.comhttp://cgit.freedesktop.org/poppler/poppler/commit/?id=39d140bfc0b8239bdd96d6a55842034ae5c05473Patch
secalert@redhat.comhttp://lists.fedoraproject.org/pipermail/package-announce/2010-November/050268.html
secalert@redhat.comhttp://lists.fedoraproject.org/pipermail/package-announce/2010-November/050285.html
secalert@redhat.comhttp://lists.fedoraproject.org/pipermail/package-announce/2010-November/050390.html
secalert@redhat.comhttp://lists.fedoraproject.org/pipermail/package-announce/2010-October/049392.html
secalert@redhat.comhttp://lists.fedoraproject.org/pipermail/package-announce/2010-October/049523.html
secalert@redhat.comhttp://lists.fedoraproject.org/pipermail/package-announce/2010-October/049545.html
secalert@redhat.comhttp://lists.opensuse.org/opensuse-security-announce/2010-11/msg00006.html
secalert@redhat.comhttp://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html
secalert@redhat.comhttp://rhn.redhat.com/errata/RHSA-2012-1201.html
secalert@redhat.comhttp://secunia.com/advisories/42141
secalert@redhat.comhttp://secunia.com/advisories/42357
secalert@redhat.comhttp://secunia.com/advisories/42397
secalert@redhat.comhttp://secunia.com/advisories/42691
secalert@redhat.comhttp://secunia.com/advisories/43079
secalert@redhat.comhttp://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.571720
secalert@redhat.comhttp://www.debian.org/security/2010/dsa-2119
secalert@redhat.comhttp://www.debian.org/security/2010/dsa-2135
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDVSA-2010:228
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDVSA-2010:229
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDVSA-2010:230
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDVSA-2010:231
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDVSA-2012:144
secalert@redhat.comhttp://www.openoffice.org/security/cves/CVE-2010-3702_CVE-2010-3704.html
secalert@redhat.comhttp://www.openwall.com/lists/oss-security/2010/10/04/6
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2010-0749.html
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2010-0751.html
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2010-0752.html
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2010-0753.html
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2010-0859.html
secalert@redhat.comhttp://www.securityfocus.com/bid/43841
secalert@redhat.comhttp://www.ubuntu.com/usn/USN-1005-1
secalert@redhat.comhttp://www.vupen.com/english/advisories/2010/2897
secalert@redhat.comhttp://www.vupen.com/english/advisories/2010/3097
secalert@redhat.comhttp://www.vupen.com/english/advisories/2011/0230
secalert@redhat.comhttps://bugzilla.redhat.com/show_bug.cgi?id=638960
af854a3a-2127-422b-91ae-364da2661108ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl5.patchPatch
af854a3a-2127-422b-91ae-364da2661108http://cgit.freedesktop.org/poppler/poppler/commit/?id=39d140bfc0b8239bdd96d6a55842034ae5c05473Patch
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050268.html
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050285.html
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050390.html
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049392.html
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049523.html
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049545.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00006.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2012-1201.html
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/42141
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/42357
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/42397
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/42691
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/43079
af854a3a-2127-422b-91ae-364da2661108http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.571720
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2010/dsa-2119
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2010/dsa-2135
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2010:228
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2010:229
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2010:230
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2010:231
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2012:144
af854a3a-2127-422b-91ae-364da2661108http://www.openoffice.org/security/cves/CVE-2010-3702_CVE-2010-3704.html
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2010/10/04/6
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2010-0749.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2010-0751.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2010-0752.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2010-0753.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2010-0859.html
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/43841
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/USN-1005-1
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2010/2897
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2010/3097
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2011/0230
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.redhat.com/show_bug.cgi?id=638960
Impacted products
Vendor Product Version
poppler poppler 0.8.7
poppler poppler 0.9.0
poppler poppler 0.9.1
poppler poppler 0.9.2
poppler poppler 0.9.3
poppler poppler 0.10.0
poppler poppler 0.10.1
poppler poppler 0.10.2
poppler poppler 0.10.3
poppler poppler 0.10.4
poppler poppler 0.10.5
poppler poppler 0.10.6
poppler poppler 0.10.7
poppler poppler 0.11.0
poppler poppler 0.11.1
poppler poppler 0.11.2
poppler poppler 0.11.3
poppler poppler 0.12.0
poppler poppler 0.12.1
poppler poppler 0.12.2
poppler poppler 0.12.3
poppler poppler 0.12.4
poppler poppler 0.13.0
poppler poppler 0.13.1
poppler poppler 0.13.2
poppler poppler 0.13.3
poppler poppler 0.13.4
poppler poppler 0.14.0
poppler poppler 0.14.1
poppler poppler 0.14.2
poppler poppler 0.14.3
poppler poppler 0.14.4
poppler poppler 0.14.5
poppler poppler 0.15.0
poppler poppler 0.15.1
foolabs xpdf 0.5a
foolabs xpdf 0.7a
foolabs xpdf 0.91a
foolabs xpdf 0.91b
foolabs xpdf 0.91c
foolabs xpdf 0.92a
foolabs xpdf 0.92b
foolabs xpdf 0.92c
foolabs xpdf 0.92d
foolabs xpdf 0.92e
foolabs xpdf 0.93a
foolabs xpdf 0.93b
foolabs xpdf 0.93c
foolabs xpdf 1.00a
foolabs xpdf 3.0.1
foolabs xpdf 3.02pl1
foolabs xpdf 3.02pl2
foolabs xpdf 3.02pl3
glyphandcog xpdfreader *
glyphandcog xpdfreader 0.2
glyphandcog xpdfreader 0.3
glyphandcog xpdfreader 0.4
glyphandcog xpdfreader 0.5
glyphandcog xpdfreader 0.6
glyphandcog xpdfreader 0.7
glyphandcog xpdfreader 0.80
glyphandcog xpdfreader 0.90
glyphandcog xpdfreader 0.91
glyphandcog xpdfreader 0.92
glyphandcog xpdfreader 0.93
glyphandcog xpdfreader 1.00
glyphandcog xpdfreader 1.01
glyphandcog xpdfreader 2.00
glyphandcog xpdfreader 2.01
glyphandcog xpdfreader 2.02
glyphandcog xpdfreader 2.03
glyphandcog xpdfreader 3.00
glyphandcog xpdfreader 3.01
glyphandcog xpdfreader 3.02
kde kdegraphics *



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "6323ED7A-6FE8-4885-B743-3E2F82ECA08B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "90D3345C-2D35-413C-B6F9-C308BC7C2AA6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "26216EEC-26B7-41C8-ADFB-64D2EA8DAA8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9D3618D-A183-4B09-9CA2-8D622C3486DD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.9.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A88294D9-563E-4AB3-9FE6-971F43B052B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A39F672-B238-4B21-A48E-5121771949F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "58A5D199-E952-44B5-B5E5-170040FA813E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "349B4B75-32E2-49FB-9606-8B057AFA2E3E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "55A8D058-224E-467E-AB61-06F90B541F24",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "77C47EDD-2212-4259-8229-FF05E1A7B5AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "C52995D0-0986-427F-B37D-2F6726EA330D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E4427C5-DBF0-4EF9-8B7A-61D56C14E3FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "B91206CA-7EBE-4E64-9A49-D7EC0D051012",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.11.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BFD43644-7F02-42AF-8EC3-C326A13E2F89",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.11.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "81FE2E6F-44B2-42D5-B986-D1FE2B510968",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.11.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A605079-3705-4E2C-8F6D-C21B4D875817",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.11.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3ABBD590-8092-4920-BBC7-F3ACB9CCC900",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.12.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "14D812D5-BC8B-4907-AA70-F8D7F982A8DD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.12.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E25003C-04CE-401F-B012-F2E13DC8E8C0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.12.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "189FE6D1-C001-4D43-BFD2-B8421C6FAB06",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.12.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "CAF3866C-09D2-4564-A7AE-2C49A5E8480C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.12.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "A43C280F-A571-4EF9-B301-244B05750933",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.13.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D37AC0D5-6811-4FE2-83BB-FEF44B228645",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.13.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2B24274-2F2F-4F3A-8978-390BF69EF0AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.13.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "14959178-17D0-4794-867F-AB62501EEF24",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.13.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1129356-C0B0-4130-A1EF-888B02783317",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.13.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CD0FA23-F797-4FB5-85AD-29AED926E02D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.14.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "77B06D79-50AD-49D0-B372-25CA226EEA80",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.14.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A34735C6-2738-4CCC-9322-8F7584AB616D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.14.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "339A5BC3-7AED-4912-B6D3-BBD5FBF4AA02",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.14.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "325750AA-5E10-457E-88E8-439DFB81FE1E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.14.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "235861C5-B126-4A27-A51F-94568DBA5FBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.14.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "0EE3D5F0-DA69-453A-9729-03FD1151D94E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.15.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "83E52568-A112-4533-9CFA-55D35F40AA9A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.15.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "38A9C7A2-DAC5-4334-9A88-CF9085A34186",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.5a:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8ABE533-8FC1-45E6-B574-A4CC7571EF7C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.7a:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B02805E-7BD0-4563-82C8-6FFB982D4913",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.91a:*:*:*:*:*:*:*",
              "matchCriteriaId": "852F526D-F388-4FF0-BDD9-DF7635DB46D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.91b:*:*:*:*:*:*:*",
              "matchCriteriaId": "478D53EA-CC8C-4ECB-8410-0910505AD819",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.91c:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C84FB90-FF1C-4502-B2D2-390438DD422F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.92a:*:*:*:*:*:*:*",
              "matchCriteriaId": "13341DAE-D16D-41A7-BF17-FEC802997B15",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.92b:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E30BAEA-231C-4A82-B014-9EE3D1E81545",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.92c:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE1DE5A5-6448-43F6-A612-56998D16E6B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.92d:*:*:*:*:*:*:*",
              "matchCriteriaId": "35F84699-D4CF-4FD1-A959-53E316559EBE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.92e:*:*:*:*:*:*:*",
              "matchCriteriaId": "D820DFD5-0EF9-4C9A-B281-D553A4F63141",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.93a:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2EFC7E4-E513-42DB-BDA5-8D1E497971DD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.93b:*:*:*:*:*:*:*",
              "matchCriteriaId": "0AA5CDDC-BFDE-4C5E-920F-5DA1B3C51B52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.93c:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4CF839D-D034-4D47-977F-7E27B36EF04F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:1.00a:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3B3E8A4-14FE-42DA-B82E-839B092B5302",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:3.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "52D79ABD-202F-464F-B6C3-B225FD37DD3F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:3.02pl1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BC500DA-7B3F-4CD5-BB0E-B244000CD19D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:3.02pl2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D5D9CEA-0707-46FC-AEC3-9EC540B22BC3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:3.02pl3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD38AC59-7518-40FB-BC29-EC64142DE682",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "32628280-E2DB-45E0-AB8A-CFC90419A182",
              "versionEndIncluding": "3.02",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEF5EC54-9145-4B51-8241-C9343160BF80",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D33C2C1D-C1C1-4B1D-BDC8-6480CE8EC24B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1344DF7-9917-4DB0-9256-9E8131C55B0A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "309F0CF2-4AF7-4F46-91EA-39BA07BAF312",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "36FA872B-74B8-48E4-9D5C-5ACA6FCB8026",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "20311EDE-0E34-432A-AE41-F61EA68F134A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.80:*:*:*:*:*:*:*",
              "matchCriteriaId": "16FEF460-3569-4294-ABA4-D7C251D67071",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.90:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB41E8C2-BBCC-48CB-805B-23411D39E936",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.91:*:*:*:*:*:*:*",
              "matchCriteriaId": "16670F8A-E70B-4CDF-8C61-414D86E20C84",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.92:*:*:*:*:*:*:*",
              "matchCriteriaId": "69483A91-53DB-4736-908F-7B14EFB40888",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.93:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B3E7962-0A95-4E7B-A983-683B02350B93",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:1.00:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD1120B3-3372-417B-BCA0-FD515638FBFB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:1.01:*:*:*:*:*:*:*",
              "matchCriteriaId": "F7397645-3225-4980-8465-28F93322B58B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.00:*:*:*:*:*:*:*",
              "matchCriteriaId": "1672587F-ED28-4A8A-A6C1-AD1D6B5DF9F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.01:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5A45EAF-B511-4360-A201-D588E7EEB39D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.02:*:*:*:*:*:*:*",
              "matchCriteriaId": "D14637F7-DC99-4AC4-854C-DBA0B4C6BE54",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.03:*:*:*:*:*:*:*",
              "matchCriteriaId": "9EE03979-D564-4ABD-BEBD-E86E7C1BAF9D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.00:*:*:*:*:*:*:*",
              "matchCriteriaId": "15D08CFD-BEE1-4DEE-926D-F4291F88224D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.01:*:*:*:*:*:*:*",
              "matchCriteriaId": "D244903F-5407-4C35-AE2C-1A05D3C227D4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.02:*:*:*:*:*:*:*",
              "matchCriteriaId": "F7D4E256-FF91-47BA-B1D4-940FB2D970AF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:kdegraphics:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A0E0FC3-B53F-462D-8562-D2464BB111E2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The FoFiType1::parse function in fofi/FoFiType1.cc in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, kdegraphics, and possibly other products allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a PDF file with a crafted PostScript Type1 font that contains a negative array index, which bypasses input validation and triggers memory corruption."
    },
    {
      "lang": "es",
      "value": "La funci\u00f3n FoFiType1::parse en fofi/FoFiType1.cc del parseador de PDF de xpdf antes de v3.02pl5, poppler v0.8.7 y posiblemente otras versiones hasta v0.15.1, kdegraphics, y posiblemente otros productos, permite a atacantes dependientes del contexto provocar una denegaci\u00f3n de servicio (ca\u00edda de la aplicaci\u00f3n) y posiblemente ejecutar c\u00f3digo arbitrario mediante un archivo PDF con una fuente Type1 modificada que contiene un \u00edndice de matriz negativo, el cual se salta la validaci\u00f3n de entrada y que provoca una corrupci\u00f3n de memoria."
    }
  ],
  "id": "CVE-2010-3704",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.8,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2010-11-05T18:00:25.983",
  "references": [
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl5.patch"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=39d140bfc0b8239bdd96d6a55842034ae5c05473"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050268.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050285.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050390.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049392.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049523.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049545.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00006.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://rhn.redhat.com/errata/RHSA-2012-1201.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/42141"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/42357"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/42397"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/42691"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/43079"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2010\u0026m=slackware-security.571720"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2010/dsa-2119"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2010/dsa-2135"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:228"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:229"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:230"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:231"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:144"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.openoffice.org/security/cves/CVE-2010-3702_CVE-2010-3704.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.openwall.com/lists/oss-security/2010/10/04/6"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2010-0749.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2010-0751.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2010-0752.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2010-0753.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2010-0859.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/bid/43841"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.ubuntu.com/usn/USN-1005-1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2010/2897"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2010/3097"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2011/0230"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=638960"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl5.patch"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=39d140bfc0b8239bdd96d6a55842034ae5c05473"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050268.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050285.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050390.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049392.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049523.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049545.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00006.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://rhn.redhat.com/errata/RHSA-2012-1201.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/42141"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/42357"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/42397"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/42691"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/43079"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2010\u0026m=slackware-security.571720"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2010/dsa-2119"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2010/dsa-2135"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:228"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:229"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:230"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:231"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:144"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openoffice.org/security/cves/CVE-2010-3702_CVE-2010-3704.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2010/10/04/6"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2010-0749.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2010-0751.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2010-0752.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2010-0753.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2010-0859.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/43841"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/USN-1005-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2010/2897"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2010/3097"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2011/0230"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=638960"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2009-04-23 17:30
Modified
2025-04-09 00:30
Severity ?
Summary
Multiple "input validation flaws" in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allow remote attackers to execute arbitrary code via a crafted PDF file.
References
secalert@redhat.comhttp://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html
secalert@redhat.comhttp://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html
secalert@redhat.comhttp://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html
secalert@redhat.comhttp://poppler.freedesktop.org/releases.html
secalert@redhat.comhttp://rhn.redhat.com/errata/RHSA-2009-0458.html
secalert@redhat.comhttp://secunia.com/advisories/34291Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/34481Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/34746Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/34755Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/34756Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/34852Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/34959Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/34963Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/34991Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/35037Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/35064Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/35065Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/35618Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/35685
secalert@redhat.comhttp://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.578477
secalert@redhat.comhttp://www.debian.org/security/2009/dsa-1790
secalert@redhat.comhttp://www.debian.org/security/2009/dsa-1793
secalert@redhat.comhttp://www.kb.cert.org/vuls/id/196617US Government Resource
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDVSA-2009:101
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDVSA-2010:087
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDVSA-2011:175
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2009-0429.html
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2009-0430.html
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2009-0431.html
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2009-0480.html
secalert@redhat.comhttp://www.securityfocus.com/bid/34568
secalert@redhat.comhttp://www.securitytracker.com/id?1022073
secalert@redhat.comhttp://www.vupen.com/english/advisories/2009/1065Vendor Advisory
secalert@redhat.comhttp://www.vupen.com/english/advisories/2009/1066Vendor Advisory
secalert@redhat.comhttp://www.vupen.com/english/advisories/2009/1076Vendor Advisory
secalert@redhat.comhttp://www.vupen.com/english/advisories/2009/1077Vendor Advisory
secalert@redhat.comhttp://www.vupen.com/english/advisories/2010/1040Vendor Advisory
secalert@redhat.comhttps://bugzilla.redhat.com/show_bug.cgi?id=495887
secalert@redhat.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11323
secalert@redhat.comhttps://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html
secalert@redhat.comhttps://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html
secalert@redhat.comhttps://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html
af854a3a-2127-422b-91ae-364da2661108http://poppler.freedesktop.org/releases.html
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2009-0458.html
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/34291Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/34481Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/34746Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/34755Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/34756Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/34852Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/34959Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/34963Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/34991Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/35037Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/35064Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/35065Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/35618Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/35685
af854a3a-2127-422b-91ae-364da2661108http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.578477
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2009/dsa-1790
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2009/dsa-1793
af854a3a-2127-422b-91ae-364da2661108http://www.kb.cert.org/vuls/id/196617US Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2009:101
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2010:087
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2011:175
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2009-0429.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2009-0430.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2009-0431.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2009-0480.html
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/34568
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1022073
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2009/1065Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2009/1066Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2009/1076Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2009/1077Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2010/1040Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.redhat.com/show_bug.cgi?id=495887
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11323
af854a3a-2127-422b-91ae-364da2661108https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html
af854a3a-2127-422b-91ae-364da2661108https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html
af854a3a-2127-422b-91ae-364da2661108https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html
Impacted products
Vendor Product Version
foolabs xpdf 0.5a
foolabs xpdf 0.7a
foolabs xpdf 0.91a
foolabs xpdf 0.91b
foolabs xpdf 0.91c
foolabs xpdf 0.92a
foolabs xpdf 0.92b
foolabs xpdf 0.92c
foolabs xpdf 0.92d
foolabs xpdf 0.92e
foolabs xpdf 0.93a
foolabs xpdf 0.93b
foolabs xpdf 0.93c
foolabs xpdf 1.00a
glyphandcog xpdfreader *
glyphandcog xpdfreader 0.2
glyphandcog xpdfreader 0.3
glyphandcog xpdfreader 0.4
glyphandcog xpdfreader 0.5
glyphandcog xpdfreader 0.6
glyphandcog xpdfreader 0.7
glyphandcog xpdfreader 0.80
glyphandcog xpdfreader 0.90
glyphandcog xpdfreader 0.91
glyphandcog xpdfreader 0.92
glyphandcog xpdfreader 0.93
glyphandcog xpdfreader 1.00
glyphandcog xpdfreader 1.01
glyphandcog xpdfreader 2.00
glyphandcog xpdfreader 2.01
glyphandcog xpdfreader 2.02
glyphandcog xpdfreader 2.03
glyphandcog xpdfreader 3.00
glyphandcog xpdfreader 3.01
poppler poppler *
poppler poppler 0.1
poppler poppler 0.1.1
poppler poppler 0.1.2
poppler poppler 0.2.0
poppler poppler 0.3.0
poppler poppler 0.3.1
poppler poppler 0.3.2
poppler poppler 0.3.3
poppler poppler 0.4.0
poppler poppler 0.4.1
poppler poppler 0.4.2
poppler poppler 0.4.3
poppler poppler 0.4.4
poppler poppler 0.5.0
poppler poppler 0.5.1
poppler poppler 0.5.2
poppler poppler 0.5.3
poppler poppler 0.5.4
poppler poppler 0.5.9
poppler poppler 0.5.90
poppler poppler 0.5.91
poppler poppler 0.6.0
poppler poppler 0.6.1
poppler poppler 0.6.2
poppler poppler 0.6.3
poppler poppler 0.6.4
poppler poppler 0.7.0
poppler poppler 0.7.1
poppler poppler 0.7.2
poppler poppler 0.7.3
poppler poppler 0.8.0
poppler poppler 0.8.1
poppler poppler 0.8.2
poppler poppler 0.8.3
poppler poppler 0.8.4
poppler poppler 0.8.5
poppler poppler 0.8.6
poppler poppler 0.8.7
poppler poppler 0.9.0
poppler poppler 0.9.1
poppler poppler 0.9.2
poppler poppler 0.9.3
poppler poppler 0.10.0
poppler poppler 0.10.1
poppler poppler 0.10.2
poppler poppler 0.10.3
poppler poppler 0.10.4
apple cups *
apple cups 1.1
apple cups 1.1.1
apple cups 1.1.2
apple cups 1.1.3
apple cups 1.1.4
apple cups 1.1.5
apple cups 1.1.5-1
apple cups 1.1.5-2
apple cups 1.1.6
apple cups 1.1.6-1
apple cups 1.1.6-2
apple cups 1.1.6-3
apple cups 1.1.7
apple cups 1.1.8
apple cups 1.1.9
apple cups 1.1.9-1
apple cups 1.1.10
apple cups 1.1.10-1
apple cups 1.1.11
apple cups 1.1.12
apple cups 1.1.13
apple cups 1.1.14
apple cups 1.1.15
apple cups 1.1.16
apple cups 1.1.17
apple cups 1.1.18
apple cups 1.1.19
apple cups 1.1.19
apple cups 1.1.19
apple cups 1.1.19
apple cups 1.1.19
apple cups 1.1.19
apple cups 1.1.20
apple cups 1.1.20
apple cups 1.1.20
apple cups 1.1.20
apple cups 1.1.20
apple cups 1.1.20
apple cups 1.1.20
apple cups 1.1.21
apple cups 1.1.21
apple cups 1.1.21
apple cups 1.1.22
apple cups 1.1.22
apple cups 1.1.22
apple cups 1.1.23
apple cups 1.1.23
apple cups 1.2.0
apple cups 1.2.1
apple cups 1.2.2
apple cups 1.2.3
apple cups 1.2.4
apple cups 1.2.5
apple cups 1.2.6
apple cups 1.2.7
apple cups 1.2.8
apple cups 1.2.9
apple cups 1.2.10
apple cups 1.2.11
apple cups 1.2.12
apple cups 1.3.0
apple cups 1.3.1
apple cups 1.3.2
apple cups 1.3.3
apple cups 1.3.4
apple cups 1.3.5
apple cups 1.3.6
apple cups 1.3.7
apple cups 1.3.8
apple cups 1.3.10
apple cups 1.3.11



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.5a:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8ABE533-8FC1-45E6-B574-A4CC7571EF7C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.7a:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B02805E-7BD0-4563-82C8-6FFB982D4913",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.91a:*:*:*:*:*:*:*",
              "matchCriteriaId": "852F526D-F388-4FF0-BDD9-DF7635DB46D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.91b:*:*:*:*:*:*:*",
              "matchCriteriaId": "478D53EA-CC8C-4ECB-8410-0910505AD819",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.91c:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C84FB90-FF1C-4502-B2D2-390438DD422F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.92a:*:*:*:*:*:*:*",
              "matchCriteriaId": "13341DAE-D16D-41A7-BF17-FEC802997B15",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.92b:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E30BAEA-231C-4A82-B014-9EE3D1E81545",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.92c:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE1DE5A5-6448-43F6-A612-56998D16E6B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.92d:*:*:*:*:*:*:*",
              "matchCriteriaId": "35F84699-D4CF-4FD1-A959-53E316559EBE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.92e:*:*:*:*:*:*:*",
              "matchCriteriaId": "D820DFD5-0EF9-4C9A-B281-D553A4F63141",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.93a:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2EFC7E4-E513-42DB-BDA5-8D1E497971DD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.93b:*:*:*:*:*:*:*",
              "matchCriteriaId": "0AA5CDDC-BFDE-4C5E-920F-5DA1B3C51B52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:0.93c:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4CF839D-D034-4D47-977F-7E27B36EF04F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:1.00a:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3B3E8A4-14FE-42DA-B82E-839B092B5302",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "32628280-E2DB-45E0-AB8A-CFC90419A182",
              "versionEndIncluding": "3.02",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEF5EC54-9145-4B51-8241-C9343160BF80",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D33C2C1D-C1C1-4B1D-BDC8-6480CE8EC24B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1344DF7-9917-4DB0-9256-9E8131C55B0A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "309F0CF2-4AF7-4F46-91EA-39BA07BAF312",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "36FA872B-74B8-48E4-9D5C-5ACA6FCB8026",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "20311EDE-0E34-432A-AE41-F61EA68F134A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.80:*:*:*:*:*:*:*",
              "matchCriteriaId": "16FEF460-3569-4294-ABA4-D7C251D67071",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.90:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB41E8C2-BBCC-48CB-805B-23411D39E936",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.91:*:*:*:*:*:*:*",
              "matchCriteriaId": "16670F8A-E70B-4CDF-8C61-414D86E20C84",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.92:*:*:*:*:*:*:*",
              "matchCriteriaId": "69483A91-53DB-4736-908F-7B14EFB40888",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.93:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B3E7962-0A95-4E7B-A983-683B02350B93",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:1.00:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD1120B3-3372-417B-BCA0-FD515638FBFB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:1.01:*:*:*:*:*:*:*",
              "matchCriteriaId": "F7397645-3225-4980-8465-28F93322B58B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.00:*:*:*:*:*:*:*",
              "matchCriteriaId": "1672587F-ED28-4A8A-A6C1-AD1D6B5DF9F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.01:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5A45EAF-B511-4360-A201-D588E7EEB39D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.02:*:*:*:*:*:*:*",
              "matchCriteriaId": "D14637F7-DC99-4AC4-854C-DBA0B4C6BE54",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.03:*:*:*:*:*:*:*",
              "matchCriteriaId": "9EE03979-D564-4ABD-BEBD-E86E7C1BAF9D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.00:*:*:*:*:*:*:*",
              "matchCriteriaId": "15D08CFD-BEE1-4DEE-926D-F4291F88224D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.01:*:*:*:*:*:*:*",
              "matchCriteriaId": "D244903F-5407-4C35-AE2C-1A05D3C227D4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:poppler:poppler:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0299F4A-A027-430C-9A53-AFEF9022960C",
              "versionEndIncluding": "0.10.5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E23EBF88-10DE-4EA6-9F0E-F33C88541F65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "54F75CFD-3523-4017-992C-4FA6406D49F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB116A19-6436-40BE-B5C6-32C22D888B9A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A4C1429-593B-47B6-AC84-832F2296FAB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "18240BA6-3390-4925-AC25-DA4C42397CF7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3090A142-2240-4A8D-A122-C037931A277C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EFD63240-4599-4212-8AF2-7C4089CA9D28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C7EE965-EE3F-4B17-AF38-FA3AA0B11164",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7BE488E5-B3D9-4723-ABBA-A8753EC2DA2D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1259C59E-517F-40BE-8BA6-01AB76257C9A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "63C92F1C-3005-4EA6-B9C0-2BC2E3D611D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "576152B4-9ACD-4C4E-B423-4A5EF44332D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "322F9E62-6A74-4805-8F6B-9C61739B2D4E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F51C453F-6A87-49FB-83F6-22316F28161F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "75F532F0-6653-4275-A85A-BD9A9A611E96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CC7300E-0CBE-47FD-A241-B4B4F0164EBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "255102DA-A2C0-4795-9539-B4CBD587554A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "349B06F1-772A-4A12-A7B9-EA220ED96D2C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "B779800A-FF4B-47DD-B56F-77D10D6A335C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.90:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0213390-08FA-4E04-835B-8BE0FC61B464",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.91:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B304657-740A-4F8D-99CD-22E283FEE6F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "178680C2-DB1B-4250-9B6E-6ADABA60DE44",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCA9036F-92DA-45C2-9FBC-DE03444D34F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6855B98-DAA2-4850-A765-2F4D6D93A424",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "4743EC55-B61D-4C1A-9ED7-060268F2DB27",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CD4454E-3D2B-4582-B5E5-0317A6417654",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "96402B67-A7A8-44E3-914E-A10A69FAD735",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "66C608C8-F382-4D6B-A638-98763C1CBB66",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "21F0F4E0-91B7-4B1F-BFA9-829101A7F90A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.7.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "22287102-80B1-4E1F-85E4-488B020A51E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF3030D6-DE07-418B-AB40-87C85FCA3C58",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3583D56-F653-457A-B1F8-25842A15CB82",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6EEA5DBB-5A80-439E-A135-77CB40772916",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4A5C43B-3978-4D0A-8166-A99622106781",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A940AF2-A7CA-408F-86E2-797C7BA8A6BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B2CD8A0-2DBA-4AC9-A97D-D4DAEB6C7A74",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA56CB7C-E7B3-4F0B-8BEB-F133FAF0D6FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "6323ED7A-6FE8-4885-B743-3E2F82ECA08B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "90D3345C-2D35-413C-B6F9-C308BC7C2AA6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "26216EEC-26B7-41C8-ADFB-64D2EA8DAA8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9D3618D-A183-4B09-9CA2-8D622C3486DD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.9.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A88294D9-563E-4AB3-9FE6-971F43B052B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A39F672-B238-4B21-A48E-5121771949F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "58A5D199-E952-44B5-B5E5-170040FA813E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "349B4B75-32E2-49FB-9606-8B057AFA2E3E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "55A8D058-224E-467E-AB61-06F90B541F24",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "77C47EDD-2212-4259-8229-FF05E1A7B5AD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:apple:cups:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4E90153-8D18-4A50-9581-895C851F6489",
              "versionEndIncluding": "1.3.9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4D89E03-94D0-4F7F-9A54-3021E3E5A321",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "298D6BE7-7683-4225-8DD6-4C0FC5EB48BC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "230B77E7-B1AE-4470-859D-7B5F99749D74",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8FECBBD-B1A2-4F42-8A68-32AB8331BDC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B6070FC-4566-4314-940E-0AAE34B56E28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC691F07-8B38-4867-AB18-51F380CAEA46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.5-1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E943EFBF-39A7-408F-8AC5-677E83DFDBB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.5-2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EA7725A-4398-4C76-BEBF-10E56C7F34F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7415295-0FBF-4946-8D99-8CB2EC391319",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.6-1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C702EE3-4B7C-42EA-92AA-8717807CF67C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.6-2:*:*:*:*:*:*:*",
              "matchCriteriaId": "73F74581-D71C-4FEC-BA8C-85EF4C1991BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.6-3:*:*:*:*:*:*:*",
              "matchCriteriaId": "7ABCFB52-33D3-428C-B1D5-DCE504170A37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "45F03F2B-6AC3-4872-9032-293C2E9B837C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E02B6FB-C36D-45F3-95F3-566CA03B29A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "96093309-A87D-48D0-84DA-446255ABF231",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.9-1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF67F149-614B-4507-A15F-E557A1B73423",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4A14432-D8A1-4D19-9408-B9B4F2FC6B0A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.10-1:*:*:*:*:*:*:*",
              "matchCriteriaId": "49862F77-B8DE-4AA7-AE17-B348B05AC00E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "78D7719F-03E0-4E66-A50A-F8E857A9B6AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3139FDA-9476-4414-B349-7119E63FD268",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "523FE78C-441F-4ACD-B9F2-3E5293E277AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "F887B5B1-7528-4086-AE6C-134F54A93342",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D6D24ED-0D73-4CF2-B746-6EF29F2EF56F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "E8C5C552-6276-4791-80CD-6B3EB425EF04",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "8335D4E3-563D-4288-B708-A9635BCA595F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "5279D055-248A-4BD1-9FBB-0024BA16DF5B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF791C1D-9AF8-4F0F-8F4B-844BC9A55DFD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.19:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "16519855-FCB9-44A8-9C7E-116192327BAB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.19:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "B1D9330B-C51A-4C7D-A322-85103C64D86C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.19:rc3:*:*:*:*:*:*",
              "matchCriteriaId": "2DA0C19F-95EB-429C-AF06-A2C1D5643662",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.19:rc4:*:*:*:*:*:*",
              "matchCriteriaId": "225CCE80-FF4B-4B39-B8BD-EB4710047524",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.19:rc5:*:*:*:*:*:*",
              "matchCriteriaId": "07925DD8-50C0-4908-95D1-7342A4617BBC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "48A519DB-6C6D-4094-814D-33BD5EF389BC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.20:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "B6ED7566-5092-4B08-97A9-B2B53117A224",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.20:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "98DCAC0C-896F-4353-A665-5BCD0D8AEBA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.20:rc3:*:*:*:*:*:*",
              "matchCriteriaId": "E72614CD-8F70-4E07-AD83-8FDE8026CEC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.20:rc4:*:*:*:*:*:*",
              "matchCriteriaId": "48E62419-C165-4B42-8C23-E24821BD4BB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.20:rc5:*:*:*:*:*:*",
              "matchCriteriaId": "217D804B-CA56-49CE-B9EB-2A297EB1763C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.20:rc6:*:*:*:*:*:*",
              "matchCriteriaId": "A41E8583-C837-4871-B4D2-FD41C78D538E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "D480C37B-0DA8-4096-80B0-5198FE589A4B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.21:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "74F5A83B-3C1A-49F3-A9D6-F7B9B897E447",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.21:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "241D4183-879D-4974-BACB-A6987EDA2E7D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "96592A93-4967-4B91-BCF7-558DC472E7BC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.22:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "8758715D-B973-4960-8B7D-6F9A11E73288",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.22:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "0370E9EB-B830-4362-B83C-912579695691",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA3EC6EE-720D-4F27-A2E1-88AE53FC41A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.1.23:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "D644926A-C2A5-45FE-85A3-2782CE87ED86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0696E675-0A13-45FC-8917-845E6FF7A311",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "78BAC98C-1FE6-42A3-8B62-E3C321914F6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "BCC3EF2F-0140-4185-9FB3-2B595B61CDC1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C36785A-F735-45C0-986B-9624AD65F0C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C1D3916-607F-44E8-9D47-93C6C0789083",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "174613C3-A04B-4701-849B-BAA598BF4F72",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "81C1137C-BE3D-45F9-83C9-D212107F0E14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CBC1F81-E93A-42A7-8BC8-4B903688F2E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FA876FF-C58A-45CF-A8E8-E2068DF79421",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.2.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "5FD78771-BD9A-4AC2-B664-B189DD288FB2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.2.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "50A16424-732F-4B76-A753-1642A97BC1EA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.2.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "E189C976-2DD2-485C-828E-7FC3DC6A8F32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.2.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "A86CA90F-A944-4F3E-B75F-8147125335D2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FAFABDC-E40F-4C53-AC66-94EFD077665D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "42A2F7B3-F4A7-416E-A07F-D4C5F0768B6F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F96C1B80-9E20-4832-8308-BF7911569EF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F2D7DB3-F467-4BC0-83BB-4706D067A2C5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABD33C2C-7D39-4CCE-AC99-BC7B1B205A4F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "46C394DC-65A7-4713-B823-6F5D329A0C5C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5E9F74F-3C7D-486A-8BA1-EE2A73160B39",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "69BD64BB-BDA7-4F82-8324-B7C7C941133C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCAEE03E-0B8A-4D10-BD4D-2DA25B7BBE16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.3.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8814509-8B08-46C6-AE50-19B7D30DCF40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:cups:1.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "0718FB6B-D787-409A-B535-0318F2C63A81",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple \"input validation flaws\" in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allow remote attackers to execute arbitrary code via a crafted PDF file."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples \"Input validation flaws\" en el decodificador JBIG2 en Xpdf versi\u00f3n 3.02 PL2 y anteriores, CUPS versi\u00f3n 1.3.9 y anteriores, Poppler versi\u00f3n anterior a 0.10.6, y otros productos permiten a los atacantes remotos ejecutar c\u00f3digo arbitrario por medio de un archivo PDF creado"
    }
  ],
  "id": "CVE-2009-0800",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.8,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2009-04-23T17:30:01.717",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://poppler.freedesktop.org/releases.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34291"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34481"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34746"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34755"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34756"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34852"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34959"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34963"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34991"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35037"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35064"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35065"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35618"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/35685"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2009/dsa-1790"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2009/dsa-1793"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/196617"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/bid/34568"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securitytracker.com/id?1022073"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/1065"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/1066"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/1076"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/1077"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2010/1040"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=495887"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11323"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://poppler.freedesktop.org/releases.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34291"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34481"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34746"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34755"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34756"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34852"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34959"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34963"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34991"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35037"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35064"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35065"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35618"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/35685"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2009/dsa-1790"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2009/dsa-1793"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/196617"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/34568"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1022073"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/1065"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/1066"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/1076"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/1077"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2010/1040"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=495887"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11323"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2005-12-31 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka "Infinite CPU spins."
References
secalert@redhat.comftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt
secalert@redhat.comftp://patches.sgi.com/support/free/security/advisories/20051201-01-U
secalert@redhat.comftp://patches.sgi.com/support/free/security/advisories/20060101-01-U
secalert@redhat.comftp://patches.sgi.com/support/free/security/advisories/20060201-01-U
secalert@redhat.comhttp://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.htmlPatch
secalert@redhat.comhttp://rhn.redhat.com/errata/RHSA-2006-0177.htmlPatch, Vendor Advisory
secalert@redhat.comhttp://scary.beasts.org/security/CESA-2005-003.txtExploit
secalert@redhat.comhttp://secunia.com/advisories/18147
secalert@redhat.comhttp://secunia.com/advisories/18303Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18312Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18313Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18329Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18332Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18334Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18335Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18338Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18349Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18373
secalert@redhat.comhttp://secunia.com/advisories/18375Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18380
secalert@redhat.comhttp://secunia.com/advisories/18385Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18387Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18389Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18398Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18407Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18414
secalert@redhat.comhttp://secunia.com/advisories/18416Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18423Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18425
secalert@redhat.comhttp://secunia.com/advisories/18428
secalert@redhat.comhttp://secunia.com/advisories/18436
secalert@redhat.comhttp://secunia.com/advisories/18448Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18463
secalert@redhat.comhttp://secunia.com/advisories/18517Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18534Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18554Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18582Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18642Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18644Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18674Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18675Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18679Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18908Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18913
secalert@redhat.comhttp://secunia.com/advisories/19230
secalert@redhat.comhttp://secunia.com/advisories/19377
secalert@redhat.comhttp://secunia.com/advisories/25729
secalert@redhat.comhttp://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683
secalert@redhat.comhttp://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747
secalert@redhat.comhttp://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1
secalert@redhat.comhttp://www.debian.org/security/2005/dsa-931
secalert@redhat.comhttp://www.debian.org/security/2005/dsa-932
secalert@redhat.comhttp://www.debian.org/security/2005/dsa-937
secalert@redhat.comhttp://www.debian.org/security/2005/dsa-938
secalert@redhat.comhttp://www.debian.org/security/2005/dsa-940
secalert@redhat.comhttp://www.debian.org/security/2006/dsa-936Patch, Vendor Advisory
secalert@redhat.comhttp://www.debian.org/security/2006/dsa-950Patch, Vendor Advisory
secalert@redhat.comhttp://www.debian.org/security/2006/dsa-961Patch, Vendor Advisory
secalert@redhat.comhttp://www.debian.org/security/2006/dsa-962
secalert@redhat.comhttp://www.gentoo.org/security/en/glsa/glsa-200601-02.xmlPatch, Vendor Advisory
secalert@redhat.comhttp://www.gentoo.org/security/en/glsa/glsa-200601-17.xml
secalert@redhat.comhttp://www.kde.org/info/security/advisory-20051207-2.txtPatch, Vendor Advisory
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2006:003
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2006:004
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2006:005
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2006:006
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2006:008
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2006:010
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2006:011
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2006:012
secalert@redhat.comhttp://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.htmlPatch
secalert@redhat.comhttp://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.htmlPatch
secalert@redhat.comhttp://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html
secalert@redhat.comhttp://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2006-0160.htmlPatch, Vendor Advisory
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2006-0163.html
secalert@redhat.comhttp://www.securityfocus.com/archive/1/427053/100/0/threaded
secalert@redhat.comhttp://www.securityfocus.com/archive/1/427990/100/0/threaded
secalert@redhat.comhttp://www.securityfocus.com/bid/16143Patch
secalert@redhat.comhttp://www.trustix.org/errata/2006/0002/
secalert@redhat.comhttp://www.vupen.com/english/advisories/2006/0047
secalert@redhat.comhttp://www.vupen.com/english/advisories/2007/2280
secalert@redhat.comhttps://exchange.xforce.ibmcloud.com/vulnerabilities/24023
secalert@redhat.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9575
secalert@redhat.comhttps://usn.ubuntu.com/236-1/
af854a3a-2127-422b-91ae-364da2661108ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt
af854a3a-2127-422b-91ae-364da2661108ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U
af854a3a-2127-422b-91ae-364da2661108ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U
af854a3a-2127-422b-91ae-364da2661108ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U
af854a3a-2127-422b-91ae-364da2661108http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.htmlPatch
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2006-0177.htmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://scary.beasts.org/security/CESA-2005-003.txtExploit
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18147
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18303Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18312Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18313Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18329Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18332Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18334Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18335Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18338Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18349Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18373
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18375Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18380
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18385Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18387Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18389Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18398Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18407Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18414
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18416Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18423Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18425
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18428
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18436
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18448Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18463
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18517Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18534Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18554Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18582Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18642Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18644Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18674Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18675Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18679Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18908Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18913
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19230
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19377
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/25729
af854a3a-2127-422b-91ae-364da2661108http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683
af854a3a-2127-422b-91ae-364da2661108http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747
af854a3a-2127-422b-91ae-364da2661108http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2005/dsa-931
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2005/dsa-932
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2005/dsa-937
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2005/dsa-938
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2005/dsa-940
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2006/dsa-936Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2006/dsa-950Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2006/dsa-961Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2006/dsa-962
af854a3a-2127-422b-91ae-364da2661108http://www.gentoo.org/security/en/glsa/glsa-200601-02.xmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml
af854a3a-2127-422b-91ae-364da2661108http://www.kde.org/info/security/advisory-20051207-2.txtPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:003
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:004
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:005
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:006
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:008
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:010
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:011
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:012
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.htmlPatch
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.htmlPatch
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2006-0160.htmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2006-0163.html
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/427053/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/427990/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/16143Patch
af854a3a-2127-422b-91ae-364da2661108http://www.trustix.org/errata/2006/0002/
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2006/0047
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2007/2280
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/24023
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9575
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/236-1/
Impacted products
Vendor Product Version
easy_software_products cups 1.1.22
easy_software_products cups 1.1.22_rc1
easy_software_products cups 1.1.23
easy_software_products cups 1.1.23_rc1
kde kdegraphics 3.2
kde kdegraphics 3.4.3
kde koffice 1.4
kde koffice 1.4.1
kde koffice 1.4.2
kde kpdf 3.2
kde kpdf 3.4.3
kde kword 1.4.2
libextractor libextractor *
poppler poppler 0.4.2
sgi propack 3.0
tetex tetex 1.0.7
tetex tetex 2.0
tetex tetex 2.0.1
tetex tetex 2.0.2
tetex tetex 3.0
xpdf xpdf 3.0
conectiva linux 10.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.1
debian debian_linux 3.1
debian debian_linux 3.1
debian debian_linux 3.1
debian debian_linux 3.1
debian debian_linux 3.1
debian debian_linux 3.1
debian debian_linux 3.1
debian debian_linux 3.1
debian debian_linux 3.1
debian debian_linux 3.1
debian debian_linux 3.1
debian debian_linux 3.1
gentoo linux *
mandrakesoft mandrake_linux 10.1
mandrakesoft mandrake_linux 10.1
mandrakesoft mandrake_linux 10.2
mandrakesoft mandrake_linux 10.2
mandrakesoft mandrake_linux 2006
mandrakesoft mandrake_linux 2006
mandrakesoft mandrake_linux_corporate_server 2.1
mandrakesoft mandrake_linux_corporate_server 2.1
mandrakesoft mandrake_linux_corporate_server 3.0
mandrakesoft mandrake_linux_corporate_server 3.0
redhat enterprise_linux 2.1
redhat enterprise_linux 2.1
redhat enterprise_linux 2.1
redhat enterprise_linux 2.1
redhat enterprise_linux 2.1
redhat enterprise_linux 2.1
redhat enterprise_linux 3.0
redhat enterprise_linux 3.0
redhat enterprise_linux 3.0
redhat enterprise_linux 4.0
redhat enterprise_linux 4.0
redhat enterprise_linux 4.0
redhat enterprise_linux_desktop 3.0
redhat enterprise_linux_desktop 4.0
redhat fedora_core core_1.0
redhat fedora_core core_2.0
redhat fedora_core core_3.0
redhat fedora_core core_4.0
redhat linux 7.3
redhat linux 9.0
redhat linux_advanced_workstation 2.1
redhat linux_advanced_workstation 2.1
sco openserver 5.0.7
sco openserver 6.0
slackware slackware_linux 9.0
slackware slackware_linux 9.1
slackware slackware_linux 10.0
slackware slackware_linux 10.1
slackware slackware_linux 10.2
suse suse_linux 1.0
suse suse_linux 9.0
suse suse_linux 9.0
suse suse_linux 9.0
suse suse_linux 9.0
suse suse_linux 9.0
suse suse_linux 9.1
suse suse_linux 9.1
suse suse_linux 9.1
suse suse_linux 9.2
suse suse_linux 9.2
suse suse_linux 9.2
suse suse_linux 9.3
suse suse_linux 9.3
suse suse_linux 9.3
suse suse_linux 10.0
suse suse_linux 10.0
trustix secure_linux 2.0
trustix secure_linux 2.2
trustix secure_linux 3.0
turbolinux turbolinux 10
turbolinux turbolinux fuji
turbolinux turbolinux_appliance_server 1.0_hosting_edition
turbolinux turbolinux_appliance_server 1.0_workgroup_edition
turbolinux turbolinux_desktop 10.0
turbolinux turbolinux_home *
turbolinux turbolinux_multimedia *
turbolinux turbolinux_personal *
turbolinux turbolinux_server 8.0
turbolinux turbolinux_server 10.0
turbolinux turbolinux_server 10.0_x86
turbolinux turbolinux_workstation 8.0
ubuntu ubuntu_linux 4.1
ubuntu ubuntu_linux 4.1
ubuntu ubuntu_linux 5.04
ubuntu ubuntu_linux 5.04
ubuntu ubuntu_linux 5.04
ubuntu ubuntu_linux 5.10
ubuntu ubuntu_linux 5.10
ubuntu ubuntu_linux 5.10



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1512A96-B8E7-4DB7-A4CB-8FD3773BFC97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.22_rc1:*:*:*:*:*:*:*",
              "matchCriteriaId": "787B918D-9CCC-44FE-92AF-E8DF1E91A3C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "C116493B-2837-4531-9291-A9FF03099A97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.23_rc1:*:*:*:*:*:*:*",
              "matchCriteriaId": "525BD04B-387F-4713-BC89-472D0D0BCFD0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:kdegraphics:3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6BF92649-90CE-4E75-A938-61D0916B5A7E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:kdegraphics:3.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CA505B4-0C17-49C8-9533-CA8CE3AA77D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:koffice:1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "37C08E0A-651F-458B-BCEC-A30DCD527E47",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:koffice:1.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6000D6AF-C056-4BC0-A54C-72E23E52AB92",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:koffice:1.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7D036E4-FA49-417D-968B-9D73B16A09BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:kpdf:3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDAF6452-F3B0-4F62-893E-BCFA6AB7AE3B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:kpdf:3.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC2AB9CB-DEAB-45AB-A7CA-D19E069907EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:kword:1.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EAC32BAA-99B3-4B40-83A3-ED9E1B12B295",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libextractor:libextractor:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "679D9520-DE8E-4D06-A227-3B1C1D05977D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "63C92F1C-3005-4EA6-B9C0-2BC2E3D611D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sgi:propack:3.0:sp6:*:*:*:*:*:*",
              "matchCriteriaId": "EF8ABD90-AD2B-4FA0-A355-9D7CD6D3C486",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tetex:tetex:1.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "C86C7D6F-C39E-4403-86C6-F87599570E97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tetex:tetex:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "236005A1-C175-44D3-8D0C-C48F943F3D66",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tetex:tetex:2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0AF2AD80-5E65-4B57-933B-C395E98EF10D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tetex:tetex:2.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "07C92A0E-1DDA-4F83-A904-24A35C38883A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tetex:tetex:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9178B36F-41D5-4AE7-B9C8-56BDEADE76EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B93B3ED-AF82-49A9-8C7F-E5F652F19669",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:conectiva:linux:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A35FC777-A34E-4C7B-9E93-8F17F3AD5180",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CAE037F-111C-4A76-8FFE-716B74D65EF3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:alpha:*:*:*:*:*",
              "matchCriteriaId": "A6B060E4-B5A6-4469-828E-211C52542547",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:arm:*:*:*:*:*",
              "matchCriteriaId": "974C3541-990C-4CD4-A05A-38FA74A84632",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:hppa:*:*:*:*:*",
              "matchCriteriaId": "6CBF1E0F-C7F3-4F83-9E60-6E63FA7D2775",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-32:*:*:*:*:*",
              "matchCriteriaId": "58792F77-B06F-4780-BA25-FE1EE6C3FDD9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-64:*:*:*:*:*",
              "matchCriteriaId": "C9419322-572F-4BB6-8416-C5E96541CF33",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:m68k:*:*:*:*:*",
              "matchCriteriaId": "BFC50555-C084-46A3-9C9F-949C5E3BB448",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mips:*:*:*:*:*",
              "matchCriteriaId": "9C25D6E1-D283-4CEA-B47B-60C47A5C0797",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mipsel:*:*:*:*:*",
              "matchCriteriaId": "AD18A446-C634-417E-86AC-B19B6DDDC856",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ppc:*:*:*:*:*",
              "matchCriteriaId": "E4BB852E-61B2-4842-989F-C6C0C901A8D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:s-390:*:*:*:*:*",
              "matchCriteriaId": "24DD9D59-E2A2-4116-A887-39E8CC2004FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:sparc:*:*:*:*:*",
              "matchCriteriaId": "F28D7457-607E-4E0C-909A-413F91CFCD82",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2E0C1F8-31F5-4F61-9DF7-E49B43D3C873",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:alpha:*:*:*:*:*",
              "matchCriteriaId": "5BF84240-1881-4EFB-BB2F-F9CE8AD09C7B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:amd64:*:*:*:*:*",
              "matchCriteriaId": "AF8AE8C4-810F-41AB-A251-5A2D4DD6884D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:arm:*:*:*:*:*",
              "matchCriteriaId": "5EACF214-FA27-44FF-A431-927AB79377A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:hppa:*:*:*:*:*",
              "matchCriteriaId": "E2B58895-0E2A-4466-9CB2-0083349A83B2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:ia-32:*:*:*:*:*",
              "matchCriteriaId": "03F8220A-9B1C-40AA-AEAB-F9A93225FBD5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:ia-64:*:*:*:*:*",
              "matchCriteriaId": "2311919C-7864-469D-B0F6-9B11D8D0A1C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:m68k:*:*:*:*:*",
              "matchCriteriaId": "19876495-4C1A-487C-955A-C5AA46362A1F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:mips:*:*:*:*:*",
              "matchCriteriaId": "D75286DD-50BC-4B72-8AC8-E20730124DC2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:mipsel:*:*:*:*:*",
              "matchCriteriaId": "1998C972-497E-4916-B50E-FB32303EEA8E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:ppc:*:*:*:*:*",
              "matchCriteriaId": "A6CD3DD9-3A8A-4716-A2D1-136A790AFF94",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:s-390:*:*:*:*:*",
              "matchCriteriaId": "6CE2020A-4FB2-4FCD-8561-7BD147CD95EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:sparc:*:*:*:*:*",
              "matchCriteriaId": "08E90AFA-C262-46D0-B60E-26B67C9602D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "647BA336-5538-4972-9271-383A0EC9378E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3528DABD-B821-4D23-AE12-614A9CA92C46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:x86-64:*:*:*:*:*",
              "matchCriteriaId": "0315FB43-D199-4734-B724-50ED031C0020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "11D69B83-4EF3-407B-8E8C-DE623F099C17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.2:*:x86-64:*:*:*:*:*",
              "matchCriteriaId": "7D221688-18A0-453D-8D13-6B68011FCA13",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2006:*:*:*:*:*:*:*",
              "matchCriteriaId": "597094EC-D23F-4EC4-A140-96F287679124",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2006:*:x86-64:*:*:*:*:*",
              "matchCriteriaId": "C4FCF0D3-A6CB-448E-B0D3-DA82BE02DEC8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0F0D201-B1DC-4024-AF77-A284673618F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "052E3862-BFB7-42E7-889D-8590AFA8EF37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2BB0B27C-04EA-426F-9016-7406BACD91DF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "BB2B1BA5-8370-4281-B5C9-3D4FE6C70FBC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*",
              "matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*",
              "matchCriteriaId": "A4A9461E-C117-42EC-9F14-DF2A82BA7C5D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*",
              "matchCriteriaId": "E0B458EA-495E-40FA-9379-C03757F7B1EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:*",
              "matchCriteriaId": "409E324A-C040-494F-A026-9DCAE01C07F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*",
              "matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*",
              "matchCriteriaId": "6474B775-C893-491F-A074-802AFB1FEDD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*",
              "matchCriteriaId": "78B46FFA-5B09-473E-AD33-3DB18BD0DAFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*",
              "matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*",
              "matchCriteriaId": "0EFE2E73-9536-41A9-B83B-0A06B54857F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:advanced_server:*:*:*:*:*",
              "matchCriteriaId": "F9440B25-D206-4914-9557-B5F030890DEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:enterprise_server:*:*:*:*:*",
              "matchCriteriaId": "E9933557-3BCA-4D92-AD4F-27758A0D3347",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:workstation:*:*:*:*:*",
              "matchCriteriaId": "10A60552-15A5-4E95-B3CE-99A4B26260C1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D74A418-50F0-42C0-ABBC-BBBE718FF025",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:fedora_core:core_1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C84296C-2C8A-4DCD-9751-52951F8BEA9F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC80CF67-C51D-442C-9526-CFEDE84A6304",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:fedora_core:core_4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C720DACC-CF4B-4A00-818C-8303A7D7DED6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:7.3:*:i386:*:*:*:*:*",
              "matchCriteriaId": "9B502A61-44FB-4CD4-85BE-88D4ACCCA441",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:9.0:*:i386:*:*:*:*:*",
              "matchCriteriaId": "F3FDE8C4-5FFD-4CC2-9F35-7C32043966D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*",
              "matchCriteriaId": "84A50ED3-FD0D-4038-B3E7-CC65D166C968",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium:*:*:*:*:*",
              "matchCriteriaId": "8DBD9D3C-40AB-449D-A9A8-A09DF2DEDB96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sco:openserver:5.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9D76A8D-832B-411E-A458-186733C66010",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sco:openserver:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7458BA31-812E-40C9-BB92-8688A3BCBA56",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:slackware:slackware_linux:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "300A6A65-05FD-401C-80F6-B5F5B1F056E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:slackware:slackware_linux:9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA3D53C9-3806-45E6-8AE9-7D41280EF64C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:slackware:slackware_linux:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D29C5A03-A7C9-4780-BB63-CF1E874D018D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:slackware:slackware_linux:10.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B85EF0EE-3E61-4CA3-9F00-610AB2E1CFCF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:slackware:slackware_linux:10.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "70440F49-AEE9-41BE-8E1A-43AB657C8E09",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "02EE2D72-B1E6-4380-80B0-E40A23DDD115",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:enterprise_server:*:*:*:*:*",
              "matchCriteriaId": "F7446746-87B7-4BD3-AABF-1E0FAA8265AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:personal:*:*:*:*:*",
              "matchCriteriaId": "F239BA8A-6B41-4B08-8C7C-25D235812C50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:professional:*:*:*:*:*",
              "matchCriteriaId": "89BA858B-9466-4640-84AE-DC5BDC65D6B8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:s_390:*:*:*:*:*",
              "matchCriteriaId": "85F2D904-E830-4034-9CCB-0FF65019622C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "56EF103F-5668-4754-A83B-D3662D0CE815",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:personal:*:*:*:*:*",
              "matchCriteriaId": "3EA56868-ACA1-4C65-9FFB-A68129D2428A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:professional:*:*:*:*:*",
              "matchCriteriaId": "1BA2E629-58C6-4BA0-A447-F8F570B35E74",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "D5F98B9A-880E-45F0-8C16-12B22970F0D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:personal:*:*:*:*:*",
              "matchCriteriaId": "3BEE15E9-9194-4E37-AB3B-66ECD5AC9E11",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:professional:*:*:*:*:*",
              "matchCriteriaId": "C89BA3B6-370B-4911-A363-935A9C9EACF5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "B905C6E9-5058-4FD7-95B6-CD6AB6B2F516",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.3:*:personal:*:*:*:*:*",
              "matchCriteriaId": "4F1B4D15-0562-44D6-B80B-35A8F432BD41",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.3:*:professional:*:*:*:*:*",
              "matchCriteriaId": "D84ABF78-0D85-4E15-907E-B5ACE86EB8C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.3:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "9C7018E7-F90C-435D-A07A-05A294EA2827",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:10.0:*:oss:*:*:*:*:*",
              "matchCriteriaId": "16915004-1006-41D6-9E42-D1A5041E442D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:10.0:*:professional:*:*:*:*:*",
              "matchCriteriaId": "994ABCE2-3B9E-4E4E-83F7-CE2A79C70F64",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:trustix:secure_linux:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "53AF1A2D-B0A2-4097-AD1D-DF3AF27171BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:trustix:secure_linux:2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5AB70F82-52BB-4D0D-9A24-9AF67278466D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:trustix:secure_linux:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "100A2456-BF20-4461-8DC9-C61889322B29",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux:10:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C7D4F57-E186-497A-B390-92E5D2C7E894",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux:fuji:*:*:*:*:*:*:*",
              "matchCriteriaId": "CEC3F6F3-9A6E-4A98-A967-6776C872475C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_appliance_server:1.0_hosting_edition:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC3218DD-A565-4AB8-86FE-E7F59AC0535F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_appliance_server:1.0_workgroup_edition:*:*:*:*:*:*:*",
              "matchCriteriaId": "97AEDB57-202F-4B53-8815-21836F177060",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_desktop:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "31C3FFDD-03BF-4FD4-B7A7-B62AFD5DBA19",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_home:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "065FF0F1-7FAC-4584-92EA-EAA87DC76FA1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_multimedia:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E27180A1-9767-4CD3-978C-7538155B162D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_personal:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BAAA9376-A060-49AE-86A7-6B28E26ED5D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_server:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E06DCF0D-3241-453A-A0E4-937FE25EC404",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_server:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B484D091-62DE-4EF2-AC54-26896CA8B315",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_server:10.0_x86:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC5AC26E-3F3F-4D14-BE65-82B4432AB382",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_workstation:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9428589A-0BD2-469E-978D-38239117D972",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ia64:*:*:*:*:*",
              "matchCriteriaId": "6E94583A-5184-462E-9FC4-57B35DA06DA7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ppc:*:*:*:*:*",
              "matchCriteriaId": "E905FAAD-37B6-4DD0-A752-2974F8336273",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:amd64:*:*:*:*:*",
              "matchCriteriaId": "3BD12488-1ED8-4751-ABF5-3578D54750A8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:i386:*:*:*:*:*",
              "matchCriteriaId": "AE3733CF-4C88-443C-9B90-6477C9C500D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:powerpc:*:*:*:*:*",
              "matchCriteriaId": "9C500A75-D75E-45B4-B582-0F0DF27C3C04",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:amd64:*:*:*:*:*",
              "matchCriteriaId": "86FD134D-A5C5-4B08-962D-70CF07C74923",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:i386:*:*:*:*:*",
              "matchCriteriaId": "FA84692E-F99D-4207-B4F2-799A6ADB88AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:powerpc:*:*:*:*:*",
              "matchCriteriaId": "8B0F1091-4B76-44F5-B896-6D37E2F909A2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka \"Infinite CPU spins.\""
    }
  ],
  "id": "CVE-2005-3625",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2005-12-31T05:00:00.000",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt"
    },
    {
      "source": "secalert@redhat.com",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U"
    },
    {
      "source": "secalert@redhat.com",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U"
    },
    {
      "source": "secalert@redhat.com",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Exploit"
      ],
      "url": "http://scary.beasts.org/security/CESA-2005-003.txt"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18147"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18303"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18312"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18313"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18329"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18332"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18334"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18335"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18338"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18349"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18373"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18375"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18380"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18385"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18387"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18389"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18398"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18407"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18414"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18416"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18423"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18425"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18428"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18436"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18448"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18463"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18517"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18534"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18554"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18582"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18642"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18644"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18674"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18675"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18679"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18908"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18913"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/19230"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/19377"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/25729"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2005/dsa-931"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2005/dsa-932"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2005/dsa-937"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2005/dsa-938"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2005/dsa-940"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-936"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-950"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-961"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2006/dsa-962"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.kde.org/info/security/advisory-20051207-2.txt"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/16143"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.trustix.org/errata/2006/0002/"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2006/0047"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2007/2280"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24023"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9575"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://usn.ubuntu.com/236-1/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://scary.beasts.org/security/CESA-2005-003.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18147"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18303"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18312"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18313"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18329"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18332"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18334"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18335"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18338"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18349"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18373"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18375"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18380"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18385"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18387"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18389"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18398"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18407"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18414"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18416"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18423"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18425"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18428"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18436"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18448"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18463"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18517"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18534"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18554"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18582"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18642"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18644"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18674"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18675"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18679"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18908"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18913"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19230"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19377"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/25729"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2005/dsa-931"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2005/dsa-932"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2005/dsa-937"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2005/dsa-938"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2005/dsa-940"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-936"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-950"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-961"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2006/dsa-962"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.kde.org/info/security/advisory-20051207-2.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/16143"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.trustix.org/errata/2006/0002/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2006/0047"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/2280"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24023"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9575"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://usn.ubuntu.com/236-1/"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vendorComments": [
    {
      "comment": "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.",
      "lastModified": "2007-03-14T00:00:00",
      "organization": "Red Hat"
    }
  ],
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-399"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2009-10-21 17:30
Modified
2025-04-09 00:30
Severity ?
Summary
Integer overflow in the create_surface_from_thumbnail_data function in glib/poppler-page.cc in Poppler 0.x allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow. NOTE: some of these details are obtained from third party information.
References
secalert@redhat.comhttp://cgit.freedesktop.org/poppler/poppler/commit/?id=c839b706
secalert@redhat.comhttp://secunia.com/advisories/37054Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/37114
secalert@redhat.comhttp://secunia.com/advisories/37159
secalert@redhat.comhttp://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1
secalert@redhat.comhttp://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1
secalert@redhat.comhttp://www.debian.org/security/2009/dsa-1941
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDVSA-2011:175
secalert@redhat.comhttp://www.openwall.com/lists/oss-security/2009/12/01/1
secalert@redhat.comhttp://www.openwall.com/lists/oss-security/2009/12/01/5
secalert@redhat.comhttp://www.openwall.com/lists/oss-security/2009/12/01/6
secalert@redhat.comhttp://www.securityfocus.com/bid/36718
secalert@redhat.comhttp://www.ubuntu.com/usn/USN-850-1
secalert@redhat.comhttp://www.ubuntu.com/usn/USN-850-3
secalert@redhat.comhttp://www.vupen.com/english/advisories/2009/2925Vendor Advisory
secalert@redhat.comhttps://bugzilla.redhat.com/show_bug.cgi?id=526924
secalert@redhat.comhttps://exchange.xforce.ibmcloud.com/vulnerabilities/53801
secalert@redhat.comhttps://www.redhat.com/archives/fedora-package-announce/2009-October/msg00750.html
secalert@redhat.comhttps://www.redhat.com/archives/fedora-package-announce/2009-October/msg00784.html
af854a3a-2127-422b-91ae-364da2661108http://cgit.freedesktop.org/poppler/poppler/commit/?id=c839b706
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/37054Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/37114
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/37159
af854a3a-2127-422b-91ae-364da2661108http://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1
af854a3a-2127-422b-91ae-364da2661108http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2009/dsa-1941
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2011:175
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2009/12/01/1
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2009/12/01/5
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2009/12/01/6
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/36718
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/USN-850-1
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/USN-850-3
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2009/2925Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.redhat.com/show_bug.cgi?id=526924
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/53801
af854a3a-2127-422b-91ae-364da2661108https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00750.html
af854a3a-2127-422b-91ae-364da2661108https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00784.html



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E23EBF88-10DE-4EA6-9F0E-F33C88541F65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "54F75CFD-3523-4017-992C-4FA6406D49F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB116A19-6436-40BE-B5C6-32C22D888B9A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A4C1429-593B-47B6-AC84-832F2296FAB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "18240BA6-3390-4925-AC25-DA4C42397CF7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3090A142-2240-4A8D-A122-C037931A277C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EFD63240-4599-4212-8AF2-7C4089CA9D28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C7EE965-EE3F-4B17-AF38-FA3AA0B11164",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7BE488E5-B3D9-4723-ABBA-A8753EC2DA2D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1259C59E-517F-40BE-8BA6-01AB76257C9A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "63C92F1C-3005-4EA6-B9C0-2BC2E3D611D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "576152B4-9ACD-4C4E-B423-4A5EF44332D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "322F9E62-6A74-4805-8F6B-9C61739B2D4E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F51C453F-6A87-49FB-83F6-22316F28161F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "75F532F0-6653-4275-A85A-BD9A9A611E96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CC7300E-0CBE-47FD-A241-B4B4F0164EBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "255102DA-A2C0-4795-9539-B4CBD587554A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "349B06F1-772A-4A12-A7B9-EA220ED96D2C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "B779800A-FF4B-47DD-B56F-77D10D6A335C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.90:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0213390-08FA-4E04-835B-8BE0FC61B464",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.91:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B304657-740A-4F8D-99CD-22E283FEE6F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "178680C2-DB1B-4250-9B6E-6ADABA60DE44",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCA9036F-92DA-45C2-9FBC-DE03444D34F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6855B98-DAA2-4850-A765-2F4D6D93A424",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "4743EC55-B61D-4C1A-9ED7-060268F2DB27",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CD4454E-3D2B-4582-B5E5-0317A6417654",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "96402B67-A7A8-44E3-914E-A10A69FAD735",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "66C608C8-F382-4D6B-A638-98763C1CBB66",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "21F0F4E0-91B7-4B1F-BFA9-829101A7F90A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.7.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "22287102-80B1-4E1F-85E4-488B020A51E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF3030D6-DE07-418B-AB40-87C85FCA3C58",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3583D56-F653-457A-B1F8-25842A15CB82",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6EEA5DBB-5A80-439E-A135-77CB40772916",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4A5C43B-3978-4D0A-8166-A99622106781",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A940AF2-A7CA-408F-86E2-797C7BA8A6BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B2CD8A0-2DBA-4AC9-A97D-D4DAEB6C7A74",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA56CB7C-E7B3-4F0B-8BEB-F133FAF0D6FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "6323ED7A-6FE8-4885-B743-3E2F82ECA08B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "90D3345C-2D35-413C-B6F9-C308BC7C2AA6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "26216EEC-26B7-41C8-ADFB-64D2EA8DAA8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9D3618D-A183-4B09-9CA2-8D622C3486DD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.9.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A88294D9-563E-4AB3-9FE6-971F43B052B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A39F672-B238-4B21-A48E-5121771949F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "58A5D199-E952-44B5-B5E5-170040FA813E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "349B4B75-32E2-49FB-9606-8B057AFA2E3E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "55A8D058-224E-467E-AB61-06F90B541F24",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "77C47EDD-2212-4259-8229-FF05E1A7B5AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "C52995D0-0986-427F-B37D-2F6726EA330D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E4427C5-DBF0-4EF9-8B7A-61D56C14E3FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "B91206CA-7EBE-4E64-9A49-D7EC0D051012",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.11.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BFD43644-7F02-42AF-8EC3-C326A13E2F89",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.11.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "81FE2E6F-44B2-42D5-B986-D1FE2B510968",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.11.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A605079-3705-4E2C-8F6D-C21B4D875817",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.11.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3ABBD590-8092-4920-BBC7-F3ACB9CCC900",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.12.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "14D812D5-BC8B-4907-AA70-F8D7F982A8DD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Integer overflow in the create_surface_from_thumbnail_data function in glib/poppler-page.cc in Poppler 0.x allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow.  NOTE: some of these details are obtained from third party information."
    },
    {
      "lang": "es",
      "value": "la funci\u00f3n create_surface_from_thumbnail_data en glib/poppler-page.cc  en Poppler v0.x, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) o posiblemente la ejecuci\u00f3n de c\u00f3digo de su elecci\u00f3n  a trav\u00e9s de un documento PDF manipulado que provoca un desbordamiento de b\u00fafer basado en memoria din\u00e1mica (heap). NOTA: algunos de los detalles han sido obtenidos a partir de informaci\u00f3n de terceros."
    }
  ],
  "id": "CVE-2009-3607",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2009-10-21T17:30:00.377",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=c839b706"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/37054"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/37114"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/37159"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2009/dsa-1941"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.openwall.com/lists/oss-security/2009/12/01/1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.openwall.com/lists/oss-security/2009/12/01/5"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.openwall.com/lists/oss-security/2009/12/01/6"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/bid/36718"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.ubuntu.com/usn/USN-850-1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.ubuntu.com/usn/USN-850-3"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/2925"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=526924"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53801"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00750.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00784.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=c839b706"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/37054"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/37114"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/37159"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2009/dsa-1941"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2009/12/01/1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2009/12/01/5"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2009/12/01/6"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/36718"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/USN-850-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/USN-850-3"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/2925"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=526924"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53801"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00750.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00784.html"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vendorComments": [
    {
      "comment": "Not vulnerable. This issue did not affect the version of poppler as shipped with Red Hat Enterprise Linux 5.",
      "lastModified": "2009-10-23T00:00:00",
      "organization": "Red Hat"
    }
  ],
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-189"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2009-10-21 17:30
Modified
2025-04-09 00:30
Severity ?
Summary
Integer overflow in the ImageStream::ImageStream function in Stream.cc in Xpdf before 3.02pl4 and Poppler before 0.12.1, as used in GPdf, kdegraphics KPDF, and CUPS pdftops, allows remote attackers to cause a denial of service (application crash) via a crafted PDF document that triggers a NULL pointer dereference or buffer over-read.
References
secalert@redhat.comftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl4.patchExploit
secalert@redhat.comhttp://lists.fedoraproject.org/pipermail/package-announce/2010-February/035340.html
secalert@redhat.comhttp://lists.fedoraproject.org/pipermail/package-announce/2010-February/035399.html
secalert@redhat.comhttp://lists.fedoraproject.org/pipermail/package-announce/2010-February/035408.html
secalert@redhat.comhttp://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html
secalert@redhat.comhttp://poppler.freedesktop.org/Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/37023Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/37028Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/37034Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/37037Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/37043Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/37051Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/37054Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/37061Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/37077Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/37079Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/37114
secalert@redhat.comhttp://secunia.com/advisories/37159
secalert@redhat.comhttp://secunia.com/advisories/39327
secalert@redhat.comhttp://secunia.com/advisories/39938
secalert@redhat.comhttp://securitytracker.com/id?1023029
secalert@redhat.comhttp://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1
secalert@redhat.comhttp://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1
secalert@redhat.comhttp://www.debian.org/security/2010/dsa-2028
secalert@redhat.comhttp://www.debian.org/security/2010/dsa-2050
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDVSA-2009:287
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDVSA-2009:334
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDVSA-2011:175
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2010-0755.html
secalert@redhat.comhttp://www.securityfocus.com/bid/36703Exploit, Patch
secalert@redhat.comhttp://www.ubuntu.com/usn/USN-850-1
secalert@redhat.comhttp://www.ubuntu.com/usn/USN-850-3
secalert@redhat.comhttp://www.vupen.com/english/advisories/2009/2924Patch, Vendor Advisory
secalert@redhat.comhttp://www.vupen.com/english/advisories/2009/2925Vendor Advisory
secalert@redhat.comhttp://www.vupen.com/english/advisories/2009/2926Vendor Advisory
secalert@redhat.comhttp://www.vupen.com/english/advisories/2009/2928Vendor Advisory
secalert@redhat.comhttp://www.vupen.com/english/advisories/2010/0802
secalert@redhat.comhttp://www.vupen.com/english/advisories/2010/1220
secalert@redhat.comhttps://bugzilla.redhat.com/show_bug.cgi?id=526893Exploit, Patch
secalert@redhat.comhttps://exchange.xforce.ibmcloud.com/vulnerabilities/53800
secalert@redhat.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11043
secalert@redhat.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8134
secalert@redhat.comhttps://rhn.redhat.com/errata/RHSA-2009-1500.html
secalert@redhat.comhttps://rhn.redhat.com/errata/RHSA-2009-1501.html
secalert@redhat.comhttps://rhn.redhat.com/errata/RHSA-2009-1502.html
secalert@redhat.comhttps://rhn.redhat.com/errata/RHSA-2009-1503.html
secalert@redhat.comhttps://rhn.redhat.com/errata/RHSA-2009-1504.html
secalert@redhat.comhttps://rhn.redhat.com/errata/RHSA-2009-1512.html
secalert@redhat.comhttps://rhn.redhat.com/errata/RHSA-2009-1513.html
secalert@redhat.comhttps://www.redhat.com/archives/fedora-package-announce/2009-October/msg00750.html
secalert@redhat.comhttps://www.redhat.com/archives/fedora-package-announce/2009-October/msg00784.html
af854a3a-2127-422b-91ae-364da2661108ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl4.patchExploit
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035340.html
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035399.html
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035408.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html
af854a3a-2127-422b-91ae-364da2661108http://poppler.freedesktop.org/Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/37023Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/37028Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/37034Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/37037Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/37043Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/37051Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/37054Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/37061Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/37077Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/37079Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/37114
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/37159
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/39327
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/39938
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1023029
af854a3a-2127-422b-91ae-364da2661108http://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1
af854a3a-2127-422b-91ae-364da2661108http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2010/dsa-2028
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2010/dsa-2050
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2009:287
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2009:334
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2011:175
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2010-0755.html
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/36703Exploit, Patch
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/USN-850-1
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/USN-850-3
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2009/2924Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2009/2925Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2009/2926Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2009/2928Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2010/0802
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2010/1220
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.redhat.com/show_bug.cgi?id=526893Exploit, Patch
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/53800
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11043
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8134
af854a3a-2127-422b-91ae-364da2661108https://rhn.redhat.com/errata/RHSA-2009-1500.html
af854a3a-2127-422b-91ae-364da2661108https://rhn.redhat.com/errata/RHSA-2009-1501.html
af854a3a-2127-422b-91ae-364da2661108https://rhn.redhat.com/errata/RHSA-2009-1502.html
af854a3a-2127-422b-91ae-364da2661108https://rhn.redhat.com/errata/RHSA-2009-1503.html
af854a3a-2127-422b-91ae-364da2661108https://rhn.redhat.com/errata/RHSA-2009-1504.html
af854a3a-2127-422b-91ae-364da2661108https://rhn.redhat.com/errata/RHSA-2009-1512.html
af854a3a-2127-422b-91ae-364da2661108https://rhn.redhat.com/errata/RHSA-2009-1513.html
af854a3a-2127-422b-91ae-364da2661108https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00750.html
af854a3a-2127-422b-91ae-364da2661108https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00784.html



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:3.02pl1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BC500DA-7B3F-4CD5-BB0E-B244000CD19D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:3.02pl2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D5D9CEA-0707-46FC-AEC3-9EC540B22BC3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:foolabs:xpdf:3.02pl3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD38AC59-7518-40FB-BC29-EC64142DE682",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.00:*:*:*:*:*:*:*",
              "matchCriteriaId": "15D08CFD-BEE1-4DEE-926D-F4291F88224D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.01:*:*:*:*:*:*:*",
              "matchCriteriaId": "D244903F-5407-4C35-AE2C-1A05D3C227D4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.02:*:*:*:*:*:*:*",
              "matchCriteriaId": "F7D4E256-FF91-47BA-B1D4-940FB2D970AF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C16CA37E-F28E-47E6-B77B-4CB0A859F831",
              "versionEndIncluding": "0.12.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E23EBF88-10DE-4EA6-9F0E-F33C88541F65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "54F75CFD-3523-4017-992C-4FA6406D49F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB116A19-6436-40BE-B5C6-32C22D888B9A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A4C1429-593B-47B6-AC84-832F2296FAB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "18240BA6-3390-4925-AC25-DA4C42397CF7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3090A142-2240-4A8D-A122-C037931A277C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EFD63240-4599-4212-8AF2-7C4089CA9D28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C7EE965-EE3F-4B17-AF38-FA3AA0B11164",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7BE488E5-B3D9-4723-ABBA-A8753EC2DA2D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1259C59E-517F-40BE-8BA6-01AB76257C9A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "63C92F1C-3005-4EA6-B9C0-2BC2E3D611D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "576152B4-9ACD-4C4E-B423-4A5EF44332D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "322F9E62-6A74-4805-8F6B-9C61739B2D4E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F51C453F-6A87-49FB-83F6-22316F28161F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "75F532F0-6653-4275-A85A-BD9A9A611E96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CC7300E-0CBE-47FD-A241-B4B4F0164EBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "255102DA-A2C0-4795-9539-B4CBD587554A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "349B06F1-772A-4A12-A7B9-EA220ED96D2C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.5.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "B779800A-FF4B-47DD-B56F-77D10D6A335C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "178680C2-DB1B-4250-9B6E-6ADABA60DE44",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCA9036F-92DA-45C2-9FBC-DE03444D34F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6855B98-DAA2-4850-A765-2F4D6D93A424",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "4743EC55-B61D-4C1A-9ED7-060268F2DB27",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CD4454E-3D2B-4582-B5E5-0317A6417654",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "96402B67-A7A8-44E3-914E-A10A69FAD735",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "66C608C8-F382-4D6B-A638-98763C1CBB66",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "21F0F4E0-91B7-4B1F-BFA9-829101A7F90A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.7.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "22287102-80B1-4E1F-85E4-488B020A51E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF3030D6-DE07-418B-AB40-87C85FCA3C58",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3583D56-F653-457A-B1F8-25842A15CB82",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6EEA5DBB-5A80-439E-A135-77CB40772916",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4A5C43B-3978-4D0A-8166-A99622106781",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A940AF2-A7CA-408F-86E2-797C7BA8A6BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA56CB7C-E7B3-4F0B-8BEB-F133FAF0D6FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.8.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "6323ED7A-6FE8-4885-B743-3E2F82ECA08B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "90D3345C-2D35-413C-B6F9-C308BC7C2AA6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "26216EEC-26B7-41C8-ADFB-64D2EA8DAA8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9D3618D-A183-4B09-9CA2-8D622C3486DD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.9.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A88294D9-563E-4AB3-9FE6-971F43B052B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A39F672-B238-4B21-A48E-5121771949F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "58A5D199-E952-44B5-B5E5-170040FA813E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "349B4B75-32E2-49FB-9606-8B057AFA2E3E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "55A8D058-224E-467E-AB61-06F90B541F24",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "77C47EDD-2212-4259-8229-FF05E1A7B5AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "C52995D0-0986-427F-B37D-2F6726EA330D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E4427C5-DBF0-4EF9-8B7A-61D56C14E3FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.10.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "B91206CA-7EBE-4E64-9A49-D7EC0D051012",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.11.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BFD43644-7F02-42AF-8EC3-C326A13E2F89",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.11.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "81FE2E6F-44B2-42D5-B986-D1FE2B510968",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.11.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A605079-3705-4E2C-8F6D-C21B4D875817",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.11.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3ABBD590-8092-4920-BBC7-F3ACB9CCC900",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:glyph_and_cog:pdftops:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1833267E-3B18-4CF8-B996-6226D5439F5F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:gnome:gpdf:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4A9A98B-5E37-4938-9506-927E0C8FACB8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:kde:kpdf:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "41EF2714-DEC9-407F-9D1B-EF2A4D8B4DC3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Integer overflow in the ImageStream::ImageStream function in Stream.cc in Xpdf before 3.02pl4 and Poppler before 0.12.1, as used in GPdf, kdegraphics KPDF, and CUPS pdftops, allows remote attackers to cause a denial of service (application crash) via a crafted PDF document that triggers a NULL pointer dereference or buffer over-read."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de entero en la funci\u00f3n ImageStream::ImageStream  en Stream.cc en Xpdf v3.02pl4 y Poppler v0.12.1, usado en GPdf, kdegraphics KPDF, y CUPS pdftops, permite a atacantes remotsos provocar una denegaci\u00f3n de servicio (ca\u00edda de aplicaci\u00f3n) a trav\u00e9s de un documento PDF manipulado que provoca un deferencia a puntero nulo o un desbordamiento de b\u00fafer fuera del l\u00edmite (over-read)."
    }
  ],
  "id": "CVE-2009-3609",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2009-10-21T17:30:00.453",
  "references": [
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Exploit"
      ],
      "url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl4.patch"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035340.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035399.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035408.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://poppler.freedesktop.org/"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/37023"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/37028"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/37034"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/37037"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/37043"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/37051"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/37054"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/37061"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/37077"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/37079"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/37114"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/37159"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/39327"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/39938"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://securitytracker.com/id?1023029"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2010/dsa-2028"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2010/dsa-2050"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:287"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:334"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2010-0755.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Exploit",
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/36703"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.ubuntu.com/usn/USN-850-1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.ubuntu.com/usn/USN-850-3"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/2924"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/2925"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/2926"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/2928"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2010/0802"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2010/1220"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Exploit",
        "Patch"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=526893"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53800"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11043"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8134"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://rhn.redhat.com/errata/RHSA-2009-1500.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://rhn.redhat.com/errata/RHSA-2009-1501.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://rhn.redhat.com/errata/RHSA-2009-1502.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://rhn.redhat.com/errata/RHSA-2009-1503.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://rhn.redhat.com/errata/RHSA-2009-1504.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://rhn.redhat.com/errata/RHSA-2009-1512.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://rhn.redhat.com/errata/RHSA-2009-1513.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00750.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00784.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl4.patch"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035340.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035399.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035408.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://poppler.freedesktop.org/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/37023"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/37028"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/37034"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/37037"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/37043"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/37051"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/37054"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/37061"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/37077"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/37079"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/37114"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/37159"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/39327"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/39938"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1023029"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2010/dsa-2028"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2010/dsa-2050"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:287"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:334"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2010-0755.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/36703"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/USN-850-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/USN-850-3"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/2924"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/2925"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/2926"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/2928"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2010/0802"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2010/1220"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Patch"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=526893"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53800"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11043"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8134"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://rhn.redhat.com/errata/RHSA-2009-1500.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://rhn.redhat.com/errata/RHSA-2009-1501.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://rhn.redhat.com/errata/RHSA-2009-1502.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://rhn.redhat.com/errata/RHSA-2009-1503.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://rhn.redhat.com/errata/RHSA-2009-1504.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://rhn.redhat.com/errata/RHSA-2009-1512.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://rhn.redhat.com/errata/RHSA-2009-1513.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00750.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00784.html"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-189"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CVE-2009-0165 (GCVE-0-2009-0165)
Vulnerability from cvelistv5
Published
2009-04-23 19:11
Modified
2024-08-07 04:24
Severity ?
CWE
  • n/a
Summary
Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, as used in Poppler and other products, when running on Mac OS X, has unspecified impact, related to "g*allocn."
References
http://www.debian.org/security/2009/dsa-1793 vendor-advisory, x_refsource_DEBIAN
http://support.apple.com/kb/HT3639 x_refsource_CONFIRM
http://www.debian.org/security/2009/dsa-1790 vendor-advisory, x_refsource_DEBIAN
http://secunia.com/advisories/35037 third-party-advisory, x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2009/1621 vdb-entry, x_refsource_VUPEN
http://support.apple.com/kb/HT3549 x_refsource_CONFIRM
http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.578477 vendor-advisory, x_refsource_SLACKWARE
http://bugs.gentoo.org/show_bug.cgi?id=263028 x_refsource_CONFIRM
http://secunia.com/advisories/35074 third-party-advisory, x_refsource_SECUNIA
http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html vendor-advisory, x_refsource_APPLE
http://lists.apple.com/archives/security-announce/2009/May/msg00002.html vendor-advisory, x_refsource_APPLE
http://secunia.com/advisories/35065 third-party-advisory, x_refsource_SECUNIA
http://www.securityfocus.com/bid/34568 vdb-entry, x_refsource_BID
http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html vendor-advisory, x_refsource_SUSE
http://secunia.com/advisories/34991 third-party-advisory, x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDVSA-2009:101 vendor-advisory, x_refsource_MANDRIVA
http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html vendor-advisory, x_refsource_SUSE
http://www.us-cert.gov/cas/techalerts/TA09-133A.html third-party-advisory, x_refsource_CERT
http://secunia.com/advisories/35685 third-party-advisory, x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2009/1297 vdb-entry, x_refsource_VUPEN
https://exchange.xforce.ibmcloud.com/vulnerabilities/50377 vdb-entry, x_refsource_XF
http://secunia.com/advisories/34852 third-party-advisory, x_refsource_SECUNIA
http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html vendor-advisory, x_refsource_SUSE
http://secunia.com/advisories/34959 third-party-advisory, x_refsource_SECUNIA
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T04:24:17.994Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "DSA-1793",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2009/dsa-1793"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT3639"
          },
          {
            "name": "DSA-1790",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2009/dsa-1790"
          },
          {
            "name": "35037",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35037"
          },
          {
            "name": "ADV-2009-1621",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/1621"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT3549"
          },
          {
            "name": "SSA:2009-129-01",
            "tags": [
              "vendor-advisory",
              "x_refsource_SLACKWARE",
              "x_transferred"
            ],
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://bugs.gentoo.org/show_bug.cgi?id=263028"
          },
          {
            "name": "35074",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35074"
          },
          {
            "name": "APPLE-SA-2009-06-17-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html"
          },
          {
            "name": "APPLE-SA-2009-05-12",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
          },
          {
            "name": "35065",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35065"
          },
          {
            "name": "34568",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/34568"
          },
          {
            "name": "SUSE-SA:2009:024",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html"
          },
          {
            "name": "34991",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34991"
          },
          {
            "name": "MDVSA-2009:101",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101"
          },
          {
            "name": "SUSE-SR:2009:010",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
          },
          {
            "name": "TA09-133A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
          },
          {
            "name": "35685",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35685"
          },
          {
            "name": "ADV-2009-1297",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/1297"
          },
          {
            "name": "multiple-jbig2-unspecified(50377)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50377"
          },
          {
            "name": "34852",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34852"
          },
          {
            "name": "SUSE-SR:2009:012",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
          },
          {
            "name": "34959",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34959"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-04-16T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, as used in Poppler and other products, when running on Mac OS X, has unspecified impact, related to \"g*allocn.\""
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-07T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "DSA-1793",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2009/dsa-1793"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT3639"
        },
        {
          "name": "DSA-1790",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2009/dsa-1790"
        },
        {
          "name": "35037",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35037"
        },
        {
          "name": "ADV-2009-1621",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/1621"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT3549"
        },
        {
          "name": "SSA:2009-129-01",
          "tags": [
            "vendor-advisory",
            "x_refsource_SLACKWARE"
          ],
          "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://bugs.gentoo.org/show_bug.cgi?id=263028"
        },
        {
          "name": "35074",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35074"
        },
        {
          "name": "APPLE-SA-2009-06-17-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html"
        },
        {
          "name": "APPLE-SA-2009-05-12",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
        },
        {
          "name": "35065",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35065"
        },
        {
          "name": "34568",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/34568"
        },
        {
          "name": "SUSE-SA:2009:024",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html"
        },
        {
          "name": "34991",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34991"
        },
        {
          "name": "MDVSA-2009:101",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101"
        },
        {
          "name": "SUSE-SR:2009:010",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
        },
        {
          "name": "TA09-133A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
        },
        {
          "name": "35685",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35685"
        },
        {
          "name": "ADV-2009-1297",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/1297"
        },
        {
          "name": "multiple-jbig2-unspecified(50377)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50377"
        },
        {
          "name": "34852",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34852"
        },
        {
          "name": "SUSE-SR:2009:012",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
        },
        {
          "name": "34959",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34959"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2009-0165",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, as used in Poppler and other products, when running on Mac OS X, has unspecified impact, related to \"g*allocn.\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "DSA-1793",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2009/dsa-1793"
            },
            {
              "name": "http://support.apple.com/kb/HT3639",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT3639"
            },
            {
              "name": "DSA-1790",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2009/dsa-1790"
            },
            {
              "name": "35037",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/35037"
            },
            {
              "name": "ADV-2009-1621",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/1621"
            },
            {
              "name": "http://support.apple.com/kb/HT3549",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT3549"
            },
            {
              "name": "SSA:2009-129-01",
              "refsource": "SLACKWARE",
              "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477"
            },
            {
              "name": "http://bugs.gentoo.org/show_bug.cgi?id=263028",
              "refsource": "CONFIRM",
              "url": "http://bugs.gentoo.org/show_bug.cgi?id=263028"
            },
            {
              "name": "35074",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/35074"
            },
            {
              "name": "APPLE-SA-2009-06-17-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html"
            },
            {
              "name": "APPLE-SA-2009-05-12",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
            },
            {
              "name": "35065",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/35065"
            },
            {
              "name": "34568",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/34568"
            },
            {
              "name": "SUSE-SA:2009:024",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html"
            },
            {
              "name": "34991",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/34991"
            },
            {
              "name": "MDVSA-2009:101",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101"
            },
            {
              "name": "SUSE-SR:2009:010",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
            },
            {
              "name": "TA09-133A",
              "refsource": "CERT",
              "url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
            },
            {
              "name": "35685",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/35685"
            },
            {
              "name": "ADV-2009-1297",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/1297"
            },
            {
              "name": "multiple-jbig2-unspecified(50377)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50377"
            },
            {
              "name": "34852",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/34852"
            },
            {
              "name": "SUSE-SR:2009:012",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
            },
            {
              "name": "34959",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/34959"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2009-0165",
    "datePublished": "2009-04-23T19:11:00",
    "dateReserved": "2009-01-16T00:00:00",
    "dateUpdated": "2024-08-07T04:24:17.994Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2009-0166 (GCVE-0-2009-0166)
Vulnerability from cvelistv5
Published
2009-04-23 17:00
Modified
2024-08-07 04:24
Severity ?
CWE
  • n/a
Summary
The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers a free of uninitialized memory.
References
http://www.debian.org/security/2009/dsa-1793 vendor-advisory, x_refsource_DEBIAN
http://security.gentoo.org/glsa/glsa-200904-20.xml vendor-advisory, x_refsource_GENTOO
http://secunia.com/advisories/34963 third-party-advisory, x_refsource_SECUNIA
http://www.debian.org/security/2009/dsa-1790 vendor-advisory, x_refsource_DEBIAN
http://secunia.com/advisories/35037 third-party-advisory, x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2009/1077 vdb-entry, x_refsource_VUPEN
http://secunia.com/advisories/35064 third-party-advisory, x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2009/1066 vdb-entry, x_refsource_VUPEN
http://secunia.com/advisories/34481 third-party-advisory, x_refsource_SECUNIA
http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.578477 vendor-advisory, x_refsource_SLACKWARE
http://www.redhat.com/support/errata/RHSA-2009-0431.html vendor-advisory, x_refsource_REDHAT
http://www.vupen.com/english/advisories/2009/1065 vdb-entry, x_refsource_VUPEN
http://wiki.rpath.com/Advisories:rPSA-2009-0061 x_refsource_CONFIRM
http://www.redhat.com/support/errata/RHSA-2009-0430.html vendor-advisory, x_refsource_REDHAT
https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html vendor-advisory, x_refsource_FEDORA
http://secunia.com/advisories/35618 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/35065 third-party-advisory, x_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2009-0480.html vendor-advisory, x_refsource_REDHAT
http://www.securityfocus.com/bid/34568 vdb-entry, x_refsource_BID
http://www.securityfocus.com/archive/1/502750/100/0/threaded mailing-list, x_refsource_BUGTRAQ
http://www.vupen.com/english/advisories/2010/1040 vdb-entry, x_refsource_VUPEN
http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html vendor-advisory, x_refsource_SUSE
http://rhn.redhat.com/errata/RHSA-2009-0458.html vendor-advisory, x_refsource_REDHAT
https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html vendor-advisory, x_refsource_FEDORA
http://secunia.com/advisories/34991 third-party-advisory, x_refsource_SECUNIA
https://bugzilla.redhat.com/show_bug.cgi?id=490625 x_refsource_CONFIRM
http://www.mandriva.com/security/advisories?name=MDVSA-2009:101 vendor-advisory, x_refsource_MANDRIVA
http://www.mandriva.com/security/advisories?name=MDVSA-2010:087 vendor-advisory, x_refsource_MANDRIVA
http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html vendor-advisory, x_refsource_SUSE
http://secunia.com/advisories/35685 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/34756 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/34291 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/34755 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/34852 third-party-advisory, x_refsource_SECUNIA
http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html vendor-advisory, x_refsource_SUSE
https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html vendor-advisory, x_refsource_FEDORA
http://secunia.com/advisories/34959 third-party-advisory, x_refsource_SECUNIA
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9778 vdb-entry, signature, x_refsource_OVAL
http://www.redhat.com/support/errata/RHSA-2009-0429.html vendor-advisory, x_refsource_REDHAT
http://www.securitytracker.com/id?1022073 vdb-entry, x_refsource_SECTRACK
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T04:24:18.237Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "DSA-1793",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2009/dsa-1793"
          },
          {
            "name": "GLSA-200904-20",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200904-20.xml"
          },
          {
            "name": "34963",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34963"
          },
          {
            "name": "DSA-1790",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2009/dsa-1790"
          },
          {
            "name": "35037",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35037"
          },
          {
            "name": "ADV-2009-1077",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/1077"
          },
          {
            "name": "35064",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35064"
          },
          {
            "name": "ADV-2009-1066",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/1066"
          },
          {
            "name": "34481",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34481"
          },
          {
            "name": "SSA:2009-129-01",
            "tags": [
              "vendor-advisory",
              "x_refsource_SLACKWARE",
              "x_transferred"
            ],
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477"
          },
          {
            "name": "RHSA-2009:0431",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html"
          },
          {
            "name": "ADV-2009-1065",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/1065"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://wiki.rpath.com/Advisories:rPSA-2009-0061"
          },
          {
            "name": "RHSA-2009:0430",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html"
          },
          {
            "name": "FEDORA-2009-6972",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html"
          },
          {
            "name": "35618",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35618"
          },
          {
            "name": "35065",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35065"
          },
          {
            "name": "RHSA-2009:0480",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html"
          },
          {
            "name": "34568",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/34568"
          },
          {
            "name": "20090417 rPSA-2009-0061-1 cups",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/502750/100/0/threaded"
          },
          {
            "name": "ADV-2010-1040",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/1040"
          },
          {
            "name": "SUSE-SA:2009:024",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html"
          },
          {
            "name": "RHSA-2009:0458",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html"
          },
          {
            "name": "FEDORA-2009-6982",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html"
          },
          {
            "name": "34991",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34991"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=490625"
          },
          {
            "name": "MDVSA-2009:101",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101"
          },
          {
            "name": "MDVSA-2010:087",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
          },
          {
            "name": "SUSE-SR:2009:010",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
          },
          {
            "name": "35685",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35685"
          },
          {
            "name": "34756",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34756"
          },
          {
            "name": "34291",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34291"
          },
          {
            "name": "34755",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34755"
          },
          {
            "name": "34852",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34852"
          },
          {
            "name": "SUSE-SR:2009:012",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
          },
          {
            "name": "FEDORA-2009-6973",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html"
          },
          {
            "name": "34959",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34959"
          },
          {
            "name": "oval:org.mitre.oval:def:9778",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9778"
          },
          {
            "name": "RHSA-2009:0429",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html"
          },
          {
            "name": "1022073",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1022073"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-04-16T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers a free of uninitialized memory."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-11T19:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "DSA-1793",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2009/dsa-1793"
        },
        {
          "name": "GLSA-200904-20",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200904-20.xml"
        },
        {
          "name": "34963",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34963"
        },
        {
          "name": "DSA-1790",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2009/dsa-1790"
        },
        {
          "name": "35037",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35037"
        },
        {
          "name": "ADV-2009-1077",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/1077"
        },
        {
          "name": "35064",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35064"
        },
        {
          "name": "ADV-2009-1066",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/1066"
        },
        {
          "name": "34481",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34481"
        },
        {
          "name": "SSA:2009-129-01",
          "tags": [
            "vendor-advisory",
            "x_refsource_SLACKWARE"
          ],
          "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477"
        },
        {
          "name": "RHSA-2009:0431",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html"
        },
        {
          "name": "ADV-2009-1065",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/1065"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://wiki.rpath.com/Advisories:rPSA-2009-0061"
        },
        {
          "name": "RHSA-2009:0430",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html"
        },
        {
          "name": "FEDORA-2009-6972",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html"
        },
        {
          "name": "35618",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35618"
        },
        {
          "name": "35065",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35065"
        },
        {
          "name": "RHSA-2009:0480",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html"
        },
        {
          "name": "34568",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/34568"
        },
        {
          "name": "20090417 rPSA-2009-0061-1 cups",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/502750/100/0/threaded"
        },
        {
          "name": "ADV-2010-1040",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/1040"
        },
        {
          "name": "SUSE-SA:2009:024",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html"
        },
        {
          "name": "RHSA-2009:0458",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html"
        },
        {
          "name": "FEDORA-2009-6982",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html"
        },
        {
          "name": "34991",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34991"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=490625"
        },
        {
          "name": "MDVSA-2009:101",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101"
        },
        {
          "name": "MDVSA-2010:087",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
        },
        {
          "name": "SUSE-SR:2009:010",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
        },
        {
          "name": "35685",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35685"
        },
        {
          "name": "34756",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34756"
        },
        {
          "name": "34291",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34291"
        },
        {
          "name": "34755",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34755"
        },
        {
          "name": "34852",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34852"
        },
        {
          "name": "SUSE-SR:2009:012",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
        },
        {
          "name": "FEDORA-2009-6973",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html"
        },
        {
          "name": "34959",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34959"
        },
        {
          "name": "oval:org.mitre.oval:def:9778",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9778"
        },
        {
          "name": "RHSA-2009:0429",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html"
        },
        {
          "name": "1022073",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1022073"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2009-0166",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers a free of uninitialized memory."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "DSA-1793",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2009/dsa-1793"
            },
            {
              "name": "GLSA-200904-20",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-200904-20.xml"
            },
            {
              "name": "34963",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/34963"
            },
            {
              "name": "DSA-1790",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2009/dsa-1790"
            },
            {
              "name": "35037",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/35037"
            },
            {
              "name": "ADV-2009-1077",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/1077"
            },
            {
              "name": "35064",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/35064"
            },
            {
              "name": "ADV-2009-1066",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/1066"
            },
            {
              "name": "34481",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/34481"
            },
            {
              "name": "SSA:2009-129-01",
              "refsource": "SLACKWARE",
              "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477"
            },
            {
              "name": "RHSA-2009:0431",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html"
            },
            {
              "name": "ADV-2009-1065",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/1065"
            },
            {
              "name": "http://wiki.rpath.com/Advisories:rPSA-2009-0061",
              "refsource": "CONFIRM",
              "url": "http://wiki.rpath.com/Advisories:rPSA-2009-0061"
            },
            {
              "name": "RHSA-2009:0430",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html"
            },
            {
              "name": "FEDORA-2009-6972",
              "refsource": "FEDORA",
              "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html"
            },
            {
              "name": "35618",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/35618"
            },
            {
              "name": "35065",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/35065"
            },
            {
              "name": "RHSA-2009:0480",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html"
            },
            {
              "name": "34568",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/34568"
            },
            {
              "name": "20090417 rPSA-2009-0061-1 cups",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/502750/100/0/threaded"
            },
            {
              "name": "ADV-2010-1040",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2010/1040"
            },
            {
              "name": "SUSE-SA:2009:024",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html"
            },
            {
              "name": "RHSA-2009:0458",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html"
            },
            {
              "name": "FEDORA-2009-6982",
              "refsource": "FEDORA",
              "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html"
            },
            {
              "name": "34991",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/34991"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=490625",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=490625"
            },
            {
              "name": "MDVSA-2009:101",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101"
            },
            {
              "name": "MDVSA-2010:087",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
            },
            {
              "name": "SUSE-SR:2009:010",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
            },
            {
              "name": "35685",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/35685"
            },
            {
              "name": "34756",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/34756"
            },
            {
              "name": "34291",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/34291"
            },
            {
              "name": "34755",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/34755"
            },
            {
              "name": "34852",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/34852"
            },
            {
              "name": "SUSE-SR:2009:012",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
            },
            {
              "name": "FEDORA-2009-6973",
              "refsource": "FEDORA",
              "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html"
            },
            {
              "name": "34959",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/34959"
            },
            {
              "name": "oval:org.mitre.oval:def:9778",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9778"
            },
            {
              "name": "RHSA-2009:0429",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html"
            },
            {
              "name": "1022073",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1022073"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2009-0166",
    "datePublished": "2009-04-23T17:00:00",
    "dateReserved": "2009-01-16T00:00:00",
    "dateUpdated": "2024-08-07T04:24:18.237Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2017-2820 (GCVE-0-2017-2820)
Vulnerability from cvelistv5
Published
2017-07-12 17:00
Modified
2024-09-16 17:57
CWE
  • heap overflow
Summary
An exploitable integer overflow vulnerability exists in the JPEG 2000 image parsing functionality of freedesktop.org Poppler 0.53.0. A specially crafted PDF file can lead to an integer overflow causing out of bounds memory overwrite on the heap resulting in potential arbitrary code execution. To trigger this vulnerability, a victim must open the malicious PDF in an application using this library.
References
Impacted products
Vendor Product Version
Poppler Poppler Version: 0.53
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T14:02:07.712Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "99497",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/99497"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2017-0321"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Poppler",
          "vendor": "Poppler",
          "versions": [
            {
              "status": "affected",
              "version": "0.53"
            }
          ]
        }
      ],
      "datePublic": "2017-07-11T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "An exploitable integer overflow vulnerability exists in the JPEG 2000 image parsing functionality of freedesktop.org Poppler 0.53.0. A specially crafted PDF file can lead to an integer overflow causing out of bounds memory overwrite on the heap resulting in potential arbitrary code execution. To trigger this vulnerability, a victim must open the malicious PDF in an application using this library."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "heap overflow",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-04-19T18:22:50",
        "orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
        "shortName": "talos"
      },
      "references": [
        {
          "name": "99497",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/99497"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2017-0321"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "talos-cna@cisco.com",
          "DATE_PUBLIC": "2017-07-11T00:00:00",
          "ID": "CVE-2017-2820",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Poppler",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "0.53"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Poppler"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An exploitable integer overflow vulnerability exists in the JPEG 2000 image parsing functionality of freedesktop.org Poppler 0.53.0. A specially crafted PDF file can lead to an integer overflow causing out of bounds memory overwrite on the heap resulting in potential arbitrary code execution. To trigger this vulnerability, a victim must open the malicious PDF in an application using this library."
            }
          ]
        },
        "impact": {
          "cvss": {
            "baseScore": 8.8,
            "baseSeverity": "High",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "heap overflow"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "99497",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/99497"
            },
            {
              "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2017-0321",
              "refsource": "MISC",
              "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2017-0321"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
    "assignerShortName": "talos",
    "cveId": "CVE-2017-2820",
    "datePublished": "2017-07-12T17:00:00Z",
    "dateReserved": "2016-12-01T00:00:00",
    "dateUpdated": "2024-09-16T17:57:59.150Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2008-2950 (GCVE-0-2008-2950)
Vulnerability from cvelistv5
Published
2008-07-07 23:00
Modified
2024-08-07 09:21
Severity ?
CWE
  • n/a
Summary
The Page destructor in Page.cc in libpoppler in Poppler 0.8.4 and earlier deletes a pageWidgets object even if it is not initialized by a Page constructor, which allows remote attackers to execute arbitrary code via a crafted PDF document.
References
http://wiki.rpath.com/Advisories:rPSA-2008-0223 x_refsource_CONFIRM
http://www.securityfocus.com/archive/1/494142/100/0/threaded mailing-list, x_refsource_BUGTRAQ
https://www.exploit-db.com/exploits/6032 exploit, x_refsource_EXPLOIT-DB
http://secunia.com/advisories/30963 third-party-advisory, x_refsource_SECUNIA
http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00006.html vendor-advisory, x_refsource_SUSE
http://www.vupen.com/english/advisories/2008/2024/references vdb-entry, x_refsource_VUPEN
http://secunia.com/advisories/31002 third-party-advisory, x_refsource_SECUNIA
http://www.securityfocus.com/bid/30107 vdb-entry, x_refsource_BID
http://security.gentoo.org/glsa/glsa-200807-04.xml vendor-advisory, x_refsource_GENTOO
http://www.ocert.org/advisories/ocert-2008-007.html x_refsource_MISC
http://secunia.com/advisories/31267 third-party-advisory, x_refsource_SECUNIA
http://www.ubuntu.com/usn/usn-631-1 vendor-advisory, x_refsource_UBUNTU
http://secunia.com/advisories/31405 third-party-advisory, x_refsource_SECUNIA
https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00161.html vendor-advisory, x_refsource_FEDORA
https://exchange.xforce.ibmcloud.com/vulnerabilities/43619 vdb-entry, x_refsource_XF
http://www.mandriva.com/security/advisories?name=MDVSA-2008:146 vendor-advisory, x_refsource_MANDRIVA
http://securityreason.com/securityalert/3977 third-party-advisory, x_refsource_SREASON
http://www.securitytracker.com/id?1020435 vdb-entry, x_refsource_SECTRACK
http://www.securityfocus.com/archive/1/493980/100/0/threaded mailing-list, x_refsource_BUGTRAQ
http://secunia.com/advisories/31167 third-party-advisory, x_refsource_SECUNIA
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T09:21:34.456Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://wiki.rpath.com/Advisories:rPSA-2008-0223"
          },
          {
            "name": "20080709 rPSA-2008-0223-1 poppler",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/494142/100/0/threaded"
          },
          {
            "name": "6032",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/6032"
          },
          {
            "name": "30963",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/30963"
          },
          {
            "name": "SUSE-SR:2008:015",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00006.html"
          },
          {
            "name": "ADV-2008-2024",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/2024/references"
          },
          {
            "name": "31002",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/31002"
          },
          {
            "name": "30107",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/30107"
          },
          {
            "name": "GLSA-200807-04",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200807-04.xml"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.ocert.org/advisories/ocert-2008-007.html"
          },
          {
            "name": "31267",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/31267"
          },
          {
            "name": "USN-631-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/usn-631-1"
          },
          {
            "name": "31405",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/31405"
          },
          {
            "name": "FEDORA-2008-7104",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00161.html"
          },
          {
            "name": "poppler-page-destructor-code-execution(43619)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43619"
          },
          {
            "name": "MDVSA-2008:146",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:146"
          },
          {
            "name": "3977",
            "tags": [
              "third-party-advisory",
              "x_refsource_SREASON",
              "x_transferred"
            ],
            "url": "http://securityreason.com/securityalert/3977"
          },
          {
            "name": "1020435",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1020435"
          },
          {
            "name": "20080707 [oCERT-2008-007] libpoppler uninitialized pointer",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/493980/100/0/threaded"
          },
          {
            "name": "31167",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/31167"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2008-07-07T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The Page destructor in Page.cc in libpoppler in Poppler 0.8.4 and earlier deletes a pageWidgets object even if it is not initialized by a Page constructor, which allows remote attackers to execute arbitrary code via a crafted PDF document."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-11T19:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://wiki.rpath.com/Advisories:rPSA-2008-0223"
        },
        {
          "name": "20080709 rPSA-2008-0223-1 poppler",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/494142/100/0/threaded"
        },
        {
          "name": "6032",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/6032"
        },
        {
          "name": "30963",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/30963"
        },
        {
          "name": "SUSE-SR:2008:015",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00006.html"
        },
        {
          "name": "ADV-2008-2024",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/2024/references"
        },
        {
          "name": "31002",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/31002"
        },
        {
          "name": "30107",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/30107"
        },
        {
          "name": "GLSA-200807-04",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200807-04.xml"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.ocert.org/advisories/ocert-2008-007.html"
        },
        {
          "name": "31267",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/31267"
        },
        {
          "name": "USN-631-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/usn-631-1"
        },
        {
          "name": "31405",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/31405"
        },
        {
          "name": "FEDORA-2008-7104",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00161.html"
        },
        {
          "name": "poppler-page-destructor-code-execution(43619)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43619"
        },
        {
          "name": "MDVSA-2008:146",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:146"
        },
        {
          "name": "3977",
          "tags": [
            "third-party-advisory",
            "x_refsource_SREASON"
          ],
          "url": "http://securityreason.com/securityalert/3977"
        },
        {
          "name": "1020435",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1020435"
        },
        {
          "name": "20080707 [oCERT-2008-007] libpoppler uninitialized pointer",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/493980/100/0/threaded"
        },
        {
          "name": "31167",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/31167"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2008-2950",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The Page destructor in Page.cc in libpoppler in Poppler 0.8.4 and earlier deletes a pageWidgets object even if it is not initialized by a Page constructor, which allows remote attackers to execute arbitrary code via a crafted PDF document."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://wiki.rpath.com/Advisories:rPSA-2008-0223",
              "refsource": "CONFIRM",
              "url": "http://wiki.rpath.com/Advisories:rPSA-2008-0223"
            },
            {
              "name": "20080709 rPSA-2008-0223-1 poppler",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/494142/100/0/threaded"
            },
            {
              "name": "6032",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/6032"
            },
            {
              "name": "30963",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/30963"
            },
            {
              "name": "SUSE-SR:2008:015",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00006.html"
            },
            {
              "name": "ADV-2008-2024",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/2024/references"
            },
            {
              "name": "31002",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/31002"
            },
            {
              "name": "30107",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/30107"
            },
            {
              "name": "GLSA-200807-04",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-200807-04.xml"
            },
            {
              "name": "http://www.ocert.org/advisories/ocert-2008-007.html",
              "refsource": "MISC",
              "url": "http://www.ocert.org/advisories/ocert-2008-007.html"
            },
            {
              "name": "31267",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/31267"
            },
            {
              "name": "USN-631-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/usn-631-1"
            },
            {
              "name": "31405",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/31405"
            },
            {
              "name": "FEDORA-2008-7104",
              "refsource": "FEDORA",
              "url": "https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00161.html"
            },
            {
              "name": "poppler-page-destructor-code-execution(43619)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43619"
            },
            {
              "name": "MDVSA-2008:146",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:146"
            },
            {
              "name": "3977",
              "refsource": "SREASON",
              "url": "http://securityreason.com/securityalert/3977"
            },
            {
              "name": "1020435",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1020435"
            },
            {
              "name": "20080707 [oCERT-2008-007] libpoppler uninitialized pointer",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/493980/100/0/threaded"
            },
            {
              "name": "31167",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/31167"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2008-2950",
    "datePublished": "2008-07-07T23:00:00",
    "dateReserved": "2008-06-30T00:00:00",
    "dateUpdated": "2024-08-07T09:21:34.456Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2017-2814 (GCVE-0-2017-2814)
Vulnerability from cvelistv5
Published
2017-07-12 17:00
Modified
2024-09-16 19:15
CWE
  • heap overflow
Summary
An exploitable heap overflow vulnerability exists in the image rendering functionality of Poppler 0.53.0. A specifically crafted pdf can cause an image resizing after allocation has already occurred, resulting in heap corruption which can lead to code execution. An attacker controlled PDF file can be used to trigger this vulnerability.
References
Impacted products
Vendor Product Version
Poppler Poppler Version: 0.53.0
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T14:02:07.754Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "99497",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/99497"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2017-0311"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Poppler",
          "vendor": "Poppler",
          "versions": [
            {
              "status": "affected",
              "version": "0.53.0"
            }
          ]
        }
      ],
      "datePublic": "2017-07-11T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "An exploitable heap overflow vulnerability exists in the image rendering functionality of Poppler 0.53.0. A specifically crafted pdf can cause an image resizing after allocation has already occurred, resulting in heap corruption which can lead to code execution. An attacker controlled PDF file can be used to trigger this vulnerability."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "heap overflow",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-04-19T18:22:42",
        "orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
        "shortName": "talos"
      },
      "references": [
        {
          "name": "99497",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/99497"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2017-0311"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "talos-cna@cisco.com",
          "DATE_PUBLIC": "2017-07-11T00:00:00",
          "ID": "CVE-2017-2814",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Poppler",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "0.53.0"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Poppler"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An exploitable heap overflow vulnerability exists in the image rendering functionality of Poppler 0.53.0. A specifically crafted pdf can cause an image resizing after allocation has already occurred, resulting in heap corruption which can lead to code execution. An attacker controlled PDF file can be used to trigger this vulnerability."
            }
          ]
        },
        "impact": {
          "cvss": {
            "baseScore": 7.5,
            "baseSeverity": "High",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "heap overflow"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "99497",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/99497"
            },
            {
              "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2017-0311",
              "refsource": "MISC",
              "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2017-0311"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
    "assignerShortName": "talos",
    "cveId": "CVE-2017-2814",
    "datePublished": "2017-07-12T17:00:00Z",
    "dateReserved": "2016-12-01T00:00:00",
    "dateUpdated": "2024-09-16T19:15:46.393Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2005-3625 (GCVE-0-2005-3625)
Vulnerability from cvelistv5
Published
2006-01-06 22:00
Modified
2024-08-07 23:17
Severity ?
CWE
  • n/a
Summary
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka "Infinite CPU spins."
References
http://www.securityfocus.com/bid/16143 vdb-entry, x_refsource_BID
http://www.debian.org/security/2005/dsa-932 vendor-advisory, x_refsource_DEBIAN
http://secunia.com/advisories/18349 third-party-advisory, x_refsource_SECUNIA
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9575 vdb-entry, signature, x_refsource_OVAL
http://secunia.com/advisories/18147 third-party-advisory, x_refsource_SECUNIA
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt vendor-advisory, x_refsource_SCO
http://scary.beasts.org/security/CESA-2005-003.txt x_refsource_MISC
http://www.kde.org/info/security/advisory-20051207-2.txt x_refsource_CONFIRM
http://secunia.com/advisories/18679 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18312 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18644 third-party-advisory, x_refsource_SECUNIA
https://usn.ubuntu.com/236-1/ vendor-advisory, x_refsource_UBUNTU
http://secunia.com/advisories/18425 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18373 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18303 third-party-advisory, x_refsource_SECUNIA
http://www.debian.org/security/2005/dsa-931 vendor-advisory, x_refsource_DEBIAN
http://secunia.com/advisories/18554 third-party-advisory, x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDKSA-2006:003 vendor-advisory, x_refsource_MANDRIVA
http://secunia.com/advisories/19230 third-party-advisory, x_refsource_SECUNIA
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1 vendor-advisory, x_refsource_SUNALERT
http://www.mandriva.com/security/advisories?name=MDKSA-2006:012 vendor-advisory, x_refsource_MANDRIVA
http://www.debian.org/security/2006/dsa-962 vendor-advisory, x_refsource_DEBIAN
http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.html x_refsource_CONFIRM
http://www.redhat.com/support/errata/RHSA-2006-0163.html vendor-advisory, x_refsource_REDHAT
http://www.debian.org/security/2005/dsa-937 vendor-advisory, x_refsource_DEBIAN
http://secunia.com/advisories/18398 third-party-advisory, x_refsource_SECUNIA
http://www.securityfocus.com/archive/1/427053/100/0/threaded vendor-advisory, x_refsource_FEDORA
http://www.trustix.org/errata/2006/0002/ vendor-advisory, x_refsource_TRUSTIX
http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html vendor-advisory, x_refsource_SUSE
http://www.debian.org/security/2006/dsa-936 vendor-advisory, x_refsource_DEBIAN
http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html vendor-advisory, x_refsource_FEDORA
http://secunia.com/advisories/18329 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18463 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18642 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18674 third-party-advisory, x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDKSA-2006:005 vendor-advisory, x_refsource_MANDRIVA
http://secunia.com/advisories/18313 third-party-advisory, x_refsource_SECUNIA
ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U vendor-advisory, x_refsource_SGI
ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U vendor-advisory, x_refsource_SGI
http://secunia.com/advisories/18448 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18436 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18428 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18380 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18423 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18416 third-party-advisory, x_refsource_SECUNIA
http://rhn.redhat.com/errata/RHSA-2006-0177.html vendor-advisory, x_refsource_REDHAT
http://www.vupen.com/english/advisories/2007/2280 vdb-entry, x_refsource_VUPEN
http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml vendor-advisory, x_refsource_GENTOO
http://secunia.com/advisories/18335 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18407 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18332 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18517 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18582 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18534 third-party-advisory, x_refsource_SECUNIA
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683 vendor-advisory, x_refsource_SLACKWARE
https://exchange.xforce.ibmcloud.com/vulnerabilities/24023 vdb-entry, x_refsource_XF
http://secunia.com/advisories/18908 third-party-advisory, x_refsource_SECUNIA
http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.html x_refsource_CONFIRM
http://secunia.com/advisories/25729 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18414 third-party-advisory, x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDKSA-2006:006 vendor-advisory, x_refsource_MANDRIVA
http://secunia.com/advisories/18338 third-party-advisory, x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDKSA-2006:008 vendor-advisory, x_refsource_MANDRIVA
ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U vendor-advisory, x_refsource_SGI
http://www.redhat.com/support/errata/RHSA-2006-0160.html vendor-advisory, x_refsource_REDHAT
http://www.mandriva.com/security/advisories?name=MDKSA-2006:010 vendor-advisory, x_refsource_MANDRAKE
http://www.debian.org/security/2005/dsa-940 vendor-advisory, x_refsource_DEBIAN
http://www.mandriva.com/security/advisories?name=MDKSA-2006:004 vendor-advisory, x_refsource_MANDRIVA
http://www.vupen.com/english/advisories/2006/0047 vdb-entry, x_refsource_VUPEN
http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml vendor-advisory, x_refsource_GENTOO
http://secunia.com/advisories/18389 third-party-advisory, x_refsource_SECUNIA
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747 vendor-advisory, x_refsource_SLACKWARE
http://secunia.com/advisories/19377 third-party-advisory, x_refsource_SECUNIA
http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html vendor-advisory, x_refsource_FEDORA
http://www.securityfocus.com/archive/1/427990/100/0/threaded vendor-advisory, x_refsource_FEDORA
http://www.debian.org/security/2006/dsa-961 vendor-advisory, x_refsource_DEBIAN
http://secunia.com/advisories/18675 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18913 third-party-advisory, x_refsource_SECUNIA
http://www.debian.org/security/2005/dsa-938 vendor-advisory, x_refsource_DEBIAN
http://secunia.com/advisories/18334 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18375 third-party-advisory, x_refsource_SECUNIA
http://www.debian.org/security/2006/dsa-950 vendor-advisory, x_refsource_DEBIAN
http://secunia.com/advisories/18387 third-party-advisory, x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDKSA-2006:011 vendor-advisory, x_refsource_MANDRIVA
http://secunia.com/advisories/18385 third-party-advisory, x_refsource_SECUNIA
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T23:17:23.366Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "16143",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/16143"
          },
          {
            "name": "DSA-932",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2005/dsa-932"
          },
          {
            "name": "18349",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18349"
          },
          {
            "name": "oval:org.mitre.oval:def:9575",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9575"
          },
          {
            "name": "18147",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18147"
          },
          {
            "name": "SCOSA-2006.15",
            "tags": [
              "vendor-advisory",
              "x_refsource_SCO",
              "x_transferred"
            ],
            "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://scary.beasts.org/security/CESA-2005-003.txt"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.kde.org/info/security/advisory-20051207-2.txt"
          },
          {
            "name": "18679",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18679"
          },
          {
            "name": "18312",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18312"
          },
          {
            "name": "18644",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18644"
          },
          {
            "name": "USN-236-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/236-1/"
          },
          {
            "name": "18425",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18425"
          },
          {
            "name": "18373",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18373"
          },
          {
            "name": "18303",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18303"
          },
          {
            "name": "DSA-931",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2005/dsa-931"
          },
          {
            "name": "18554",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18554"
          },
          {
            "name": "MDKSA-2006:003",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003"
          },
          {
            "name": "19230",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/19230"
          },
          {
            "name": "102972",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1"
          },
          {
            "name": "MDKSA-2006:012",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012"
          },
          {
            "name": "DSA-962",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-962"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.html"
          },
          {
            "name": "RHSA-2006:0163",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html"
          },
          {
            "name": "DSA-937",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2005/dsa-937"
          },
          {
            "name": "18398",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18398"
          },
          {
            "name": "FLSA-2006:176751",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded"
          },
          {
            "name": "2006-0002",
            "tags": [
              "vendor-advisory",
              "x_refsource_TRUSTIX",
              "x_transferred"
            ],
            "url": "http://www.trustix.org/errata/2006/0002/"
          },
          {
            "name": "SUSE-SA:2006:001",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html"
          },
          {
            "name": "DSA-936",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-936"
          },
          {
            "name": "FEDORA-2005-026",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html"
          },
          {
            "name": "18329",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18329"
          },
          {
            "name": "18463",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18463"
          },
          {
            "name": "18642",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18642"
          },
          {
            "name": "18674",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18674"
          },
          {
            "name": "MDKSA-2006:005",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005"
          },
          {
            "name": "18313",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18313"
          },
          {
            "name": "20051201-01-U",
            "tags": [
              "vendor-advisory",
              "x_refsource_SGI",
              "x_transferred"
            ],
            "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U"
          },
          {
            "name": "20060101-01-U",
            "tags": [
              "vendor-advisory",
              "x_refsource_SGI",
              "x_transferred"
            ],
            "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U"
          },
          {
            "name": "18448",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18448"
          },
          {
            "name": "18436",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18436"
          },
          {
            "name": "18428",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18428"
          },
          {
            "name": "18380",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18380"
          },
          {
            "name": "18423",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18423"
          },
          {
            "name": "18416",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18416"
          },
          {
            "name": "RHSA-2006:0177",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html"
          },
          {
            "name": "ADV-2007-2280",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/2280"
          },
          {
            "name": "GLSA-200601-02",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml"
          },
          {
            "name": "18335",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18335"
          },
          {
            "name": "18407",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18407"
          },
          {
            "name": "18332",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18332"
          },
          {
            "name": "18517",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18517"
          },
          {
            "name": "18582",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18582"
          },
          {
            "name": "18534",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18534"
          },
          {
            "name": "SSA:2006-045-09",
            "tags": [
              "vendor-advisory",
              "x_refsource_SLACKWARE",
              "x_transferred"
            ],
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683"
          },
          {
            "name": "xpdf-ccittfaxdecode-dctdecode-dos(24023)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24023"
          },
          {
            "name": "18908",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18908"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.html"
          },
          {
            "name": "25729",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25729"
          },
          {
            "name": "18414",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18414"
          },
          {
            "name": "MDKSA-2006:006",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006"
          },
          {
            "name": "18338",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18338"
          },
          {
            "name": "MDKSA-2006:008",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008"
          },
          {
            "name": "20060201-01-U",
            "tags": [
              "vendor-advisory",
              "x_refsource_SGI",
              "x_transferred"
            ],
            "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U"
          },
          {
            "name": "RHSA-2006:0160",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html"
          },
          {
            "name": "MDKSA-2006:010",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010"
          },
          {
            "name": "DSA-940",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2005/dsa-940"
          },
          {
            "name": "MDKSA-2006:004",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004"
          },
          {
            "name": "ADV-2006-0047",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/0047"
          },
          {
            "name": "GLSA-200601-17",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml"
          },
          {
            "name": "18389",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18389"
          },
          {
            "name": "SSA:2006-045-04",
            "tags": [
              "vendor-advisory",
              "x_refsource_SLACKWARE",
              "x_transferred"
            ],
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747"
          },
          {
            "name": "19377",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/19377"
          },
          {
            "name": "FEDORA-2005-025",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html"
          },
          {
            "name": "FLSA:175404",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded"
          },
          {
            "name": "DSA-961",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-961"
          },
          {
            "name": "18675",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18675"
          },
          {
            "name": "18913",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18913"
          },
          {
            "name": "DSA-938",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2005/dsa-938"
          },
          {
            "name": "18334",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18334"
          },
          {
            "name": "18375",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18375"
          },
          {
            "name": "DSA-950",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-950"
          },
          {
            "name": "18387",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18387"
          },
          {
            "name": "MDKSA-2006:011",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011"
          },
          {
            "name": "18385",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18385"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-01-06T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka \"Infinite CPU spins.\""
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-19T14:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "16143",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/16143"
        },
        {
          "name": "DSA-932",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2005/dsa-932"
        },
        {
          "name": "18349",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18349"
        },
        {
          "name": "oval:org.mitre.oval:def:9575",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9575"
        },
        {
          "name": "18147",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18147"
        },
        {
          "name": "SCOSA-2006.15",
          "tags": [
            "vendor-advisory",
            "x_refsource_SCO"
          ],
          "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://scary.beasts.org/security/CESA-2005-003.txt"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.kde.org/info/security/advisory-20051207-2.txt"
        },
        {
          "name": "18679",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18679"
        },
        {
          "name": "18312",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18312"
        },
        {
          "name": "18644",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18644"
        },
        {
          "name": "USN-236-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/236-1/"
        },
        {
          "name": "18425",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18425"
        },
        {
          "name": "18373",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18373"
        },
        {
          "name": "18303",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18303"
        },
        {
          "name": "DSA-931",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2005/dsa-931"
        },
        {
          "name": "18554",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18554"
        },
        {
          "name": "MDKSA-2006:003",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003"
        },
        {
          "name": "19230",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/19230"
        },
        {
          "name": "102972",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1"
        },
        {
          "name": "MDKSA-2006:012",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012"
        },
        {
          "name": "DSA-962",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-962"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.html"
        },
        {
          "name": "RHSA-2006:0163",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html"
        },
        {
          "name": "DSA-937",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2005/dsa-937"
        },
        {
          "name": "18398",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18398"
        },
        {
          "name": "FLSA-2006:176751",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded"
        },
        {
          "name": "2006-0002",
          "tags": [
            "vendor-advisory",
            "x_refsource_TRUSTIX"
          ],
          "url": "http://www.trustix.org/errata/2006/0002/"
        },
        {
          "name": "SUSE-SA:2006:001",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html"
        },
        {
          "name": "DSA-936",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-936"
        },
        {
          "name": "FEDORA-2005-026",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html"
        },
        {
          "name": "18329",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18329"
        },
        {
          "name": "18463",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18463"
        },
        {
          "name": "18642",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18642"
        },
        {
          "name": "18674",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18674"
        },
        {
          "name": "MDKSA-2006:005",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005"
        },
        {
          "name": "18313",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18313"
        },
        {
          "name": "20051201-01-U",
          "tags": [
            "vendor-advisory",
            "x_refsource_SGI"
          ],
          "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U"
        },
        {
          "name": "20060101-01-U",
          "tags": [
            "vendor-advisory",
            "x_refsource_SGI"
          ],
          "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U"
        },
        {
          "name": "18448",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18448"
        },
        {
          "name": "18436",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18436"
        },
        {
          "name": "18428",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18428"
        },
        {
          "name": "18380",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18380"
        },
        {
          "name": "18423",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18423"
        },
        {
          "name": "18416",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18416"
        },
        {
          "name": "RHSA-2006:0177",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html"
        },
        {
          "name": "ADV-2007-2280",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/2280"
        },
        {
          "name": "GLSA-200601-02",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml"
        },
        {
          "name": "18335",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18335"
        },
        {
          "name": "18407",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18407"
        },
        {
          "name": "18332",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18332"
        },
        {
          "name": "18517",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18517"
        },
        {
          "name": "18582",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18582"
        },
        {
          "name": "18534",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18534"
        },
        {
          "name": "SSA:2006-045-09",
          "tags": [
            "vendor-advisory",
            "x_refsource_SLACKWARE"
          ],
          "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683"
        },
        {
          "name": "xpdf-ccittfaxdecode-dctdecode-dos(24023)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24023"
        },
        {
          "name": "18908",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18908"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.html"
        },
        {
          "name": "25729",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25729"
        },
        {
          "name": "18414",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18414"
        },
        {
          "name": "MDKSA-2006:006",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006"
        },
        {
          "name": "18338",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18338"
        },
        {
          "name": "MDKSA-2006:008",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008"
        },
        {
          "name": "20060201-01-U",
          "tags": [
            "vendor-advisory",
            "x_refsource_SGI"
          ],
          "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U"
        },
        {
          "name": "RHSA-2006:0160",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html"
        },
        {
          "name": "MDKSA-2006:010",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010"
        },
        {
          "name": "DSA-940",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2005/dsa-940"
        },
        {
          "name": "MDKSA-2006:004",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004"
        },
        {
          "name": "ADV-2006-0047",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/0047"
        },
        {
          "name": "GLSA-200601-17",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml"
        },
        {
          "name": "18389",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18389"
        },
        {
          "name": "SSA:2006-045-04",
          "tags": [
            "vendor-advisory",
            "x_refsource_SLACKWARE"
          ],
          "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747"
        },
        {
          "name": "19377",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/19377"
        },
        {
          "name": "FEDORA-2005-025",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html"
        },
        {
          "name": "FLSA:175404",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded"
        },
        {
          "name": "DSA-961",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-961"
        },
        {
          "name": "18675",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18675"
        },
        {
          "name": "18913",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18913"
        },
        {
          "name": "DSA-938",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2005/dsa-938"
        },
        {
          "name": "18334",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18334"
        },
        {
          "name": "18375",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18375"
        },
        {
          "name": "DSA-950",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-950"
        },
        {
          "name": "18387",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18387"
        },
        {
          "name": "MDKSA-2006:011",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011"
        },
        {
          "name": "18385",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18385"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2005-3625",
    "datePublished": "2006-01-06T22:00:00",
    "dateReserved": "2005-11-16T00:00:00",
    "dateUpdated": "2024-08-07T23:17:23.366Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2009-1180 (GCVE-0-2009-1180)
Vulnerability from cvelistv5
Published
2009-04-23 17:00
Modified
2024-08-07 05:04
Severity ?
CWE
  • n/a
Summary
The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to execute arbitrary code via a crafted PDF file that triggers a free of invalid data.
References
http://www.debian.org/security/2009/dsa-1793 vendor-advisory, x_refsource_DEBIAN
http://secunia.com/advisories/34963 third-party-advisory, x_refsource_SECUNIA
http://www.debian.org/security/2009/dsa-1790 vendor-advisory, x_refsource_DEBIAN
http://secunia.com/advisories/35037 third-party-advisory, x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2009/1077 vdb-entry, x_refsource_VUPEN
https://bugzilla.redhat.com/show_bug.cgi?id=495892 x_refsource_CONFIRM
http://secunia.com/advisories/35064 third-party-advisory, x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2009/1066 vdb-entry, x_refsource_VUPEN
http://secunia.com/advisories/34481 third-party-advisory, x_refsource_SECUNIA
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9926 vdb-entry, signature, x_refsource_OVAL
http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.578477 vendor-advisory, x_refsource_SLACKWARE
http://www.redhat.com/support/errata/RHSA-2009-0431.html vendor-advisory, x_refsource_REDHAT
http://www.vupen.com/english/advisories/2009/1065 vdb-entry, x_refsource_VUPEN
http://www.redhat.com/support/errata/RHSA-2009-0430.html vendor-advisory, x_refsource_REDHAT
https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html vendor-advisory, x_refsource_FEDORA
http://secunia.com/advisories/35618 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/35065 third-party-advisory, x_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2009-0480.html vendor-advisory, x_refsource_REDHAT
http://poppler.freedesktop.org/releases.html x_refsource_CONFIRM
http://www.securityfocus.com/bid/34568 vdb-entry, x_refsource_BID
http://www.mandriva.com/security/advisories?name=MDVSA-2011:175 vendor-advisory, x_refsource_MANDRIVA
http://www.kb.cert.org/vuls/id/196617 third-party-advisory, x_refsource_CERT-VN
http://www.vupen.com/english/advisories/2010/1040 vdb-entry, x_refsource_VUPEN
http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html vendor-advisory, x_refsource_SUSE
http://rhn.redhat.com/errata/RHSA-2009-0458.html vendor-advisory, x_refsource_REDHAT
https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html vendor-advisory, x_refsource_FEDORA
http://secunia.com/advisories/34991 third-party-advisory, x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDVSA-2009:101 vendor-advisory, x_refsource_MANDRIVA
http://www.mandriva.com/security/advisories?name=MDVSA-2010:087 vendor-advisory, x_refsource_MANDRIVA
http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html vendor-advisory, x_refsource_SUSE
http://secunia.com/advisories/35685 third-party-advisory, x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2009/1076 vdb-entry, x_refsource_VUPEN
http://secunia.com/advisories/34756 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/34291 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/34755 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/34852 third-party-advisory, x_refsource_SECUNIA
http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html vendor-advisory, x_refsource_SUSE
https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html vendor-advisory, x_refsource_FEDORA
http://secunia.com/advisories/34959 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/34746 third-party-advisory, x_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2009-0429.html vendor-advisory, x_refsource_REDHAT
http://www.securitytracker.com/id?1022073 vdb-entry, x_refsource_SECTRACK
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T05:04:49.251Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "DSA-1793",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2009/dsa-1793"
          },
          {
            "name": "34963",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34963"
          },
          {
            "name": "DSA-1790",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2009/dsa-1790"
          },
          {
            "name": "35037",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35037"
          },
          {
            "name": "ADV-2009-1077",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/1077"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=495892"
          },
          {
            "name": "35064",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35064"
          },
          {
            "name": "ADV-2009-1066",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/1066"
          },
          {
            "name": "34481",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34481"
          },
          {
            "name": "oval:org.mitre.oval:def:9926",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9926"
          },
          {
            "name": "SSA:2009-129-01",
            "tags": [
              "vendor-advisory",
              "x_refsource_SLACKWARE",
              "x_transferred"
            ],
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477"
          },
          {
            "name": "RHSA-2009:0431",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html"
          },
          {
            "name": "ADV-2009-1065",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/1065"
          },
          {
            "name": "RHSA-2009:0430",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html"
          },
          {
            "name": "FEDORA-2009-6972",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html"
          },
          {
            "name": "35618",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35618"
          },
          {
            "name": "35065",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35065"
          },
          {
            "name": "RHSA-2009:0480",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://poppler.freedesktop.org/releases.html"
          },
          {
            "name": "34568",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/34568"
          },
          {
            "name": "MDVSA-2011:175",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
          },
          {
            "name": "VU#196617",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/196617"
          },
          {
            "name": "ADV-2010-1040",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/1040"
          },
          {
            "name": "SUSE-SA:2009:024",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html"
          },
          {
            "name": "RHSA-2009:0458",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html"
          },
          {
            "name": "FEDORA-2009-6982",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html"
          },
          {
            "name": "34991",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34991"
          },
          {
            "name": "MDVSA-2009:101",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101"
          },
          {
            "name": "MDVSA-2010:087",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
          },
          {
            "name": "SUSE-SR:2009:010",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
          },
          {
            "name": "35685",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35685"
          },
          {
            "name": "ADV-2009-1076",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/1076"
          },
          {
            "name": "34756",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34756"
          },
          {
            "name": "34291",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34291"
          },
          {
            "name": "34755",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34755"
          },
          {
            "name": "34852",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34852"
          },
          {
            "name": "SUSE-SR:2009:012",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
          },
          {
            "name": "FEDORA-2009-6973",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html"
          },
          {
            "name": "34959",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34959"
          },
          {
            "name": "34746",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34746"
          },
          {
            "name": "RHSA-2009:0429",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html"
          },
          {
            "name": "1022073",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1022073"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-04-16T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to execute arbitrary code via a crafted PDF file that triggers a free of invalid data."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-28T12:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "DSA-1793",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2009/dsa-1793"
        },
        {
          "name": "34963",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34963"
        },
        {
          "name": "DSA-1790",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2009/dsa-1790"
        },
        {
          "name": "35037",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35037"
        },
        {
          "name": "ADV-2009-1077",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/1077"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=495892"
        },
        {
          "name": "35064",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35064"
        },
        {
          "name": "ADV-2009-1066",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/1066"
        },
        {
          "name": "34481",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34481"
        },
        {
          "name": "oval:org.mitre.oval:def:9926",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9926"
        },
        {
          "name": "SSA:2009-129-01",
          "tags": [
            "vendor-advisory",
            "x_refsource_SLACKWARE"
          ],
          "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477"
        },
        {
          "name": "RHSA-2009:0431",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html"
        },
        {
          "name": "ADV-2009-1065",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/1065"
        },
        {
          "name": "RHSA-2009:0430",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html"
        },
        {
          "name": "FEDORA-2009-6972",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html"
        },
        {
          "name": "35618",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35618"
        },
        {
          "name": "35065",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35065"
        },
        {
          "name": "RHSA-2009:0480",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://poppler.freedesktop.org/releases.html"
        },
        {
          "name": "34568",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/34568"
        },
        {
          "name": "MDVSA-2011:175",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
        },
        {
          "name": "VU#196617",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/196617"
        },
        {
          "name": "ADV-2010-1040",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/1040"
        },
        {
          "name": "SUSE-SA:2009:024",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html"
        },
        {
          "name": "RHSA-2009:0458",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html"
        },
        {
          "name": "FEDORA-2009-6982",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html"
        },
        {
          "name": "34991",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34991"
        },
        {
          "name": "MDVSA-2009:101",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101"
        },
        {
          "name": "MDVSA-2010:087",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
        },
        {
          "name": "SUSE-SR:2009:010",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
        },
        {
          "name": "35685",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35685"
        },
        {
          "name": "ADV-2009-1076",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/1076"
        },
        {
          "name": "34756",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34756"
        },
        {
          "name": "34291",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34291"
        },
        {
          "name": "34755",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34755"
        },
        {
          "name": "34852",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34852"
        },
        {
          "name": "SUSE-SR:2009:012",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
        },
        {
          "name": "FEDORA-2009-6973",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html"
        },
        {
          "name": "34959",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34959"
        },
        {
          "name": "34746",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34746"
        },
        {
          "name": "RHSA-2009:0429",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html"
        },
        {
          "name": "1022073",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1022073"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2009-1180",
    "datePublished": "2009-04-23T17:00:00",
    "dateReserved": "2009-03-31T00:00:00",
    "dateUpdated": "2024-08-07T05:04:49.251Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2009-1181 (GCVE-0-2009-1181)
Vulnerability from cvelistv5
Published
2009-04-23 17:00
Modified
2024-08-07 05:04
Severity ?
CWE
  • n/a
Summary
The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers a NULL pointer dereference.
References
http://www.debian.org/security/2009/dsa-1793 vendor-advisory, x_refsource_DEBIAN
http://secunia.com/advisories/34963 third-party-advisory, x_refsource_SECUNIA
http://www.debian.org/security/2009/dsa-1790 vendor-advisory, x_refsource_DEBIAN
http://secunia.com/advisories/35037 third-party-advisory, x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2009/1077 vdb-entry, x_refsource_VUPEN
http://secunia.com/advisories/35064 third-party-advisory, x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2009/1066 vdb-entry, x_refsource_VUPEN
http://secunia.com/advisories/34481 third-party-advisory, x_refsource_SECUNIA
http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.578477 vendor-advisory, x_refsource_SLACKWARE
http://www.securitytracker.com/id?1022072 vdb-entry, x_refsource_SECTRACK
http://www.redhat.com/support/errata/RHSA-2009-0431.html vendor-advisory, x_refsource_REDHAT
http://www.vupen.com/english/advisories/2009/1065 vdb-entry, x_refsource_VUPEN
http://www.redhat.com/support/errata/RHSA-2009-0430.html vendor-advisory, x_refsource_REDHAT
https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html vendor-advisory, x_refsource_FEDORA
http://secunia.com/advisories/35618 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/35065 third-party-advisory, x_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2009-0480.html vendor-advisory, x_refsource_REDHAT
http://poppler.freedesktop.org/releases.html x_refsource_CONFIRM
http://www.securityfocus.com/bid/34568 vdb-entry, x_refsource_BID
http://www.mandriva.com/security/advisories?name=MDVSA-2011:175 vendor-advisory, x_refsource_MANDRIVA
http://www.kb.cert.org/vuls/id/196617 third-party-advisory, x_refsource_CERT-VN
http://www.vupen.com/english/advisories/2010/1040 vdb-entry, x_refsource_VUPEN
http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html vendor-advisory, x_refsource_SUSE
http://rhn.redhat.com/errata/RHSA-2009-0458.html vendor-advisory, x_refsource_REDHAT
https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html vendor-advisory, x_refsource_FEDORA
http://secunia.com/advisories/34991 third-party-advisory, x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDVSA-2009:101 vendor-advisory, x_refsource_MANDRIVA
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9683 vdb-entry, signature, x_refsource_OVAL
http://www.mandriva.com/security/advisories?name=MDVSA-2010:087 vendor-advisory, x_refsource_MANDRIVA
http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html vendor-advisory, x_refsource_SUSE
http://secunia.com/advisories/35685 third-party-advisory, x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2009/1076 vdb-entry, x_refsource_VUPEN
http://secunia.com/advisories/34756 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/34291 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/34755 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/34852 third-party-advisory, x_refsource_SECUNIA
http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html vendor-advisory, x_refsource_SUSE
https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html vendor-advisory, x_refsource_FEDORA
http://secunia.com/advisories/34959 third-party-advisory, x_refsource_SECUNIA
https://bugzilla.redhat.com/show_bug.cgi?id=495894 x_refsource_CONFIRM
http://secunia.com/advisories/34746 third-party-advisory, x_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2009-0429.html vendor-advisory, x_refsource_REDHAT
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T05:04:49.236Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "DSA-1793",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2009/dsa-1793"
          },
          {
            "name": "34963",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34963"
          },
          {
            "name": "DSA-1790",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2009/dsa-1790"
          },
          {
            "name": "35037",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35037"
          },
          {
            "name": "ADV-2009-1077",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/1077"
          },
          {
            "name": "35064",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35064"
          },
          {
            "name": "ADV-2009-1066",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/1066"
          },
          {
            "name": "34481",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34481"
          },
          {
            "name": "SSA:2009-129-01",
            "tags": [
              "vendor-advisory",
              "x_refsource_SLACKWARE",
              "x_transferred"
            ],
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477"
          },
          {
            "name": "1022072",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1022072"
          },
          {
            "name": "RHSA-2009:0431",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html"
          },
          {
            "name": "ADV-2009-1065",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/1065"
          },
          {
            "name": "RHSA-2009:0430",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html"
          },
          {
            "name": "FEDORA-2009-6972",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html"
          },
          {
            "name": "35618",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35618"
          },
          {
            "name": "35065",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35065"
          },
          {
            "name": "RHSA-2009:0480",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://poppler.freedesktop.org/releases.html"
          },
          {
            "name": "34568",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/34568"
          },
          {
            "name": "MDVSA-2011:175",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
          },
          {
            "name": "VU#196617",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/196617"
          },
          {
            "name": "ADV-2010-1040",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/1040"
          },
          {
            "name": "SUSE-SA:2009:024",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html"
          },
          {
            "name": "RHSA-2009:0458",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html"
          },
          {
            "name": "FEDORA-2009-6982",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html"
          },
          {
            "name": "34991",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34991"
          },
          {
            "name": "MDVSA-2009:101",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101"
          },
          {
            "name": "oval:org.mitre.oval:def:9683",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9683"
          },
          {
            "name": "MDVSA-2010:087",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
          },
          {
            "name": "SUSE-SR:2009:010",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
          },
          {
            "name": "35685",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35685"
          },
          {
            "name": "ADV-2009-1076",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/1076"
          },
          {
            "name": "34756",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34756"
          },
          {
            "name": "34291",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34291"
          },
          {
            "name": "34755",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34755"
          },
          {
            "name": "34852",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34852"
          },
          {
            "name": "SUSE-SR:2009:012",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
          },
          {
            "name": "FEDORA-2009-6973",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html"
          },
          {
            "name": "34959",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34959"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=495894"
          },
          {
            "name": "34746",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34746"
          },
          {
            "name": "RHSA-2009:0429",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-04-16T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers a NULL pointer dereference."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-28T12:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "DSA-1793",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2009/dsa-1793"
        },
        {
          "name": "34963",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34963"
        },
        {
          "name": "DSA-1790",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2009/dsa-1790"
        },
        {
          "name": "35037",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35037"
        },
        {
          "name": "ADV-2009-1077",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/1077"
        },
        {
          "name": "35064",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35064"
        },
        {
          "name": "ADV-2009-1066",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/1066"
        },
        {
          "name": "34481",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34481"
        },
        {
          "name": "SSA:2009-129-01",
          "tags": [
            "vendor-advisory",
            "x_refsource_SLACKWARE"
          ],
          "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477"
        },
        {
          "name": "1022072",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1022072"
        },
        {
          "name": "RHSA-2009:0431",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html"
        },
        {
          "name": "ADV-2009-1065",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/1065"
        },
        {
          "name": "RHSA-2009:0430",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html"
        },
        {
          "name": "FEDORA-2009-6972",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html"
        },
        {
          "name": "35618",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35618"
        },
        {
          "name": "35065",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35065"
        },
        {
          "name": "RHSA-2009:0480",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://poppler.freedesktop.org/releases.html"
        },
        {
          "name": "34568",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/34568"
        },
        {
          "name": "MDVSA-2011:175",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
        },
        {
          "name": "VU#196617",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/196617"
        },
        {
          "name": "ADV-2010-1040",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/1040"
        },
        {
          "name": "SUSE-SA:2009:024",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html"
        },
        {
          "name": "RHSA-2009:0458",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html"
        },
        {
          "name": "FEDORA-2009-6982",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html"
        },
        {
          "name": "34991",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34991"
        },
        {
          "name": "MDVSA-2009:101",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101"
        },
        {
          "name": "oval:org.mitre.oval:def:9683",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9683"
        },
        {
          "name": "MDVSA-2010:087",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
        },
        {
          "name": "SUSE-SR:2009:010",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
        },
        {
          "name": "35685",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35685"
        },
        {
          "name": "ADV-2009-1076",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/1076"
        },
        {
          "name": "34756",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34756"
        },
        {
          "name": "34291",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34291"
        },
        {
          "name": "34755",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34755"
        },
        {
          "name": "34852",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34852"
        },
        {
          "name": "SUSE-SR:2009:012",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
        },
        {
          "name": "FEDORA-2009-6973",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html"
        },
        {
          "name": "34959",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34959"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=495894"
        },
        {
          "name": "34746",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34746"
        },
        {
          "name": "RHSA-2009:0429",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2009-1181",
    "datePublished": "2009-04-23T17:00:00",
    "dateReserved": "2009-03-31T00:00:00",
    "dateUpdated": "2024-08-07T05:04:49.236Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2010-4654 (GCVE-0-2010-4654)
Vulnerability from cvelistv5
Published
2019-11-13 19:41
Modified
2024-08-07 03:51
Severity ?
CWE
  • Other
Summary
poppler before 0.16.3 has malformed commands that may cause corruption of the internal stack.
Impacted products
Vendor Product Version
poppler poppler Version: before 0.16.3
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T03:51:18.054Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://security-tracker.debian.org/tracker/CVE-2010-4654"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4654"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/cve/cve-2010-4654"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-201310-03.xml"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "poppler",
          "vendor": "poppler",
          "versions": [
            {
              "status": "affected",
              "version": "before 0.16.3"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "poppler before 0.16.3 has malformed commands that may cause corruption of the internal stack."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Other",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-11-13T19:41:43",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://security-tracker.debian.org/tracker/CVE-2010-4654"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4654"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://access.redhat.com/security/cve/cve-2010-4654"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-201310-03.xml"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2010-4654",
    "datePublished": "2019-11-13T19:41:43",
    "dateReserved": "2011-01-03T00:00:00",
    "dateUpdated": "2024-08-07T03:51:18.054Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2009-3604 (GCVE-0-2009-3604)
Vulnerability from cvelistv5
Published
2009-10-21 17:00
Modified
2024-08-07 06:31
Severity ?
CWE
  • n/a
Summary
The Splash::drawImage function in Splash.cc in Xpdf 2.x and 3.x before 3.02pl4, and Poppler 0.x, as used in GPdf and kdegraphics KPDF, does not properly allocate memory, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document that triggers a NULL pointer dereference or a heap-based buffer overflow.
References
http://secunia.com/advisories/39938 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/37042 third-party-advisory, x_refsource_SECUNIA
ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl4.patch x_refsource_CONFIRM
http://www.mandriva.com/security/advisories?name=MDVSA-2009:287 vendor-advisory, x_refsource_MANDRIVA
http://secunia.com/advisories/37028 third-party-advisory, x_refsource_SECUNIA
http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035408.html vendor-advisory, x_refsource_FEDORA
http://site.pi3.com.pl/adv/xpdf.txt x_refsource_MISC
https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00750.html vendor-advisory, x_refsource_FEDORA
https://rhn.redhat.com/errata/RHSA-2009-1501.html vendor-advisory, x_refsource_REDHAT
http://secunia.com/advisories/37079 third-party-advisory, x_refsource_SECUNIA
http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html vendor-advisory, x_refsource_SUSE
https://exchange.xforce.ibmcloud.com/vulnerabilities/53795 vdb-entry, x_refsource_XF
http://www.debian.org/security/2010/dsa-2028 vendor-advisory, x_refsource_DEBIAN
http://www.debian.org/security/2010/dsa-2050 vendor-advisory, x_refsource_DEBIAN
http://secunia.com/advisories/37159 third-party-advisory, x_refsource_SECUNIA
http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035340.html vendor-advisory, x_refsource_FEDORA
http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1 vendor-advisory, x_refsource_SUNALERT
https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00784.html vendor-advisory, x_refsource_FEDORA
https://rhn.redhat.com/errata/RHSA-2009-1512.html vendor-advisory, x_refsource_REDHAT
http://secunia.com/advisories/37114 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/37077 third-party-advisory, x_refsource_SECUNIA
http://securitytracker.com/id?1023029 vdb-entry, x_refsource_SECTRACK
https://rhn.redhat.com/errata/RHSA-2009-1503.html vendor-advisory, x_refsource_REDHAT
http://cgit.freedesktop.org/poppler/poppler/diff/?id=284a928996&id2=75c3466ba2 x_refsource_CONFIRM
http://www.mandriva.com/security/advisories?name=MDVSA-2011:175 vendor-advisory, x_refsource_MANDRIVA
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10969 vdb-entry, signature, x_refsource_OVAL
http://secunia.com/advisories/37037 third-party-advisory, x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2010/1040 vdb-entry, x_refsource_VUPEN
http://www.ubuntu.com/usn/USN-850-3 vendor-advisory, x_refsource_UBUNTU
http://www.vupen.com/english/advisories/2010/0802 vdb-entry, x_refsource_VUPEN
https://rhn.redhat.com/errata/RHSA-2009-1502.html vendor-advisory, x_refsource_REDHAT
http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035399.html vendor-advisory, x_refsource_FEDORA
http://cgit.freedesktop.org/poppler/poppler/commit/?id=9cf2325fb2 x_refsource_CONFIRM
https://rhn.redhat.com/errata/RHSA-2009-1500.html vendor-advisory, x_refsource_REDHAT
http://www.vupen.com/english/advisories/2009/2928 vdb-entry, x_refsource_VUPEN
https://bugzilla.redhat.com/show_bug.cgi?id=526911 x_refsource_CONFIRM
http://secunia.com/advisories/37023 third-party-advisory, x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2009/2924 vdb-entry, x_refsource_VUPEN
http://www.mandriva.com/security/advisories?name=MDVSA-2010:087 vendor-advisory, x_refsource_MANDRIVA
http://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1 vendor-advisory, x_refsource_SUNALERT
http://www.vupen.com/english/advisories/2010/1220 vdb-entry, x_refsource_VUPEN
http://www.ubuntu.com/usn/USN-850-1 vendor-advisory, x_refsource_UBUNTU
http://secunia.com/advisories/37053 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/39327 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/37043 third-party-advisory, x_refsource_SECUNIA
http://www.securityfocus.com/bid/36703 vdb-entry, x_refsource_BID
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T06:31:10.557Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "39938",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/39938"
          },
          {
            "name": "37042",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/37042"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl4.patch"
          },
          {
            "name": "MDVSA-2009:287",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:287"
          },
          {
            "name": "37028",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/37028"
          },
          {
            "name": "FEDORA-2010-1377",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035408.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://site.pi3.com.pl/adv/xpdf.txt"
          },
          {
            "name": "FEDORA-2009-10823",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00750.html"
          },
          {
            "name": "RHSA-2009:1501",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://rhn.redhat.com/errata/RHSA-2009-1501.html"
          },
          {
            "name": "37079",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/37079"
          },
          {
            "name": "SUSE-SR:2009:018",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html"
          },
          {
            "name": "xpdf-splashdrawimage-bo(53795)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53795"
          },
          {
            "name": "DSA-2028",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2010/dsa-2028"
          },
          {
            "name": "DSA-2050",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2010/dsa-2050"
          },
          {
            "name": "37159",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/37159"
          },
          {
            "name": "FEDORA-2010-1805",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035340.html"
          },
          {
            "name": "1021706",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1"
          },
          {
            "name": "FEDORA-2009-10845",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00784.html"
          },
          {
            "name": "RHSA-2009:1512",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://rhn.redhat.com/errata/RHSA-2009-1512.html"
          },
          {
            "name": "37114",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/37114"
          },
          {
            "name": "37077",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/37077"
          },
          {
            "name": "1023029",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1023029"
          },
          {
            "name": "RHSA-2009:1503",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://rhn.redhat.com/errata/RHSA-2009-1503.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://cgit.freedesktop.org/poppler/poppler/diff/?id=284a928996\u0026id2=75c3466ba2"
          },
          {
            "name": "MDVSA-2011:175",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
          },
          {
            "name": "oval:org.mitre.oval:def:10969",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10969"
          },
          {
            "name": "37037",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/37037"
          },
          {
            "name": "ADV-2010-1040",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/1040"
          },
          {
            "name": "USN-850-3",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-850-3"
          },
          {
            "name": "ADV-2010-0802",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/0802"
          },
          {
            "name": "RHSA-2009:1502",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://rhn.redhat.com/errata/RHSA-2009-1502.html"
          },
          {
            "name": "FEDORA-2010-1842",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035399.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=9cf2325fb2"
          },
          {
            "name": "RHSA-2009:1500",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://rhn.redhat.com/errata/RHSA-2009-1500.html"
          },
          {
            "name": "ADV-2009-2928",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/2928"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=526911"
          },
          {
            "name": "37023",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/37023"
          },
          {
            "name": "ADV-2009-2924",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/2924"
          },
          {
            "name": "MDVSA-2010:087",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
          },
          {
            "name": "274030",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1"
          },
          {
            "name": "ADV-2010-1220",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/1220"
          },
          {
            "name": "USN-850-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-850-1"
          },
          {
            "name": "37053",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/37053"
          },
          {
            "name": "39327",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/39327"
          },
          {
            "name": "37043",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/37043"
          },
          {
            "name": "36703",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/36703"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-10-15T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The Splash::drawImage function in Splash.cc in Xpdf 2.x and 3.x before 3.02pl4, and Poppler 0.x, as used in GPdf and kdegraphics KPDF, does not properly allocate memory, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document that triggers a NULL pointer dereference or a heap-based buffer overflow."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-18T12:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "39938",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/39938"
        },
        {
          "name": "37042",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/37042"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl4.patch"
        },
        {
          "name": "MDVSA-2009:287",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:287"
        },
        {
          "name": "37028",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/37028"
        },
        {
          "name": "FEDORA-2010-1377",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035408.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://site.pi3.com.pl/adv/xpdf.txt"
        },
        {
          "name": "FEDORA-2009-10823",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00750.html"
        },
        {
          "name": "RHSA-2009:1501",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://rhn.redhat.com/errata/RHSA-2009-1501.html"
        },
        {
          "name": "37079",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/37079"
        },
        {
          "name": "SUSE-SR:2009:018",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html"
        },
        {
          "name": "xpdf-splashdrawimage-bo(53795)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53795"
        },
        {
          "name": "DSA-2028",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2010/dsa-2028"
        },
        {
          "name": "DSA-2050",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2010/dsa-2050"
        },
        {
          "name": "37159",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/37159"
        },
        {
          "name": "FEDORA-2010-1805",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035340.html"
        },
        {
          "name": "1021706",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1"
        },
        {
          "name": "FEDORA-2009-10845",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00784.html"
        },
        {
          "name": "RHSA-2009:1512",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://rhn.redhat.com/errata/RHSA-2009-1512.html"
        },
        {
          "name": "37114",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/37114"
        },
        {
          "name": "37077",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/37077"
        },
        {
          "name": "1023029",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1023029"
        },
        {
          "name": "RHSA-2009:1503",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://rhn.redhat.com/errata/RHSA-2009-1503.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://cgit.freedesktop.org/poppler/poppler/diff/?id=284a928996\u0026id2=75c3466ba2"
        },
        {
          "name": "MDVSA-2011:175",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
        },
        {
          "name": "oval:org.mitre.oval:def:10969",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10969"
        },
        {
          "name": "37037",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/37037"
        },
        {
          "name": "ADV-2010-1040",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/1040"
        },
        {
          "name": "USN-850-3",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-850-3"
        },
        {
          "name": "ADV-2010-0802",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/0802"
        },
        {
          "name": "RHSA-2009:1502",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://rhn.redhat.com/errata/RHSA-2009-1502.html"
        },
        {
          "name": "FEDORA-2010-1842",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035399.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=9cf2325fb2"
        },
        {
          "name": "RHSA-2009:1500",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://rhn.redhat.com/errata/RHSA-2009-1500.html"
        },
        {
          "name": "ADV-2009-2928",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/2928"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=526911"
        },
        {
          "name": "37023",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/37023"
        },
        {
          "name": "ADV-2009-2924",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/2924"
        },
        {
          "name": "MDVSA-2010:087",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
        },
        {
          "name": "274030",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1"
        },
        {
          "name": "ADV-2010-1220",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/1220"
        },
        {
          "name": "USN-850-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-850-1"
        },
        {
          "name": "37053",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/37053"
        },
        {
          "name": "39327",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/39327"
        },
        {
          "name": "37043",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/37043"
        },
        {
          "name": "36703",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/36703"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2009-3604",
    "datePublished": "2009-10-21T17:00:00",
    "dateReserved": "2009-10-09T00:00:00",
    "dateUpdated": "2024-08-07T06:31:10.557Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2009-3938 (GCVE-0-2009-3938)
Vulnerability from cvelistv5
Published
2009-11-13 16:00
Modified
2024-08-07 06:45
Severity ?
CWE
  • n/a
Summary
Buffer overflow in the ABWOutputDev::endWord function in poppler/ABWOutputDev.cc in Poppler (aka libpoppler) 0.10.6, 0.12.0, and possibly other versions, as used by the Abiword pdftoabw utility, allows user-assisted remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted PDF file.
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T06:45:50.643Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "DSA-1941",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2009/dsa-1941"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://bugs.freedesktop.org/attachment.cgi?id=30599\u0026action=edit"
          },
          {
            "name": "MDVSA-2011:175",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
          },
          {
            "name": "36976",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/36976"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://bugs.freedesktop.org/show_bug.cgi?id=23074"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=534680"
          },
          {
            "name": "poppler-abwoutputdev-bo(54215)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54215"
          },
          {
            "name": "37333",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/37333"
          },
          {
            "name": "ADV-2009-3227",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/3227"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-06-26T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer overflow in the ABWOutputDev::endWord function in poppler/ABWOutputDev.cc in Poppler (aka libpoppler) 0.10.6, 0.12.0, and possibly other versions, as used by the Abiword pdftoabw utility, allows user-assisted remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted PDF file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-16T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "DSA-1941",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2009/dsa-1941"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://bugs.freedesktop.org/attachment.cgi?id=30599\u0026action=edit"
        },
        {
          "name": "MDVSA-2011:175",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
        },
        {
          "name": "36976",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/36976"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://bugs.freedesktop.org/show_bug.cgi?id=23074"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=534680"
        },
        {
          "name": "poppler-abwoutputdev-bo(54215)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54215"
        },
        {
          "name": "37333",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/37333"
        },
        {
          "name": "ADV-2009-3227",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/3227"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2009-3938",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Buffer overflow in the ABWOutputDev::endWord function in poppler/ABWOutputDev.cc in Poppler (aka libpoppler) 0.10.6, 0.12.0, and possibly other versions, as used by the Abiword pdftoabw utility, allows user-assisted remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted PDF file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "DSA-1941",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2009/dsa-1941"
            },
            {
              "name": "http://bugs.freedesktop.org/attachment.cgi?id=30599\u0026action=edit",
              "refsource": "MISC",
              "url": "http://bugs.freedesktop.org/attachment.cgi?id=30599\u0026action=edit"
            },
            {
              "name": "MDVSA-2011:175",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
            },
            {
              "name": "36976",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/36976"
            },
            {
              "name": "http://bugs.freedesktop.org/show_bug.cgi?id=23074",
              "refsource": "CONFIRM",
              "url": "http://bugs.freedesktop.org/show_bug.cgi?id=23074"
            },
            {
              "name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=534680",
              "refsource": "CONFIRM",
              "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=534680"
            },
            {
              "name": "poppler-abwoutputdev-bo(54215)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54215"
            },
            {
              "name": "37333",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/37333"
            },
            {
              "name": "ADV-2009-3227",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/3227"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2009-3938",
    "datePublished": "2009-11-13T16:00:00",
    "dateReserved": "2009-11-13T00:00:00",
    "dateUpdated": "2024-08-07T06:45:50.643Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2009-0756 (GCVE-0-2009-0756)
Vulnerability from cvelistv5
Published
2009-03-03 16:00
Modified
2024-08-07 04:48
Severity ?
CWE
  • n/a
Summary
The JBIG2Stream::readSymbolDictSeg function in Poppler before 0.10.4 allows remote attackers to cause a denial of service (crash) via a PDF file that triggers a parsing error, which is not properly handled by JBIG2SymbolDict::~JBIG2SymbolDict and triggers an invalid memory dereference.
References
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T04:48:51.602Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "33749",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/33749"
          },
          {
            "name": "33853",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/33853"
          },
          {
            "name": "[oss-security] 20090219 Re: CVE Request: Poppler -Two Denial of Service Vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2009/02/19/2"
          },
          {
            "name": "[oss-security] 20090213 CVE Request: Poppler -Two Denial of Service Vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2009/02/13/1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://wiki.rpath.com/Advisories:rPSA-2009-0059"
          },
          {
            "name": "35685",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35685"
          },
          {
            "name": "20090417 rPSA-2009-0059-1 poppler",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/502761/100/0/threaded"
          },
          {
            "name": "[poppler] 20090123 poppler/JBIG2Stream.cc",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://lists.freedesktop.org/archives/poppler/2009-January/004403.html"
          },
          {
            "name": "SUSE-SR:2009:012",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://bugs.freedesktop.org/show_bug.cgi?id=19702"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-01-23T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The JBIG2Stream::readSymbolDictSeg function in Poppler before 0.10.4 allows remote attackers to cause a denial of service (crash) via a PDF file that triggers a parsing error, which is not properly handled by JBIG2SymbolDict::~JBIG2SymbolDict and triggers an invalid memory dereference."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-10T18:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "33749",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/33749"
        },
        {
          "name": "33853",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/33853"
        },
        {
          "name": "[oss-security] 20090219 Re: CVE Request: Poppler -Two Denial of Service Vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2009/02/19/2"
        },
        {
          "name": "[oss-security] 20090213 CVE Request: Poppler -Two Denial of Service Vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2009/02/13/1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://wiki.rpath.com/Advisories:rPSA-2009-0059"
        },
        {
          "name": "35685",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35685"
        },
        {
          "name": "20090417 rPSA-2009-0059-1 poppler",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/502761/100/0/threaded"
        },
        {
          "name": "[poppler] 20090123 poppler/JBIG2Stream.cc",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://lists.freedesktop.org/archives/poppler/2009-January/004403.html"
        },
        {
          "name": "SUSE-SR:2009:012",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://bugs.freedesktop.org/show_bug.cgi?id=19702"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2009-0756",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The JBIG2Stream::readSymbolDictSeg function in Poppler before 0.10.4 allows remote attackers to cause a denial of service (crash) via a PDF file that triggers a parsing error, which is not properly handled by JBIG2SymbolDict::~JBIG2SymbolDict and triggers an invalid memory dereference."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "33749",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/33749"
            },
            {
              "name": "33853",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/33853"
            },
            {
              "name": "[oss-security] 20090219 Re: CVE Request: Poppler -Two Denial of Service Vulnerabilities",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2009/02/19/2"
            },
            {
              "name": "[oss-security] 20090213 CVE Request: Poppler -Two Denial of Service Vulnerabilities",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2009/02/13/1"
            },
            {
              "name": "http://wiki.rpath.com/Advisories:rPSA-2009-0059",
              "refsource": "CONFIRM",
              "url": "http://wiki.rpath.com/Advisories:rPSA-2009-0059"
            },
            {
              "name": "35685",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/35685"
            },
            {
              "name": "20090417 rPSA-2009-0059-1 poppler",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/502761/100/0/threaded"
            },
            {
              "name": "[poppler] 20090123 poppler/JBIG2Stream.cc",
              "refsource": "MLIST",
              "url": "http://lists.freedesktop.org/archives/poppler/2009-January/004403.html"
            },
            {
              "name": "SUSE-SR:2009:012",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
            },
            {
              "name": "http://bugs.freedesktop.org/show_bug.cgi?id=19702",
              "refsource": "CONFIRM",
              "url": "http://bugs.freedesktop.org/show_bug.cgi?id=19702"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2009-0756",
    "datePublished": "2009-03-03T16:00:00",
    "dateReserved": "2009-03-03T00:00:00",
    "dateUpdated": "2024-08-07T04:48:51.602Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2009-3605 (GCVE-0-2009-3605)
Vulnerability from cvelistv5
Published
2009-11-02 15:00
Modified
2024-08-07 06:31
Severity ?
CWE
  • n/a
Summary
Multiple integer overflows in Poppler 0.10.5 and earlier allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF file, related to (1) glib/poppler-page.cc; (2) ArthurOutputDev.cc, (3) CairoOutputDev.cc, (4) GfxState.cc, (5) JBIG2Stream.cc, (6) PSOutputDev.cc, and (7) SplashOutputDev.cc in poppler/; and (8) SplashBitmap.cc, (9) Splash.cc, and (10) SplashFTFont.cc in splash/. NOTE: this may overlap CVE-2009-0791.
References
https://launchpad.net/ubuntu/+archive/primary/+files/poppler_0.8.7-1ubuntu0.4.diff.gz x_refsource_CONFIRM
http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html vendor-advisory, x_refsource_SUSE
http://cgit.freedesktop.org/poppler/poppler/commit/?id=9cf2325fb22f812b31858e519411f57747d39bd8 x_refsource_CONFIRM
http://cgit.freedesktop.org/poppler/poppler/commit/?id=7b2d314a61fd0e12f47c62996cb49ec0d1ba747a x_refsource_CONFIRM
http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1 vendor-advisory, x_refsource_SUNALERT
http://secunia.com/advisories/37114 third-party-advisory, x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDVSA-2011:175 vendor-advisory, x_refsource_MANDRIVA
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7731 vdb-entry, signature, x_refsource_OVAL
https://launchpad.net/ubuntu/+archive/primary/+files/poppler_0.10.5-1ubuntu2.4.diff.gz x_refsource_CONFIRM
http://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1 vendor-advisory, x_refsource_SUNALERT
http://www.ubuntu.com/usn/USN-850-1 vendor-advisory, x_refsource_UBUNTU
https://bugs.launchpad.net/bugs/cve/2009-3605 x_refsource_CONFIRM
http://www.mandriva.com/security/advisories?name=MDVSA-2009:334 vendor-advisory, x_refsource_MANDRIVA
https://bugzilla.redhat.com/show_bug.cgi?id=491840 x_refsource_CONFIRM
http://cgit.freedesktop.org/poppler/poppler/commit/?id=284a92899602daa4a7f429e61849e794569310b5 x_refsource_CONFIRM
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T06:31:10.587Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://launchpad.net/ubuntu/+archive/primary/+files/poppler_0.8.7-1ubuntu0.4.diff.gz"
          },
          {
            "name": "SUSE-SR:2009:018",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=9cf2325fb22f812b31858e519411f57747d39bd8"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=7b2d314a61fd0e12f47c62996cb49ec0d1ba747a"
          },
          {
            "name": "1021706",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1"
          },
          {
            "name": "37114",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/37114"
          },
          {
            "name": "MDVSA-2011:175",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
          },
          {
            "name": "oval:org.mitre.oval:def:7731",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7731"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://launchpad.net/ubuntu/+archive/primary/+files/poppler_0.10.5-1ubuntu2.4.diff.gz"
          },
          {
            "name": "274030",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1"
          },
          {
            "name": "USN-850-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-850-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.launchpad.net/bugs/cve/2009-3605"
          },
          {
            "name": "MDVSA-2009:334",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:334"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=491840"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=284a92899602daa4a7f429e61849e794569310b5"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-10-21T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple integer overflows in Poppler 0.10.5 and earlier allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF file, related to (1) glib/poppler-page.cc; (2) ArthurOutputDev.cc, (3) CairoOutputDev.cc, (4) GfxState.cc, (5) JBIG2Stream.cc, (6) PSOutputDev.cc, and (7) SplashOutputDev.cc in poppler/; and (8) SplashBitmap.cc, (9) Splash.cc, and (10) SplashFTFont.cc in splash/.  NOTE: this may overlap CVE-2009-0791."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-18T12:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://launchpad.net/ubuntu/+archive/primary/+files/poppler_0.8.7-1ubuntu0.4.diff.gz"
        },
        {
          "name": "SUSE-SR:2009:018",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=9cf2325fb22f812b31858e519411f57747d39bd8"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=7b2d314a61fd0e12f47c62996cb49ec0d1ba747a"
        },
        {
          "name": "1021706",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1"
        },
        {
          "name": "37114",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/37114"
        },
        {
          "name": "MDVSA-2011:175",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
        },
        {
          "name": "oval:org.mitre.oval:def:7731",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7731"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://launchpad.net/ubuntu/+archive/primary/+files/poppler_0.10.5-1ubuntu2.4.diff.gz"
        },
        {
          "name": "274030",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1"
        },
        {
          "name": "USN-850-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-850-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.launchpad.net/bugs/cve/2009-3605"
        },
        {
          "name": "MDVSA-2009:334",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:334"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=491840"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=284a92899602daa4a7f429e61849e794569310b5"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2009-3605",
    "datePublished": "2009-11-02T15:00:00",
    "dateReserved": "2009-10-09T00:00:00",
    "dateUpdated": "2024-08-07T06:31:10.587Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2009-0799 (GCVE-0-2009-0799)
Vulnerability from cvelistv5
Published
2009-04-23 17:00
Modified
2024-08-07 04:48
Severity ?
CWE
  • n/a
Summary
The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers an out-of-bounds read.
References
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10204 vdb-entry, signature, x_refsource_OVAL
http://www.debian.org/security/2009/dsa-1793 vendor-advisory, x_refsource_DEBIAN
http://secunia.com/advisories/34963 third-party-advisory, x_refsource_SECUNIA
http://www.debian.org/security/2009/dsa-1790 vendor-advisory, x_refsource_DEBIAN
http://secunia.com/advisories/35037 third-party-advisory, x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2009/1077 vdb-entry, x_refsource_VUPEN
http://secunia.com/advisories/35064 third-party-advisory, x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2009/1066 vdb-entry, x_refsource_VUPEN
http://secunia.com/advisories/34481 third-party-advisory, x_refsource_SECUNIA
http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.578477 vendor-advisory, x_refsource_SLACKWARE
http://www.securitytracker.com/id?1022072 vdb-entry, x_refsource_SECTRACK
http://www.redhat.com/support/errata/RHSA-2009-0431.html vendor-advisory, x_refsource_REDHAT
http://www.vupen.com/english/advisories/2009/1065 vdb-entry, x_refsource_VUPEN
http://www.redhat.com/support/errata/RHSA-2009-0430.html vendor-advisory, x_refsource_REDHAT
https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html vendor-advisory, x_refsource_FEDORA
http://secunia.com/advisories/35618 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/35065 third-party-advisory, x_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2009-0480.html vendor-advisory, x_refsource_REDHAT
http://poppler.freedesktop.org/releases.html x_refsource_CONFIRM
http://www.securityfocus.com/bid/34568 vdb-entry, x_refsource_BID
http://www.mandriva.com/security/advisories?name=MDVSA-2011:175 vendor-advisory, x_refsource_MANDRIVA
http://www.kb.cert.org/vuls/id/196617 third-party-advisory, x_refsource_CERT-VN
http://www.vupen.com/english/advisories/2010/1040 vdb-entry, x_refsource_VUPEN
http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html vendor-advisory, x_refsource_SUSE
http://rhn.redhat.com/errata/RHSA-2009-0458.html vendor-advisory, x_refsource_REDHAT
https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html vendor-advisory, x_refsource_FEDORA
http://secunia.com/advisories/34991 third-party-advisory, x_refsource_SECUNIA
http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=495886 x_refsource_CONFIRM
http://www.mandriva.com/security/advisories?name=MDVSA-2009:101 vendor-advisory, x_refsource_MANDRIVA
http://www.mandriva.com/security/advisories?name=MDVSA-2010:087 vendor-advisory, x_refsource_MANDRIVA
http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html vendor-advisory, x_refsource_SUSE
http://secunia.com/advisories/35685 third-party-advisory, x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2009/1076 vdb-entry, x_refsource_VUPEN
http://secunia.com/advisories/34756 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/34291 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/34755 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/34852 third-party-advisory, x_refsource_SECUNIA
http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html vendor-advisory, x_refsource_SUSE
https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html vendor-advisory, x_refsource_FEDORA
http://secunia.com/advisories/34959 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/34746 third-party-advisory, x_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2009-0429.html vendor-advisory, x_refsource_REDHAT
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T04:48:52.381Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "oval:org.mitre.oval:def:10204",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10204"
          },
          {
            "name": "DSA-1793",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2009/dsa-1793"
          },
          {
            "name": "34963",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34963"
          },
          {
            "name": "DSA-1790",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2009/dsa-1790"
          },
          {
            "name": "35037",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35037"
          },
          {
            "name": "ADV-2009-1077",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/1077"
          },
          {
            "name": "35064",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35064"
          },
          {
            "name": "ADV-2009-1066",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/1066"
          },
          {
            "name": "34481",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34481"
          },
          {
            "name": "SSA:2009-129-01",
            "tags": [
              "vendor-advisory",
              "x_refsource_SLACKWARE",
              "x_transferred"
            ],
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477"
          },
          {
            "name": "1022072",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1022072"
          },
          {
            "name": "RHSA-2009:0431",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html"
          },
          {
            "name": "ADV-2009-1065",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/1065"
          },
          {
            "name": "RHSA-2009:0430",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html"
          },
          {
            "name": "FEDORA-2009-6972",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html"
          },
          {
            "name": "35618",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35618"
          },
          {
            "name": "35065",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35065"
          },
          {
            "name": "RHSA-2009:0480",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://poppler.freedesktop.org/releases.html"
          },
          {
            "name": "34568",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/34568"
          },
          {
            "name": "MDVSA-2011:175",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
          },
          {
            "name": "VU#196617",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/196617"
          },
          {
            "name": "ADV-2010-1040",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/1040"
          },
          {
            "name": "SUSE-SA:2009:024",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html"
          },
          {
            "name": "RHSA-2009:0458",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html"
          },
          {
            "name": "FEDORA-2009-6982",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html"
          },
          {
            "name": "34991",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34991"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=495886"
          },
          {
            "name": "MDVSA-2009:101",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101"
          },
          {
            "name": "MDVSA-2010:087",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
          },
          {
            "name": "SUSE-SR:2009:010",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
          },
          {
            "name": "35685",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35685"
          },
          {
            "name": "ADV-2009-1076",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/1076"
          },
          {
            "name": "34756",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34756"
          },
          {
            "name": "34291",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34291"
          },
          {
            "name": "34755",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34755"
          },
          {
            "name": "34852",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34852"
          },
          {
            "name": "SUSE-SR:2009:012",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
          },
          {
            "name": "FEDORA-2009-6973",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html"
          },
          {
            "name": "34959",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34959"
          },
          {
            "name": "34746",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34746"
          },
          {
            "name": "RHSA-2009:0429",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-04-16T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers an out-of-bounds read."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-28T12:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "oval:org.mitre.oval:def:10204",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10204"
        },
        {
          "name": "DSA-1793",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2009/dsa-1793"
        },
        {
          "name": "34963",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34963"
        },
        {
          "name": "DSA-1790",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2009/dsa-1790"
        },
        {
          "name": "35037",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35037"
        },
        {
          "name": "ADV-2009-1077",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/1077"
        },
        {
          "name": "35064",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35064"
        },
        {
          "name": "ADV-2009-1066",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/1066"
        },
        {
          "name": "34481",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34481"
        },
        {
          "name": "SSA:2009-129-01",
          "tags": [
            "vendor-advisory",
            "x_refsource_SLACKWARE"
          ],
          "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477"
        },
        {
          "name": "1022072",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1022072"
        },
        {
          "name": "RHSA-2009:0431",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html"
        },
        {
          "name": "ADV-2009-1065",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/1065"
        },
        {
          "name": "RHSA-2009:0430",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html"
        },
        {
          "name": "FEDORA-2009-6972",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html"
        },
        {
          "name": "35618",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35618"
        },
        {
          "name": "35065",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35065"
        },
        {
          "name": "RHSA-2009:0480",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://poppler.freedesktop.org/releases.html"
        },
        {
          "name": "34568",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/34568"
        },
        {
          "name": "MDVSA-2011:175",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
        },
        {
          "name": "VU#196617",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/196617"
        },
        {
          "name": "ADV-2010-1040",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/1040"
        },
        {
          "name": "SUSE-SA:2009:024",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html"
        },
        {
          "name": "RHSA-2009:0458",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html"
        },
        {
          "name": "FEDORA-2009-6982",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html"
        },
        {
          "name": "34991",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34991"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=495886"
        },
        {
          "name": "MDVSA-2009:101",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101"
        },
        {
          "name": "MDVSA-2010:087",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
        },
        {
          "name": "SUSE-SR:2009:010",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
        },
        {
          "name": "35685",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35685"
        },
        {
          "name": "ADV-2009-1076",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/1076"
        },
        {
          "name": "34756",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34756"
        },
        {
          "name": "34291",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34291"
        },
        {
          "name": "34755",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34755"
        },
        {
          "name": "34852",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34852"
        },
        {
          "name": "SUSE-SR:2009:012",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
        },
        {
          "name": "FEDORA-2009-6973",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html"
        },
        {
          "name": "34959",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34959"
        },
        {
          "name": "34746",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34746"
        },
        {
          "name": "RHSA-2009:0429",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2009-0799",
    "datePublished": "2009-04-23T17:00:00",
    "dateReserved": "2009-03-04T00:00:00",
    "dateUpdated": "2024-08-07T04:48:52.381Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2009-3603 (GCVE-0-2009-3603)
Vulnerability from cvelistv5
Published
2009-10-21 17:00
Modified
2024-08-07 06:31
Severity ?
CWE
  • n/a
Summary
Integer overflow in the SplashBitmap::SplashBitmap function in Xpdf 3.x before 3.02pl4 and Poppler before 0.12.1 might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow. NOTE: some of these details are obtained from third party information. NOTE: this issue reportedly exists because of an incomplete fix for CVE-2009-1188.
References
http://secunia.com/advisories/39938 third-party-advisory, x_refsource_SECUNIA
https://rhn.redhat.com/errata/RHSA-2009-1504.html vendor-advisory, x_refsource_REDHAT
ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl4.patch x_refsource_CONFIRM
http://www.mandriva.com/security/advisories?name=MDVSA-2009:287 vendor-advisory, x_refsource_MANDRIVA
http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035408.html vendor-advisory, x_refsource_FEDORA
https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00750.html vendor-advisory, x_refsource_FEDORA
http://poppler.freedesktop.org/ x_refsource_CONFIRM
http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html vendor-advisory, x_refsource_SUSE
http://www.debian.org/security/2010/dsa-2028 vendor-advisory, x_refsource_DEBIAN
http://www.debian.org/security/2010/dsa-2050 vendor-advisory, x_refsource_DEBIAN
http://secunia.com/advisories/37159 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/37054 third-party-advisory, x_refsource_SECUNIA
http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035340.html vendor-advisory, x_refsource_FEDORA
http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1 vendor-advisory, x_refsource_SUNALERT
https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00784.html vendor-advisory, x_refsource_FEDORA
http://secunia.com/advisories/37114 third-party-advisory, x_refsource_SECUNIA
http://securitytracker.com/id?1023029 vdb-entry, x_refsource_SECTRACK
http://www.mandriva.com/security/advisories?name=MDVSA-2011:175 vendor-advisory, x_refsource_MANDRIVA
http://www.vupen.com/english/advisories/2010/1040 vdb-entry, x_refsource_VUPEN
http://www.ubuntu.com/usn/USN-850-3 vendor-advisory, x_refsource_UBUNTU
http://www.vupen.com/english/advisories/2010/0802 vdb-entry, x_refsource_VUPEN
http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035399.html vendor-advisory, x_refsource_FEDORA
https://exchange.xforce.ibmcloud.com/vulnerabilities/53793 vdb-entry, x_refsource_XF
http://secunia.com/advisories/37034 third-party-advisory, x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2009/2924 vdb-entry, x_refsource_VUPEN
http://www.mandriva.com/security/advisories?name=MDVSA-2010:087 vendor-advisory, x_refsource_MANDRIVA
http://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1 vendor-advisory, x_refsource_SUNALERT
http://www.vupen.com/english/advisories/2010/1220 vdb-entry, x_refsource_VUPEN
http://www.ubuntu.com/usn/USN-850-1 vendor-advisory, x_refsource_UBUNTU
http://secunia.com/advisories/37053 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/39327 third-party-advisory, x_refsource_SECUNIA
https://bugzilla.redhat.com/show_bug.cgi?id=526915 x_refsource_CONFIRM
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9671 vdb-entry, signature, x_refsource_OVAL
http://www.securityfocus.com/bid/36703 vdb-entry, x_refsource_BID
http://www.vupen.com/english/advisories/2009/2925 vdb-entry, x_refsource_VUPEN
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T06:31:10.565Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "39938",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/39938"
          },
          {
            "name": "RHSA-2009:1504",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://rhn.redhat.com/errata/RHSA-2009-1504.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl4.patch"
          },
          {
            "name": "MDVSA-2009:287",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:287"
          },
          {
            "name": "FEDORA-2010-1377",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035408.html"
          },
          {
            "name": "FEDORA-2009-10823",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00750.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://poppler.freedesktop.org/"
          },
          {
            "name": "SUSE-SR:2009:018",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html"
          },
          {
            "name": "DSA-2028",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2010/dsa-2028"
          },
          {
            "name": "DSA-2050",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2010/dsa-2050"
          },
          {
            "name": "37159",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/37159"
          },
          {
            "name": "37054",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/37054"
          },
          {
            "name": "FEDORA-2010-1805",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035340.html"
          },
          {
            "name": "1021706",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1"
          },
          {
            "name": "FEDORA-2009-10845",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00784.html"
          },
          {
            "name": "37114",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/37114"
          },
          {
            "name": "1023029",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1023029"
          },
          {
            "name": "MDVSA-2011:175",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
          },
          {
            "name": "ADV-2010-1040",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/1040"
          },
          {
            "name": "USN-850-3",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-850-3"
          },
          {
            "name": "ADV-2010-0802",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/0802"
          },
          {
            "name": "FEDORA-2010-1842",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035399.html"
          },
          {
            "name": "xpdf-splashbitmap-bo(53793)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53793"
          },
          {
            "name": "37034",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/37034"
          },
          {
            "name": "ADV-2009-2924",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/2924"
          },
          {
            "name": "MDVSA-2010:087",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
          },
          {
            "name": "274030",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1"
          },
          {
            "name": "ADV-2010-1220",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/1220"
          },
          {
            "name": "USN-850-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-850-1"
          },
          {
            "name": "37053",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/37053"
          },
          {
            "name": "39327",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/39327"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=526915"
          },
          {
            "name": "oval:org.mitre.oval:def:9671",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9671"
          },
          {
            "name": "36703",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/36703"
          },
          {
            "name": "ADV-2009-2925",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/2925"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-10-15T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Integer overflow in the SplashBitmap::SplashBitmap function in Xpdf 3.x before 3.02pl4 and Poppler before 0.12.1 might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow.  NOTE: some of these details are obtained from third party information.  NOTE: this issue reportedly exists because of an incomplete fix for CVE-2009-1188."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-18T12:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "39938",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/39938"
        },
        {
          "name": "RHSA-2009:1504",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://rhn.redhat.com/errata/RHSA-2009-1504.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl4.patch"
        },
        {
          "name": "MDVSA-2009:287",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:287"
        },
        {
          "name": "FEDORA-2010-1377",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035408.html"
        },
        {
          "name": "FEDORA-2009-10823",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00750.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://poppler.freedesktop.org/"
        },
        {
          "name": "SUSE-SR:2009:018",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html"
        },
        {
          "name": "DSA-2028",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2010/dsa-2028"
        },
        {
          "name": "DSA-2050",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2010/dsa-2050"
        },
        {
          "name": "37159",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/37159"
        },
        {
          "name": "37054",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/37054"
        },
        {
          "name": "FEDORA-2010-1805",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035340.html"
        },
        {
          "name": "1021706",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1"
        },
        {
          "name": "FEDORA-2009-10845",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00784.html"
        },
        {
          "name": "37114",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/37114"
        },
        {
          "name": "1023029",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1023029"
        },
        {
          "name": "MDVSA-2011:175",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
        },
        {
          "name": "ADV-2010-1040",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/1040"
        },
        {
          "name": "USN-850-3",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-850-3"
        },
        {
          "name": "ADV-2010-0802",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/0802"
        },
        {
          "name": "FEDORA-2010-1842",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035399.html"
        },
        {
          "name": "xpdf-splashbitmap-bo(53793)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53793"
        },
        {
          "name": "37034",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/37034"
        },
        {
          "name": "ADV-2009-2924",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/2924"
        },
        {
          "name": "MDVSA-2010:087",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
        },
        {
          "name": "274030",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1"
        },
        {
          "name": "ADV-2010-1220",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/1220"
        },
        {
          "name": "USN-850-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-850-1"
        },
        {
          "name": "37053",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/37053"
        },
        {
          "name": "39327",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/39327"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=526915"
        },
        {
          "name": "oval:org.mitre.oval:def:9671",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9671"
        },
        {
          "name": "36703",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/36703"
        },
        {
          "name": "ADV-2009-2925",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/2925"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2009-3603",
    "datePublished": "2009-10-21T17:00:00",
    "dateReserved": "2009-10-09T00:00:00",
    "dateUpdated": "2024-08-07T06:31:10.565Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2005-3626 (GCVE-0-2005-3626)
Vulnerability from cvelistv5
Published
2006-01-06 22:00
Modified
2024-08-07 23:17
Severity ?
CWE
  • n/a
Summary
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference.
References
http://www.securityfocus.com/bid/16143 vdb-entry, x_refsource_BID
http://www.debian.org/security/2005/dsa-932 vendor-advisory, x_refsource_DEBIAN
http://secunia.com/advisories/18349 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18147 third-party-advisory, x_refsource_SECUNIA
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt vendor-advisory, x_refsource_SCO
http://scary.beasts.org/security/CESA-2005-003.txt x_refsource_MISC
http://www.kde.org/info/security/advisory-20051207-2.txt x_refsource_CONFIRM
http://secunia.com/advisories/18679 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18312 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18644 third-party-advisory, x_refsource_SECUNIA
https://usn.ubuntu.com/236-1/ vendor-advisory, x_refsource_UBUNTU
http://secunia.com/advisories/18425 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18373 third-party-advisory, x_refsource_SECUNIA
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9992 vdb-entry, signature, x_refsource_OVAL
http://secunia.com/advisories/18303 third-party-advisory, x_refsource_SECUNIA
http://www.debian.org/security/2005/dsa-931 vendor-advisory, x_refsource_DEBIAN
http://secunia.com/advisories/18554 third-party-advisory, x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDKSA-2006:003 vendor-advisory, x_refsource_MANDRIVA
http://secunia.com/advisories/19230 third-party-advisory, x_refsource_SECUNIA
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1 vendor-advisory, x_refsource_SUNALERT
http://www.mandriva.com/security/advisories?name=MDKSA-2006:012 vendor-advisory, x_refsource_MANDRIVA
http://www.debian.org/security/2006/dsa-962 vendor-advisory, x_refsource_DEBIAN
http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.html x_refsource_CONFIRM
http://www.redhat.com/support/errata/RHSA-2006-0163.html vendor-advisory, x_refsource_REDHAT
http://www.debian.org/security/2005/dsa-937 vendor-advisory, x_refsource_DEBIAN
http://secunia.com/advisories/18398 third-party-advisory, x_refsource_SECUNIA
http://www.securityfocus.com/archive/1/427053/100/0/threaded vendor-advisory, x_refsource_FEDORA
http://www.trustix.org/errata/2006/0002/ vendor-advisory, x_refsource_TRUSTIX
http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html vendor-advisory, x_refsource_SUSE
http://www.debian.org/security/2006/dsa-936 vendor-advisory, x_refsource_DEBIAN
http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html vendor-advisory, x_refsource_FEDORA
http://secunia.com/advisories/18329 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18463 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18642 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18674 third-party-advisory, x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDKSA-2006:005 vendor-advisory, x_refsource_MANDRIVA
http://secunia.com/advisories/18313 third-party-advisory, x_refsource_SECUNIA
ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U vendor-advisory, x_refsource_SGI
ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U vendor-advisory, x_refsource_SGI
http://secunia.com/advisories/18448 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18436 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18428 third-party-advisory, x_refsource_SECUNIA
https://exchange.xforce.ibmcloud.com/vulnerabilities/24026 vdb-entry, x_refsource_XF
http://secunia.com/advisories/18380 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18423 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18416 third-party-advisory, x_refsource_SECUNIA
http://rhn.redhat.com/errata/RHSA-2006-0177.html vendor-advisory, x_refsource_REDHAT
http://www.vupen.com/english/advisories/2007/2280 vdb-entry, x_refsource_VUPEN
http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml vendor-advisory, x_refsource_GENTOO
http://secunia.com/advisories/18335 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18407 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18332 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18517 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18582 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18534 third-party-advisory, x_refsource_SECUNIA
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683 vendor-advisory, x_refsource_SLACKWARE
http://secunia.com/advisories/18908 third-party-advisory, x_refsource_SECUNIA
http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.html x_refsource_CONFIRM
http://secunia.com/advisories/25729 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18414 third-party-advisory, x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDKSA-2006:006 vendor-advisory, x_refsource_MANDRIVA
http://secunia.com/advisories/18338 third-party-advisory, x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDKSA-2006:008 vendor-advisory, x_refsource_MANDRIVA
ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U vendor-advisory, x_refsource_SGI
http://www.redhat.com/support/errata/RHSA-2006-0160.html vendor-advisory, x_refsource_REDHAT
http://www.mandriva.com/security/advisories?name=MDKSA-2006:010 vendor-advisory, x_refsource_MANDRAKE
http://www.debian.org/security/2005/dsa-940 vendor-advisory, x_refsource_DEBIAN
http://www.mandriva.com/security/advisories?name=MDKSA-2006:004 vendor-advisory, x_refsource_MANDRIVA
http://www.vupen.com/english/advisories/2006/0047 vdb-entry, x_refsource_VUPEN
http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml vendor-advisory, x_refsource_GENTOO
http://secunia.com/advisories/18389 third-party-advisory, x_refsource_SECUNIA
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747 vendor-advisory, x_refsource_SLACKWARE
http://secunia.com/advisories/19377 third-party-advisory, x_refsource_SECUNIA
http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html vendor-advisory, x_refsource_FEDORA
http://www.securityfocus.com/archive/1/427990/100/0/threaded vendor-advisory, x_refsource_FEDORA
http://www.debian.org/security/2006/dsa-961 vendor-advisory, x_refsource_DEBIAN
http://secunia.com/advisories/18675 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18913 third-party-advisory, x_refsource_SECUNIA
http://www.debian.org/security/2005/dsa-938 vendor-advisory, x_refsource_DEBIAN
http://secunia.com/advisories/18334 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18375 third-party-advisory, x_refsource_SECUNIA
http://www.debian.org/security/2006/dsa-950 vendor-advisory, x_refsource_DEBIAN
http://secunia.com/advisories/18387 third-party-advisory, x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDKSA-2006:011 vendor-advisory, x_refsource_MANDRIVA
http://secunia.com/advisories/18385 third-party-advisory, x_refsource_SECUNIA
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T23:17:23.446Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "16143",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/16143"
          },
          {
            "name": "DSA-932",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2005/dsa-932"
          },
          {
            "name": "18349",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18349"
          },
          {
            "name": "18147",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18147"
          },
          {
            "name": "SCOSA-2006.15",
            "tags": [
              "vendor-advisory",
              "x_refsource_SCO",
              "x_transferred"
            ],
            "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://scary.beasts.org/security/CESA-2005-003.txt"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.kde.org/info/security/advisory-20051207-2.txt"
          },
          {
            "name": "18679",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18679"
          },
          {
            "name": "18312",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18312"
          },
          {
            "name": "18644",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18644"
          },
          {
            "name": "USN-236-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/236-1/"
          },
          {
            "name": "18425",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18425"
          },
          {
            "name": "18373",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18373"
          },
          {
            "name": "oval:org.mitre.oval:def:9992",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9992"
          },
          {
            "name": "18303",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18303"
          },
          {
            "name": "DSA-931",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2005/dsa-931"
          },
          {
            "name": "18554",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18554"
          },
          {
            "name": "MDKSA-2006:003",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003"
          },
          {
            "name": "19230",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/19230"
          },
          {
            "name": "102972",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1"
          },
          {
            "name": "MDKSA-2006:012",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012"
          },
          {
            "name": "DSA-962",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-962"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.html"
          },
          {
            "name": "RHSA-2006:0163",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html"
          },
          {
            "name": "DSA-937",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2005/dsa-937"
          },
          {
            "name": "18398",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18398"
          },
          {
            "name": "FLSA-2006:176751",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded"
          },
          {
            "name": "2006-0002",
            "tags": [
              "vendor-advisory",
              "x_refsource_TRUSTIX",
              "x_transferred"
            ],
            "url": "http://www.trustix.org/errata/2006/0002/"
          },
          {
            "name": "SUSE-SA:2006:001",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html"
          },
          {
            "name": "DSA-936",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-936"
          },
          {
            "name": "FEDORA-2005-026",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html"
          },
          {
            "name": "18329",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18329"
          },
          {
            "name": "18463",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18463"
          },
          {
            "name": "18642",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18642"
          },
          {
            "name": "18674",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18674"
          },
          {
            "name": "MDKSA-2006:005",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005"
          },
          {
            "name": "18313",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18313"
          },
          {
            "name": "20051201-01-U",
            "tags": [
              "vendor-advisory",
              "x_refsource_SGI",
              "x_transferred"
            ],
            "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U"
          },
          {
            "name": "20060101-01-U",
            "tags": [
              "vendor-advisory",
              "x_refsource_SGI",
              "x_transferred"
            ],
            "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U"
          },
          {
            "name": "18448",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18448"
          },
          {
            "name": "18436",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18436"
          },
          {
            "name": "18428",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18428"
          },
          {
            "name": "xpdf-flatedecode-dos(24026)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24026"
          },
          {
            "name": "18380",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18380"
          },
          {
            "name": "18423",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18423"
          },
          {
            "name": "18416",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18416"
          },
          {
            "name": "RHSA-2006:0177",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html"
          },
          {
            "name": "ADV-2007-2280",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/2280"
          },
          {
            "name": "GLSA-200601-02",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml"
          },
          {
            "name": "18335",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18335"
          },
          {
            "name": "18407",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18407"
          },
          {
            "name": "18332",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18332"
          },
          {
            "name": "18517",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18517"
          },
          {
            "name": "18582",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18582"
          },
          {
            "name": "18534",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18534"
          },
          {
            "name": "SSA:2006-045-09",
            "tags": [
              "vendor-advisory",
              "x_refsource_SLACKWARE",
              "x_transferred"
            ],
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683"
          },
          {
            "name": "18908",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18908"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.html"
          },
          {
            "name": "25729",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25729"
          },
          {
            "name": "18414",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18414"
          },
          {
            "name": "MDKSA-2006:006",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006"
          },
          {
            "name": "18338",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18338"
          },
          {
            "name": "MDKSA-2006:008",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008"
          },
          {
            "name": "20060201-01-U",
            "tags": [
              "vendor-advisory",
              "x_refsource_SGI",
              "x_transferred"
            ],
            "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U"
          },
          {
            "name": "RHSA-2006:0160",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html"
          },
          {
            "name": "MDKSA-2006:010",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010"
          },
          {
            "name": "DSA-940",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2005/dsa-940"
          },
          {
            "name": "MDKSA-2006:004",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004"
          },
          {
            "name": "ADV-2006-0047",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/0047"
          },
          {
            "name": "GLSA-200601-17",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml"
          },
          {
            "name": "18389",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18389"
          },
          {
            "name": "SSA:2006-045-04",
            "tags": [
              "vendor-advisory",
              "x_refsource_SLACKWARE",
              "x_transferred"
            ],
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747"
          },
          {
            "name": "19377",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/19377"
          },
          {
            "name": "FEDORA-2005-025",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html"
          },
          {
            "name": "FLSA:175404",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded"
          },
          {
            "name": "DSA-961",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-961"
          },
          {
            "name": "18675",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18675"
          },
          {
            "name": "18913",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18913"
          },
          {
            "name": "DSA-938",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2005/dsa-938"
          },
          {
            "name": "18334",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18334"
          },
          {
            "name": "18375",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18375"
          },
          {
            "name": "DSA-950",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-950"
          },
          {
            "name": "18387",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18387"
          },
          {
            "name": "MDKSA-2006:011",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011"
          },
          {
            "name": "18385",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18385"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-01-06T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-19T14:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "16143",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/16143"
        },
        {
          "name": "DSA-932",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2005/dsa-932"
        },
        {
          "name": "18349",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18349"
        },
        {
          "name": "18147",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18147"
        },
        {
          "name": "SCOSA-2006.15",
          "tags": [
            "vendor-advisory",
            "x_refsource_SCO"
          ],
          "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://scary.beasts.org/security/CESA-2005-003.txt"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.kde.org/info/security/advisory-20051207-2.txt"
        },
        {
          "name": "18679",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18679"
        },
        {
          "name": "18312",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18312"
        },
        {
          "name": "18644",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18644"
        },
        {
          "name": "USN-236-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/236-1/"
        },
        {
          "name": "18425",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18425"
        },
        {
          "name": "18373",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18373"
        },
        {
          "name": "oval:org.mitre.oval:def:9992",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9992"
        },
        {
          "name": "18303",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18303"
        },
        {
          "name": "DSA-931",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2005/dsa-931"
        },
        {
          "name": "18554",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18554"
        },
        {
          "name": "MDKSA-2006:003",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003"
        },
        {
          "name": "19230",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/19230"
        },
        {
          "name": "102972",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1"
        },
        {
          "name": "MDKSA-2006:012",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012"
        },
        {
          "name": "DSA-962",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-962"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.html"
        },
        {
          "name": "RHSA-2006:0163",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html"
        },
        {
          "name": "DSA-937",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2005/dsa-937"
        },
        {
          "name": "18398",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18398"
        },
        {
          "name": "FLSA-2006:176751",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded"
        },
        {
          "name": "2006-0002",
          "tags": [
            "vendor-advisory",
            "x_refsource_TRUSTIX"
          ],
          "url": "http://www.trustix.org/errata/2006/0002/"
        },
        {
          "name": "SUSE-SA:2006:001",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html"
        },
        {
          "name": "DSA-936",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-936"
        },
        {
          "name": "FEDORA-2005-026",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html"
        },
        {
          "name": "18329",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18329"
        },
        {
          "name": "18463",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18463"
        },
        {
          "name": "18642",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18642"
        },
        {
          "name": "18674",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18674"
        },
        {
          "name": "MDKSA-2006:005",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005"
        },
        {
          "name": "18313",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18313"
        },
        {
          "name": "20051201-01-U",
          "tags": [
            "vendor-advisory",
            "x_refsource_SGI"
          ],
          "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U"
        },
        {
          "name": "20060101-01-U",
          "tags": [
            "vendor-advisory",
            "x_refsource_SGI"
          ],
          "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U"
        },
        {
          "name": "18448",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18448"
        },
        {
          "name": "18436",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18436"
        },
        {
          "name": "18428",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18428"
        },
        {
          "name": "xpdf-flatedecode-dos(24026)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24026"
        },
        {
          "name": "18380",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18380"
        },
        {
          "name": "18423",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18423"
        },
        {
          "name": "18416",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18416"
        },
        {
          "name": "RHSA-2006:0177",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html"
        },
        {
          "name": "ADV-2007-2280",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/2280"
        },
        {
          "name": "GLSA-200601-02",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml"
        },
        {
          "name": "18335",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18335"
        },
        {
          "name": "18407",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18407"
        },
        {
          "name": "18332",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18332"
        },
        {
          "name": "18517",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18517"
        },
        {
          "name": "18582",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18582"
        },
        {
          "name": "18534",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18534"
        },
        {
          "name": "SSA:2006-045-09",
          "tags": [
            "vendor-advisory",
            "x_refsource_SLACKWARE"
          ],
          "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683"
        },
        {
          "name": "18908",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18908"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.html"
        },
        {
          "name": "25729",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25729"
        },
        {
          "name": "18414",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18414"
        },
        {
          "name": "MDKSA-2006:006",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006"
        },
        {
          "name": "18338",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18338"
        },
        {
          "name": "MDKSA-2006:008",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008"
        },
        {
          "name": "20060201-01-U",
          "tags": [
            "vendor-advisory",
            "x_refsource_SGI"
          ],
          "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U"
        },
        {
          "name": "RHSA-2006:0160",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html"
        },
        {
          "name": "MDKSA-2006:010",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010"
        },
        {
          "name": "DSA-940",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2005/dsa-940"
        },
        {
          "name": "MDKSA-2006:004",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004"
        },
        {
          "name": "ADV-2006-0047",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/0047"
        },
        {
          "name": "GLSA-200601-17",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml"
        },
        {
          "name": "18389",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18389"
        },
        {
          "name": "SSA:2006-045-04",
          "tags": [
            "vendor-advisory",
            "x_refsource_SLACKWARE"
          ],
          "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747"
        },
        {
          "name": "19377",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/19377"
        },
        {
          "name": "FEDORA-2005-025",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html"
        },
        {
          "name": "FLSA:175404",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded"
        },
        {
          "name": "DSA-961",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-961"
        },
        {
          "name": "18675",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18675"
        },
        {
          "name": "18913",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18913"
        },
        {
          "name": "DSA-938",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2005/dsa-938"
        },
        {
          "name": "18334",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18334"
        },
        {
          "name": "18375",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18375"
        },
        {
          "name": "DSA-950",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-950"
        },
        {
          "name": "18387",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18387"
        },
        {
          "name": "MDKSA-2006:011",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011"
        },
        {
          "name": "18385",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18385"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2005-3626",
    "datePublished": "2006-01-06T22:00:00",
    "dateReserved": "2005-11-16T00:00:00",
    "dateUpdated": "2024-08-07T23:17:23.446Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2010-0207 (GCVE-0-2010-0207)
Vulnerability from cvelistv5
Published
2019-10-30 20:46
Modified
2024-08-07 00:37
Severity ?
CWE
  • Other
Summary
In xpdf, the xref table contains an infinite loop which allows remote attackers to cause a denial of service (application crash) in xpdf-based PDF viewers.
Impacted products
Vendor Product Version
poppler poppler Version: 0.26.5-2
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T00:37:54.327Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://security-tracker.debian.org/tracker/CVE-2010-0207"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-0207"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "poppler",
          "vendor": "poppler",
          "versions": [
            {
              "status": "affected",
              "version": "0.26.5-2"
            }
          ]
        }
      ],
      "datePublic": "2010-04-19T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In xpdf, the xref table contains an infinite loop which allows remote attackers to cause a denial of service (application crash) in xpdf-based PDF viewers."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Other",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-10-30T20:46:53",
        "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "shortName": "certcc"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://security-tracker.debian.org/tracker/CVE-2010-0207"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-0207"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cert@cert.org",
          "ID": "CVE-2010-0207",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "poppler",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "0.26.5-2"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "poppler"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In xpdf, the xref table contains an infinite loop which allows remote attackers to cause a denial of service (application crash) in xpdf-based PDF viewers."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Other"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://security-tracker.debian.org/tracker/CVE-2010-0207",
              "refsource": "MISC",
              "url": "https://security-tracker.debian.org/tracker/CVE-2010-0207"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-0207",
              "refsource": "MISC",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-0207"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
    "assignerShortName": "certcc",
    "cveId": "CVE-2010-0207",
    "datePublished": "2019-10-30T20:46:53",
    "dateReserved": "2010-01-06T00:00:00",
    "dateUpdated": "2024-08-07T00:37:54.327Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2009-3606 (GCVE-0-2009-3606)
Vulnerability from cvelistv5
Published
2009-10-21 17:00
Modified
2024-08-07 06:31
Severity ?
CWE
  • n/a
Summary
Integer overflow in the PSOutputDev::doImageL1Sep function in Xpdf before 3.02pl4, and Poppler 0.x, as used in kdegraphics KPDF, might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow.
References
http://secunia.com/advisories/39938 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/37042 third-party-advisory, x_refsource_SECUNIA
ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl4.patch x_refsource_CONFIRM
http://www.debian.org/security/2009/dsa-1941 vendor-advisory, x_refsource_DEBIAN
http://www.mandriva.com/security/advisories?name=MDVSA-2009:287 vendor-advisory, x_refsource_MANDRIVA
http://www.openwall.com/lists/oss-security/2009/12/01/6 mailing-list, x_refsource_MLIST
http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035408.html vendor-advisory, x_refsource_FEDORA
https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00750.html vendor-advisory, x_refsource_FEDORA
http://cgit.freedesktop.org/poppler/poppler/diff/poppler/PSOutputDev.cc?id=7b2d314a61 x_refsource_CONFIRM
https://rhn.redhat.com/errata/RHSA-2009-1501.html vendor-advisory, x_refsource_REDHAT
http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html vendor-advisory, x_refsource_SUSE
http://www.debian.org/security/2010/dsa-2028 vendor-advisory, x_refsource_DEBIAN
http://www.debian.org/security/2010/dsa-2050 vendor-advisory, x_refsource_DEBIAN
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11289 vdb-entry, signature, x_refsource_OVAL
http://www.openwall.com/lists/oss-security/2009/12/01/1 mailing-list, x_refsource_MLIST
http://secunia.com/advisories/37159 third-party-advisory, x_refsource_SECUNIA
http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035340.html vendor-advisory, x_refsource_FEDORA
http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1 vendor-advisory, x_refsource_SUNALERT
https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00784.html vendor-advisory, x_refsource_FEDORA
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7836 vdb-entry, signature, x_refsource_OVAL
http://secunia.com/advisories/37077 third-party-advisory, x_refsource_SECUNIA
http://securitytracker.com/id?1023029 vdb-entry, x_refsource_SECTRACK
https://exchange.xforce.ibmcloud.com/vulnerabilities/53798 vdb-entry, x_refsource_XF
http://www.mandriva.com/security/advisories?name=MDVSA-2011:175 vendor-advisory, x_refsource_MANDRIVA
http://secunia.com/advisories/37037 third-party-advisory, x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2010/1040 vdb-entry, x_refsource_VUPEN
http://www.vupen.com/english/advisories/2010/0802 vdb-entry, x_refsource_VUPEN
https://rhn.redhat.com/errata/RHSA-2009-1502.html vendor-advisory, x_refsource_REDHAT
http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035399.html vendor-advisory, x_refsource_FEDORA
https://rhn.redhat.com/errata/RHSA-2009-1500.html vendor-advisory, x_refsource_REDHAT
http://www.vupen.com/english/advisories/2009/2928 vdb-entry, x_refsource_VUPEN
http://secunia.com/advisories/37023 third-party-advisory, x_refsource_SECUNIA
http://www.openwall.com/lists/oss-security/2009/12/01/5 mailing-list, x_refsource_MLIST
http://www.vupen.com/english/advisories/2009/2924 vdb-entry, x_refsource_VUPEN
http://www.mandriva.com/security/advisories?name=MDVSA-2010:087 vendor-advisory, x_refsource_MANDRIVA
http://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1 vendor-advisory, x_refsource_SUNALERT
http://www.vupen.com/english/advisories/2010/1220 vdb-entry, x_refsource_VUPEN
http://secunia.com/advisories/37053 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/39327 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/37043 third-party-advisory, x_refsource_SECUNIA
http://www.securityfocus.com/bid/36703 vdb-entry, x_refsource_BID
https://bugzilla.redhat.com/show_bug.cgi?id=526877 x_refsource_CONFIRM
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T06:31:11.027Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "39938",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/39938"
          },
          {
            "name": "37042",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/37042"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl4.patch"
          },
          {
            "name": "DSA-1941",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2009/dsa-1941"
          },
          {
            "name": "MDVSA-2009:287",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:287"
          },
          {
            "name": "[oss-security] 20091201 Re: Need more information on recent poppler issues",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2009/12/01/6"
          },
          {
            "name": "FEDORA-2010-1377",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035408.html"
          },
          {
            "name": "FEDORA-2009-10823",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00750.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://cgit.freedesktop.org/poppler/poppler/diff/poppler/PSOutputDev.cc?id=7b2d314a61"
          },
          {
            "name": "RHSA-2009:1501",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://rhn.redhat.com/errata/RHSA-2009-1501.html"
          },
          {
            "name": "SUSE-SR:2009:018",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html"
          },
          {
            "name": "DSA-2028",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2010/dsa-2028"
          },
          {
            "name": "DSA-2050",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2010/dsa-2050"
          },
          {
            "name": "oval:org.mitre.oval:def:11289",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11289"
          },
          {
            "name": "[oss-security] 20091130 Need more information on recent poppler issues",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2009/12/01/1"
          },
          {
            "name": "37159",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/37159"
          },
          {
            "name": "FEDORA-2010-1805",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035340.html"
          },
          {
            "name": "1021706",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1"
          },
          {
            "name": "FEDORA-2009-10845",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00784.html"
          },
          {
            "name": "oval:org.mitre.oval:def:7836",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7836"
          },
          {
            "name": "37077",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/37077"
          },
          {
            "name": "1023029",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1023029"
          },
          {
            "name": "xpdf-psoutputdev-bo(53798)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53798"
          },
          {
            "name": "MDVSA-2011:175",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
          },
          {
            "name": "37037",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/37037"
          },
          {
            "name": "ADV-2010-1040",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/1040"
          },
          {
            "name": "ADV-2010-0802",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/0802"
          },
          {
            "name": "RHSA-2009:1502",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://rhn.redhat.com/errata/RHSA-2009-1502.html"
          },
          {
            "name": "FEDORA-2010-1842",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035399.html"
          },
          {
            "name": "RHSA-2009:1500",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://rhn.redhat.com/errata/RHSA-2009-1500.html"
          },
          {
            "name": "ADV-2009-2928",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/2928"
          },
          {
            "name": "37023",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/37023"
          },
          {
            "name": "[oss-security] 20091130 Re: Need more information on recent poppler issues",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2009/12/01/5"
          },
          {
            "name": "ADV-2009-2924",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/2924"
          },
          {
            "name": "MDVSA-2010:087",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
          },
          {
            "name": "274030",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1"
          },
          {
            "name": "ADV-2010-1220",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/1220"
          },
          {
            "name": "37053",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/37053"
          },
          {
            "name": "39327",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/39327"
          },
          {
            "name": "37043",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/37043"
          },
          {
            "name": "36703",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/36703"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=526877"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-10-15T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Integer overflow in the PSOutputDev::doImageL1Sep function in Xpdf before 3.02pl4, and Poppler 0.x, as used in kdegraphics KPDF, might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-18T12:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "39938",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/39938"
        },
        {
          "name": "37042",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/37042"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl4.patch"
        },
        {
          "name": "DSA-1941",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2009/dsa-1941"
        },
        {
          "name": "MDVSA-2009:287",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:287"
        },
        {
          "name": "[oss-security] 20091201 Re: Need more information on recent poppler issues",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2009/12/01/6"
        },
        {
          "name": "FEDORA-2010-1377",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035408.html"
        },
        {
          "name": "FEDORA-2009-10823",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00750.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://cgit.freedesktop.org/poppler/poppler/diff/poppler/PSOutputDev.cc?id=7b2d314a61"
        },
        {
          "name": "RHSA-2009:1501",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://rhn.redhat.com/errata/RHSA-2009-1501.html"
        },
        {
          "name": "SUSE-SR:2009:018",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html"
        },
        {
          "name": "DSA-2028",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2010/dsa-2028"
        },
        {
          "name": "DSA-2050",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2010/dsa-2050"
        },
        {
          "name": "oval:org.mitre.oval:def:11289",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11289"
        },
        {
          "name": "[oss-security] 20091130 Need more information on recent poppler issues",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2009/12/01/1"
        },
        {
          "name": "37159",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/37159"
        },
        {
          "name": "FEDORA-2010-1805",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035340.html"
        },
        {
          "name": "1021706",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1"
        },
        {
          "name": "FEDORA-2009-10845",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00784.html"
        },
        {
          "name": "oval:org.mitre.oval:def:7836",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7836"
        },
        {
          "name": "37077",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/37077"
        },
        {
          "name": "1023029",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1023029"
        },
        {
          "name": "xpdf-psoutputdev-bo(53798)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53798"
        },
        {
          "name": "MDVSA-2011:175",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
        },
        {
          "name": "37037",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/37037"
        },
        {
          "name": "ADV-2010-1040",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/1040"
        },
        {
          "name": "ADV-2010-0802",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/0802"
        },
        {
          "name": "RHSA-2009:1502",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://rhn.redhat.com/errata/RHSA-2009-1502.html"
        },
        {
          "name": "FEDORA-2010-1842",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035399.html"
        },
        {
          "name": "RHSA-2009:1500",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://rhn.redhat.com/errata/RHSA-2009-1500.html"
        },
        {
          "name": "ADV-2009-2928",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/2928"
        },
        {
          "name": "37023",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/37023"
        },
        {
          "name": "[oss-security] 20091130 Re: Need more information on recent poppler issues",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2009/12/01/5"
        },
        {
          "name": "ADV-2009-2924",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/2924"
        },
        {
          "name": "MDVSA-2010:087",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
        },
        {
          "name": "274030",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1"
        },
        {
          "name": "ADV-2010-1220",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/1220"
        },
        {
          "name": "37053",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/37053"
        },
        {
          "name": "39327",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/39327"
        },
        {
          "name": "37043",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/37043"
        },
        {
          "name": "36703",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/36703"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=526877"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2009-3606",
    "datePublished": "2009-10-21T17:00:00",
    "dateReserved": "2009-10-09T00:00:00",
    "dateUpdated": "2024-08-07T06:31:11.027Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2009-3607 (GCVE-0-2009-3607)
Vulnerability from cvelistv5
Published
2009-10-21 17:00
Modified
2024-08-07 06:31
Severity ?
CWE
  • n/a
Summary
Integer overflow in the create_surface_from_thumbnail_data function in glib/poppler-page.cc in Poppler 0.x allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow. NOTE: some of these details are obtained from third party information.
References
http://www.debian.org/security/2009/dsa-1941 vendor-advisory, x_refsource_DEBIAN
http://www.openwall.com/lists/oss-security/2009/12/01/6 mailing-list, x_refsource_MLIST
https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00750.html vendor-advisory, x_refsource_FEDORA
http://www.securityfocus.com/bid/36718 vdb-entry, x_refsource_BID
http://www.openwall.com/lists/oss-security/2009/12/01/1 mailing-list, x_refsource_MLIST
https://exchange.xforce.ibmcloud.com/vulnerabilities/53801 vdb-entry, x_refsource_XF
http://secunia.com/advisories/37159 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/37054 third-party-advisory, x_refsource_SECUNIA
https://bugzilla.redhat.com/show_bug.cgi?id=526924 x_refsource_CONFIRM
http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1 vendor-advisory, x_refsource_SUNALERT
https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00784.html vendor-advisory, x_refsource_FEDORA
http://secunia.com/advisories/37114 third-party-advisory, x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDVSA-2011:175 vendor-advisory, x_refsource_MANDRIVA
http://www.ubuntu.com/usn/USN-850-3 vendor-advisory, x_refsource_UBUNTU
http://www.openwall.com/lists/oss-security/2009/12/01/5 mailing-list, x_refsource_MLIST
http://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1 vendor-advisory, x_refsource_SUNALERT
http://www.ubuntu.com/usn/USN-850-1 vendor-advisory, x_refsource_UBUNTU
http://cgit.freedesktop.org/poppler/poppler/commit/?id=c839b706 x_refsource_CONFIRM
http://www.vupen.com/english/advisories/2009/2925 vdb-entry, x_refsource_VUPEN
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T06:31:10.561Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "DSA-1941",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2009/dsa-1941"
          },
          {
            "name": "[oss-security] 20091201 Re: Need more information on recent poppler issues",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2009/12/01/6"
          },
          {
            "name": "FEDORA-2009-10823",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00750.html"
          },
          {
            "name": "36718",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/36718"
          },
          {
            "name": "[oss-security] 20091130 Need more information on recent poppler issues",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2009/12/01/1"
          },
          {
            "name": "poppler-createsurfacefromthumbnaildata-bo(53801)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53801"
          },
          {
            "name": "37159",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/37159"
          },
          {
            "name": "37054",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/37054"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=526924"
          },
          {
            "name": "1021706",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1"
          },
          {
            "name": "FEDORA-2009-10845",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00784.html"
          },
          {
            "name": "37114",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/37114"
          },
          {
            "name": "MDVSA-2011:175",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
          },
          {
            "name": "USN-850-3",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-850-3"
          },
          {
            "name": "[oss-security] 20091130 Re: Need more information on recent poppler issues",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2009/12/01/5"
          },
          {
            "name": "274030",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1"
          },
          {
            "name": "USN-850-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-850-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=c839b706"
          },
          {
            "name": "ADV-2009-2925",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/2925"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-10-15T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Integer overflow in the create_surface_from_thumbnail_data function in glib/poppler-page.cc in Poppler 0.x allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow.  NOTE: some of these details are obtained from third party information."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-16T14:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "DSA-1941",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2009/dsa-1941"
        },
        {
          "name": "[oss-security] 20091201 Re: Need more information on recent poppler issues",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2009/12/01/6"
        },
        {
          "name": "FEDORA-2009-10823",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00750.html"
        },
        {
          "name": "36718",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/36718"
        },
        {
          "name": "[oss-security] 20091130 Need more information on recent poppler issues",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2009/12/01/1"
        },
        {
          "name": "poppler-createsurfacefromthumbnaildata-bo(53801)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53801"
        },
        {
          "name": "37159",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/37159"
        },
        {
          "name": "37054",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/37054"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=526924"
        },
        {
          "name": "1021706",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1"
        },
        {
          "name": "FEDORA-2009-10845",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00784.html"
        },
        {
          "name": "37114",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/37114"
        },
        {
          "name": "MDVSA-2011:175",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
        },
        {
          "name": "USN-850-3",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-850-3"
        },
        {
          "name": "[oss-security] 20091130 Re: Need more information on recent poppler issues",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2009/12/01/5"
        },
        {
          "name": "274030",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1"
        },
        {
          "name": "USN-850-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-850-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=c839b706"
        },
        {
          "name": "ADV-2009-2925",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/2925"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2009-3607",
    "datePublished": "2009-10-21T17:00:00",
    "dateReserved": "2009-10-09T00:00:00",
    "dateUpdated": "2024-08-07T06:31:10.561Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2009-1182 (GCVE-0-2009-1182)
Vulnerability from cvelistv5
Published
2009-04-23 17:00
Modified
2024-08-07 05:04
Severity ?
CWE
  • n/a
Summary
Multiple buffer overflows in the JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allow remote attackers to execute arbitrary code via a crafted PDF file.
References
http://www.debian.org/security/2009/dsa-1793 vendor-advisory, x_refsource_DEBIAN
http://secunia.com/advisories/34963 third-party-advisory, x_refsource_SECUNIA
https://bugzilla.redhat.com/show_bug.cgi?id=495896 x_refsource_CONFIRM
http://www.debian.org/security/2009/dsa-1790 vendor-advisory, x_refsource_DEBIAN
http://secunia.com/advisories/35037 third-party-advisory, x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2009/1077 vdb-entry, x_refsource_VUPEN
http://secunia.com/advisories/35064 third-party-advisory, x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2009/1066 vdb-entry, x_refsource_VUPEN
http://secunia.com/advisories/34481 third-party-advisory, x_refsource_SECUNIA
http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.578477 vendor-advisory, x_refsource_SLACKWARE
http://www.redhat.com/support/errata/RHSA-2009-0431.html vendor-advisory, x_refsource_REDHAT
http://www.vupen.com/english/advisories/2009/1065 vdb-entry, x_refsource_VUPEN
http://www.redhat.com/support/errata/RHSA-2009-0430.html vendor-advisory, x_refsource_REDHAT
https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html vendor-advisory, x_refsource_FEDORA
http://secunia.com/advisories/35618 third-party-advisory, x_refsource_SECUNIA
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10735 vdb-entry, signature, x_refsource_OVAL
http://secunia.com/advisories/35065 third-party-advisory, x_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2009-0480.html vendor-advisory, x_refsource_REDHAT
http://poppler.freedesktop.org/releases.html x_refsource_CONFIRM
http://www.securityfocus.com/bid/34568 vdb-entry, x_refsource_BID
http://www.mandriva.com/security/advisories?name=MDVSA-2011:175 vendor-advisory, x_refsource_MANDRIVA
http://www.kb.cert.org/vuls/id/196617 third-party-advisory, x_refsource_CERT-VN
http://www.vupen.com/english/advisories/2010/1040 vdb-entry, x_refsource_VUPEN
http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html vendor-advisory, x_refsource_SUSE
http://rhn.redhat.com/errata/RHSA-2009-0458.html vendor-advisory, x_refsource_REDHAT
https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html vendor-advisory, x_refsource_FEDORA
http://secunia.com/advisories/34991 third-party-advisory, x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDVSA-2009:101 vendor-advisory, x_refsource_MANDRIVA
http://www.mandriva.com/security/advisories?name=MDVSA-2010:087 vendor-advisory, x_refsource_MANDRIVA
http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html vendor-advisory, x_refsource_SUSE
http://secunia.com/advisories/35685 third-party-advisory, x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2009/1076 vdb-entry, x_refsource_VUPEN
http://secunia.com/advisories/34756 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/34291 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/34755 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/34852 third-party-advisory, x_refsource_SECUNIA
http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html vendor-advisory, x_refsource_SUSE
https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html vendor-advisory, x_refsource_FEDORA
http://secunia.com/advisories/34959 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/34746 third-party-advisory, x_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2009-0429.html vendor-advisory, x_refsource_REDHAT
http://www.securitytracker.com/id?1022073 vdb-entry, x_refsource_SECTRACK
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T05:04:49.234Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "DSA-1793",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2009/dsa-1793"
          },
          {
            "name": "34963",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34963"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=495896"
          },
          {
            "name": "DSA-1790",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2009/dsa-1790"
          },
          {
            "name": "35037",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35037"
          },
          {
            "name": "ADV-2009-1077",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/1077"
          },
          {
            "name": "35064",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35064"
          },
          {
            "name": "ADV-2009-1066",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/1066"
          },
          {
            "name": "34481",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34481"
          },
          {
            "name": "SSA:2009-129-01",
            "tags": [
              "vendor-advisory",
              "x_refsource_SLACKWARE",
              "x_transferred"
            ],
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477"
          },
          {
            "name": "RHSA-2009:0431",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html"
          },
          {
            "name": "ADV-2009-1065",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/1065"
          },
          {
            "name": "RHSA-2009:0430",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html"
          },
          {
            "name": "FEDORA-2009-6972",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html"
          },
          {
            "name": "35618",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35618"
          },
          {
            "name": "oval:org.mitre.oval:def:10735",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10735"
          },
          {
            "name": "35065",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35065"
          },
          {
            "name": "RHSA-2009:0480",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://poppler.freedesktop.org/releases.html"
          },
          {
            "name": "34568",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/34568"
          },
          {
            "name": "MDVSA-2011:175",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
          },
          {
            "name": "VU#196617",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/196617"
          },
          {
            "name": "ADV-2010-1040",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/1040"
          },
          {
            "name": "SUSE-SA:2009:024",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html"
          },
          {
            "name": "RHSA-2009:0458",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html"
          },
          {
            "name": "FEDORA-2009-6982",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html"
          },
          {
            "name": "34991",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34991"
          },
          {
            "name": "MDVSA-2009:101",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101"
          },
          {
            "name": "MDVSA-2010:087",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
          },
          {
            "name": "SUSE-SR:2009:010",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
          },
          {
            "name": "35685",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35685"
          },
          {
            "name": "ADV-2009-1076",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/1076"
          },
          {
            "name": "34756",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34756"
          },
          {
            "name": "34291",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34291"
          },
          {
            "name": "34755",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34755"
          },
          {
            "name": "34852",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34852"
          },
          {
            "name": "SUSE-SR:2009:012",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
          },
          {
            "name": "FEDORA-2009-6973",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html"
          },
          {
            "name": "34959",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34959"
          },
          {
            "name": "34746",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34746"
          },
          {
            "name": "RHSA-2009:0429",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html"
          },
          {
            "name": "1022073",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1022073"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-04-16T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple buffer overflows in the JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allow remote attackers to execute arbitrary code via a crafted PDF file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-28T12:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "DSA-1793",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2009/dsa-1793"
        },
        {
          "name": "34963",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34963"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=495896"
        },
        {
          "name": "DSA-1790",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2009/dsa-1790"
        },
        {
          "name": "35037",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35037"
        },
        {
          "name": "ADV-2009-1077",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/1077"
        },
        {
          "name": "35064",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35064"
        },
        {
          "name": "ADV-2009-1066",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/1066"
        },
        {
          "name": "34481",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34481"
        },
        {
          "name": "SSA:2009-129-01",
          "tags": [
            "vendor-advisory",
            "x_refsource_SLACKWARE"
          ],
          "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477"
        },
        {
          "name": "RHSA-2009:0431",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html"
        },
        {
          "name": "ADV-2009-1065",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/1065"
        },
        {
          "name": "RHSA-2009:0430",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html"
        },
        {
          "name": "FEDORA-2009-6972",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html"
        },
        {
          "name": "35618",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35618"
        },
        {
          "name": "oval:org.mitre.oval:def:10735",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10735"
        },
        {
          "name": "35065",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35065"
        },
        {
          "name": "RHSA-2009:0480",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://poppler.freedesktop.org/releases.html"
        },
        {
          "name": "34568",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/34568"
        },
        {
          "name": "MDVSA-2011:175",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
        },
        {
          "name": "VU#196617",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/196617"
        },
        {
          "name": "ADV-2010-1040",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/1040"
        },
        {
          "name": "SUSE-SA:2009:024",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html"
        },
        {
          "name": "RHSA-2009:0458",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html"
        },
        {
          "name": "FEDORA-2009-6982",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html"
        },
        {
          "name": "34991",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34991"
        },
        {
          "name": "MDVSA-2009:101",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101"
        },
        {
          "name": "MDVSA-2010:087",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
        },
        {
          "name": "SUSE-SR:2009:010",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
        },
        {
          "name": "35685",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35685"
        },
        {
          "name": "ADV-2009-1076",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/1076"
        },
        {
          "name": "34756",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34756"
        },
        {
          "name": "34291",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34291"
        },
        {
          "name": "34755",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34755"
        },
        {
          "name": "34852",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34852"
        },
        {
          "name": "SUSE-SR:2009:012",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
        },
        {
          "name": "FEDORA-2009-6973",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html"
        },
        {
          "name": "34959",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34959"
        },
        {
          "name": "34746",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34746"
        },
        {
          "name": "RHSA-2009:0429",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html"
        },
        {
          "name": "1022073",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1022073"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2009-1182",
    "datePublished": "2009-04-23T17:00:00",
    "dateReserved": "2009-03-31T00:00:00",
    "dateUpdated": "2024-08-07T05:04:49.234Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2008-1693 (GCVE-0-2008-1693)
Vulnerability from cvelistv5
Published
2008-04-18 15:00
Modified
2024-08-07 08:32
Severity ?
CWE
  • n/a
Summary
The CairoFont::create function in CairoFontEngine.cc in Poppler, possibly before 0.8.0, as used in Xpdf, Evince, ePDFview, KWord, and other applications, does not properly handle embedded fonts in PDF files, which allows remote attackers to execute arbitrary code via a crafted font object, related to dereferencing a function pointer associated with the type of this font object.
References
http://secunia.com/advisories/29869 third-party-advisory, x_refsource_SECUNIA
http://lists.opensuse.org/opensuse-security-announce/2008-05/msg00000.html vendor-advisory, x_refsource_SUSE
http://www.mandriva.com/security/advisories?name=MDVSA-2008:173 vendor-advisory, x_refsource_MANDRIVA
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11226 vdb-entry, signature, x_refsource_OVAL
http://www.vupen.com/english/advisories/2008/1265/references vdb-entry, x_refsource_VUPEN
http://www.mandriva.com/security/advisories?name=MDVSA-2008:089 vendor-advisory, x_refsource_MANDRIVA
http://secunia.com/advisories/29884 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/30019 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/29885 third-party-advisory, x_refsource_SECUNIA
http://securitytracker.com/id?1019893 vdb-entry, x_refsource_SECTRACK
http://www.securityfocus.com/bid/28830 vdb-entry, x_refsource_BID
http://secunia.com/advisories/29853 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/29851 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/29816 third-party-advisory, x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDVSA-2008:197 vendor-advisory, x_refsource_MANDRIVA
http://www.redhat.com/support/errata/RHSA-2008-0239.html vendor-advisory, x_refsource_REDHAT
http://www.debian.org/security/2008/dsa-1548 vendor-advisory, x_refsource_DEBIAN
http://www.debian.org/security/2008/dsa-1606 vendor-advisory, x_refsource_DEBIAN
http://www.redhat.com/support/errata/RHSA-2008-0240.html vendor-advisory, x_refsource_REDHAT
http://security.gentoo.org/glsa/glsa-200804-18.xml vendor-advisory, x_refsource_GENTOO
http://secunia.com/advisories/29868 third-party-advisory, x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2008/1266/references vdb-entry, x_refsource_VUPEN
http://www.redhat.com/support/errata/RHSA-2008-0262.html vendor-advisory, x_refsource_REDHAT
http://secunia.com/advisories/31035 third-party-advisory, x_refsource_SECUNIA
https://exchange.xforce.ibmcloud.com/vulnerabilities/41884 vdb-entry, x_refsource_XF
http://secunia.com/advisories/30033 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/29836 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/29834 third-party-advisory, x_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2008-0238.html vendor-advisory, x_refsource_REDHAT
https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00522.html vendor-advisory, x_refsource_FEDORA
http://www.ubuntu.com/usn/usn-603-2 vendor-advisory, x_refsource_UBUNTU
http://www.ubuntu.com/usn/usn-603-1 vendor-advisory, x_refsource_UBUNTU
http://www.novell.com/linux/security/advisories/2008_13_sr.html vendor-advisory, x_refsource_SUSE
http://secunia.com/advisories/30717 third-party-advisory, x_refsource_SECUNIA
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T08:32:01.237Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "29869",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29869"
          },
          {
            "name": "SUSE-SR:2008:011",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2008-05/msg00000.html"
          },
          {
            "name": "MDVSA-2008:173",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:173"
          },
          {
            "name": "oval:org.mitre.oval:def:11226",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11226"
          },
          {
            "name": "ADV-2008-1265",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/1265/references"
          },
          {
            "name": "MDVSA-2008:089",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:089"
          },
          {
            "name": "29884",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29884"
          },
          {
            "name": "30019",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/30019"
          },
          {
            "name": "29885",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29885"
          },
          {
            "name": "1019893",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1019893"
          },
          {
            "name": "28830",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/28830"
          },
          {
            "name": "29853",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29853"
          },
          {
            "name": "29851",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29851"
          },
          {
            "name": "29816",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29816"
          },
          {
            "name": "MDVSA-2008:197",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:197"
          },
          {
            "name": "RHSA-2008:0239",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2008-0239.html"
          },
          {
            "name": "DSA-1548",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2008/dsa-1548"
          },
          {
            "name": "DSA-1606",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2008/dsa-1606"
          },
          {
            "name": "RHSA-2008:0240",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2008-0240.html"
          },
          {
            "name": "GLSA-200804-18",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200804-18.xml"
          },
          {
            "name": "29868",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29868"
          },
          {
            "name": "ADV-2008-1266",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/1266/references"
          },
          {
            "name": "RHSA-2008:0262",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2008-0262.html"
          },
          {
            "name": "31035",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/31035"
          },
          {
            "name": "xpdf-pdf-code-execution(41884)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41884"
          },
          {
            "name": "30033",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/30033"
          },
          {
            "name": "29836",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29836"
          },
          {
            "name": "29834",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29834"
          },
          {
            "name": "RHSA-2008:0238",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2008-0238.html"
          },
          {
            "name": "FEDORA-2008-3312",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00522.html"
          },
          {
            "name": "USN-603-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/usn-603-2"
          },
          {
            "name": "USN-603-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/usn-603-1"
          },
          {
            "name": "SUSE-SR:2008:013",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2008_13_sr.html"
          },
          {
            "name": "30717",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/30717"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2008-04-17T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The CairoFont::create function in CairoFontEngine.cc in Poppler, possibly before 0.8.0, as used in Xpdf, Evince, ePDFview, KWord, and other applications, does not properly handle embedded fonts in PDF files, which allows remote attackers to execute arbitrary code via a crafted font object, related to dereferencing a function pointer associated with the type of this font object."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-28T12:57:01",
        "orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
        "shortName": "canonical"
      },
      "references": [
        {
          "name": "29869",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29869"
        },
        {
          "name": "SUSE-SR:2008:011",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2008-05/msg00000.html"
        },
        {
          "name": "MDVSA-2008:173",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:173"
        },
        {
          "name": "oval:org.mitre.oval:def:11226",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11226"
        },
        {
          "name": "ADV-2008-1265",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/1265/references"
        },
        {
          "name": "MDVSA-2008:089",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:089"
        },
        {
          "name": "29884",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29884"
        },
        {
          "name": "30019",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/30019"
        },
        {
          "name": "29885",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29885"
        },
        {
          "name": "1019893",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1019893"
        },
        {
          "name": "28830",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/28830"
        },
        {
          "name": "29853",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29853"
        },
        {
          "name": "29851",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29851"
        },
        {
          "name": "29816",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29816"
        },
        {
          "name": "MDVSA-2008:197",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:197"
        },
        {
          "name": "RHSA-2008:0239",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2008-0239.html"
        },
        {
          "name": "DSA-1548",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2008/dsa-1548"
        },
        {
          "name": "DSA-1606",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2008/dsa-1606"
        },
        {
          "name": "RHSA-2008:0240",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2008-0240.html"
        },
        {
          "name": "GLSA-200804-18",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200804-18.xml"
        },
        {
          "name": "29868",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29868"
        },
        {
          "name": "ADV-2008-1266",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/1266/references"
        },
        {
          "name": "RHSA-2008:0262",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2008-0262.html"
        },
        {
          "name": "31035",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/31035"
        },
        {
          "name": "xpdf-pdf-code-execution(41884)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41884"
        },
        {
          "name": "30033",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/30033"
        },
        {
          "name": "29836",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29836"
        },
        {
          "name": "29834",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29834"
        },
        {
          "name": "RHSA-2008:0238",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2008-0238.html"
        },
        {
          "name": "FEDORA-2008-3312",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00522.html"
        },
        {
          "name": "USN-603-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/usn-603-2"
        },
        {
          "name": "USN-603-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/usn-603-1"
        },
        {
          "name": "SUSE-SR:2008:013",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2008_13_sr.html"
        },
        {
          "name": "30717",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/30717"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@ubuntu.com",
          "ID": "CVE-2008-1693",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The CairoFont::create function in CairoFontEngine.cc in Poppler, possibly before 0.8.0, as used in Xpdf, Evince, ePDFview, KWord, and other applications, does not properly handle embedded fonts in PDF files, which allows remote attackers to execute arbitrary code via a crafted font object, related to dereferencing a function pointer associated with the type of this font object."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "29869",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/29869"
            },
            {
              "name": "SUSE-SR:2008:011",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2008-05/msg00000.html"
            },
            {
              "name": "MDVSA-2008:173",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:173"
            },
            {
              "name": "oval:org.mitre.oval:def:11226",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11226"
            },
            {
              "name": "ADV-2008-1265",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/1265/references"
            },
            {
              "name": "MDVSA-2008:089",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:089"
            },
            {
              "name": "29884",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/29884"
            },
            {
              "name": "30019",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/30019"
            },
            {
              "name": "29885",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/29885"
            },
            {
              "name": "1019893",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1019893"
            },
            {
              "name": "28830",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/28830"
            },
            {
              "name": "29853",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/29853"
            },
            {
              "name": "29851",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/29851"
            },
            {
              "name": "29816",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/29816"
            },
            {
              "name": "MDVSA-2008:197",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:197"
            },
            {
              "name": "RHSA-2008:0239",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2008-0239.html"
            },
            {
              "name": "DSA-1548",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2008/dsa-1548"
            },
            {
              "name": "DSA-1606",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2008/dsa-1606"
            },
            {
              "name": "RHSA-2008:0240",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2008-0240.html"
            },
            {
              "name": "GLSA-200804-18",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-200804-18.xml"
            },
            {
              "name": "29868",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/29868"
            },
            {
              "name": "ADV-2008-1266",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/1266/references"
            },
            {
              "name": "RHSA-2008:0262",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2008-0262.html"
            },
            {
              "name": "31035",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/31035"
            },
            {
              "name": "xpdf-pdf-code-execution(41884)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41884"
            },
            {
              "name": "30033",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/30033"
            },
            {
              "name": "29836",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/29836"
            },
            {
              "name": "29834",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/29834"
            },
            {
              "name": "RHSA-2008:0238",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2008-0238.html"
            },
            {
              "name": "FEDORA-2008-3312",
              "refsource": "FEDORA",
              "url": "https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00522.html"
            },
            {
              "name": "USN-603-2",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/usn-603-2"
            },
            {
              "name": "USN-603-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/usn-603-1"
            },
            {
              "name": "SUSE-SR:2008:013",
              "refsource": "SUSE",
              "url": "http://www.novell.com/linux/security/advisories/2008_13_sr.html"
            },
            {
              "name": "30717",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/30717"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
    "assignerShortName": "canonical",
    "cveId": "CVE-2008-1693",
    "datePublished": "2008-04-18T15:00:00",
    "dateReserved": "2008-04-08T00:00:00",
    "dateUpdated": "2024-08-07T08:32:01.237Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-52886 (GCVE-0-2025-52886)
Vulnerability from cvelistv5
Published
2025-07-02 15:46
Modified
2025-07-02 15:59
CWE
Summary
Poppler is a PDF rendering library. Versions prior to 25.06.0 use `std::atomic_int` for reference counting. Because `std::atomic_int` is only 32 bits, it is possible to overflow the reference count and trigger a use-after-free. Version 25.06.0 patches the issue.
Impacted products
Vendor Product Version
poppler poppler Version: < 25.06.0
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-52886",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-07-02T15:59:12.705717Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-02T15:59:16.924Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "poppler",
          "vendor": "poppler",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 25.06.0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Poppler is a PDF rendering library. Versions prior to 25.06.0 use `std::atomic_int` for reference counting. Because `std::atomic_int` is only 32 bits, it is possible to overflow the reference count and trigger a use-after-free. Version 25.06.0 patches the issue."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "LOCAL",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "NONE",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "NONE"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-416",
              "description": "CWE-416: Use After Free",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-02T15:46:49.733Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://securitylab.github.com/advisories/GHSL-2025-054_poppler/",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://securitylab.github.com/advisories/GHSL-2025-054_poppler/"
        },
        {
          "name": "https://gitlab.freedesktop.org/poppler/poppler/-/commit/04bd91684ed41d67ae0f10cde0660e4ed74ac203",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://gitlab.freedesktop.org/poppler/poppler/-/commit/04bd91684ed41d67ae0f10cde0660e4ed74ac203"
        },
        {
          "name": "https://gitlab.freedesktop.org/poppler/poppler/-/commit/ac36affcc8486de38e8905a8d6547a3464ff46e5",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://gitlab.freedesktop.org/poppler/poppler/-/commit/ac36affcc8486de38e8905a8d6547a3464ff46e5"
        },
        {
          "name": "https://gitlab.freedesktop.org/poppler/poppler/-/issues/1581",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://gitlab.freedesktop.org/poppler/poppler/-/issues/1581"
        },
        {
          "name": "https://gitlab.freedesktop.org/poppler/poppler/-/merge_requests/1828",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://gitlab.freedesktop.org/poppler/poppler/-/merge_requests/1828"
        }
      ],
      "source": {
        "advisory": "GHSA-922r-mhj4-78rc",
        "discovery": "UNKNOWN"
      },
      "title": "Poppler Use After Free Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2025-52886",
    "datePublished": "2025-07-02T15:46:49.733Z",
    "dateReserved": "2025-06-20T17:42:25.708Z",
    "dateUpdated": "2025-07-02T15:59:16.924Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2009-3609 (GCVE-0-2009-3609)
Vulnerability from cvelistv5
Published
2009-10-21 17:00
Modified
2024-08-07 06:31
Severity ?
CWE
  • n/a
Summary
Integer overflow in the ImageStream::ImageStream function in Stream.cc in Xpdf before 3.02pl4 and Poppler before 0.12.1, as used in GPdf, kdegraphics KPDF, and CUPS pdftops, allows remote attackers to cause a denial of service (application crash) via a crafted PDF document that triggers a NULL pointer dereference or buffer over-read.
References
http://secunia.com/advisories/39938 third-party-advisory, x_refsource_SECUNIA
https://rhn.redhat.com/errata/RHSA-2009-1504.html vendor-advisory, x_refsource_REDHAT
ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl4.patch x_refsource_CONFIRM
http://www.mandriva.com/security/advisories?name=MDVSA-2009:287 vendor-advisory, x_refsource_MANDRIVA
http://secunia.com/advisories/37028 third-party-advisory, x_refsource_SECUNIA
http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035408.html vendor-advisory, x_refsource_FEDORA
https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00750.html vendor-advisory, x_refsource_FEDORA
http://poppler.freedesktop.org/ x_refsource_CONFIRM
https://rhn.redhat.com/errata/RHSA-2009-1501.html vendor-advisory, x_refsource_REDHAT
http://secunia.com/advisories/37079 third-party-advisory, x_refsource_SECUNIA
http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html vendor-advisory, x_refsource_SUSE
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8134 vdb-entry, signature, x_refsource_OVAL
http://www.debian.org/security/2010/dsa-2028 vendor-advisory, x_refsource_DEBIAN
http://www.debian.org/security/2010/dsa-2050 vendor-advisory, x_refsource_DEBIAN
http://secunia.com/advisories/37159 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/37054 third-party-advisory, x_refsource_SECUNIA
http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035340.html vendor-advisory, x_refsource_FEDORA
http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1 vendor-advisory, x_refsource_SUNALERT
https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00784.html vendor-advisory, x_refsource_FEDORA
https://rhn.redhat.com/errata/RHSA-2009-1512.html vendor-advisory, x_refsource_REDHAT
http://secunia.com/advisories/37114 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/37077 third-party-advisory, x_refsource_SECUNIA
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11043 vdb-entry, signature, x_refsource_OVAL
http://securitytracker.com/id?1023029 vdb-entry, x_refsource_SECTRACK
https://rhn.redhat.com/errata/RHSA-2009-1503.html vendor-advisory, x_refsource_REDHAT
http://www.vupen.com/english/advisories/2009/2926 vdb-entry, x_refsource_VUPEN
http://www.mandriva.com/security/advisories?name=MDVSA-2011:175 vendor-advisory, x_refsource_MANDRIVA
https://bugzilla.redhat.com/show_bug.cgi?id=526893 x_refsource_CONFIRM
https://exchange.xforce.ibmcloud.com/vulnerabilities/53800 vdb-entry, x_refsource_XF
http://secunia.com/advisories/37037 third-party-advisory, x_refsource_SECUNIA
http://www.ubuntu.com/usn/USN-850-3 vendor-advisory, x_refsource_UBUNTU
http://www.vupen.com/english/advisories/2010/0802 vdb-entry, x_refsource_VUPEN
https://rhn.redhat.com/errata/RHSA-2009-1502.html vendor-advisory, x_refsource_REDHAT
http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035399.html vendor-advisory, x_refsource_FEDORA
https://rhn.redhat.com/errata/RHSA-2009-1500.html vendor-advisory, x_refsource_REDHAT
http://www.vupen.com/english/advisories/2009/2928 vdb-entry, x_refsource_VUPEN
https://rhn.redhat.com/errata/RHSA-2009-1513.html vendor-advisory, x_refsource_REDHAT
http://secunia.com/advisories/37034 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/37023 third-party-advisory, x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2009/2924 vdb-entry, x_refsource_VUPEN
http://secunia.com/advisories/37051 third-party-advisory, x_refsource_SECUNIA
http://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1 vendor-advisory, x_refsource_SUNALERT
http://www.vupen.com/english/advisories/2010/1220 vdb-entry, x_refsource_VUPEN
http://www.ubuntu.com/usn/USN-850-1 vendor-advisory, x_refsource_UBUNTU
http://secunia.com/advisories/37061 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/39327 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/37043 third-party-advisory, x_refsource_SECUNIA
http://www.securityfocus.com/bid/36703 vdb-entry, x_refsource_BID
http://www.vupen.com/english/advisories/2009/2925 vdb-entry, x_refsource_VUPEN
http://www.redhat.com/support/errata/RHSA-2010-0755.html vendor-advisory, x_refsource_REDHAT
http://www.mandriva.com/security/advisories?name=MDVSA-2009:334 vendor-advisory, x_refsource_MANDRIVA
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T06:31:10.540Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "39938",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/39938"
          },
          {
            "name": "RHSA-2009:1504",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://rhn.redhat.com/errata/RHSA-2009-1504.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl4.patch"
          },
          {
            "name": "MDVSA-2009:287",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:287"
          },
          {
            "name": "37028",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/37028"
          },
          {
            "name": "FEDORA-2010-1377",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035408.html"
          },
          {
            "name": "FEDORA-2009-10823",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00750.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://poppler.freedesktop.org/"
          },
          {
            "name": "RHSA-2009:1501",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://rhn.redhat.com/errata/RHSA-2009-1501.html"
          },
          {
            "name": "37079",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/37079"
          },
          {
            "name": "SUSE-SR:2009:018",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html"
          },
          {
            "name": "oval:org.mitre.oval:def:8134",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8134"
          },
          {
            "name": "DSA-2028",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2010/dsa-2028"
          },
          {
            "name": "DSA-2050",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2010/dsa-2050"
          },
          {
            "name": "37159",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/37159"
          },
          {
            "name": "37054",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/37054"
          },
          {
            "name": "FEDORA-2010-1805",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035340.html"
          },
          {
            "name": "1021706",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1"
          },
          {
            "name": "FEDORA-2009-10845",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00784.html"
          },
          {
            "name": "RHSA-2009:1512",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://rhn.redhat.com/errata/RHSA-2009-1512.html"
          },
          {
            "name": "37114",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/37114"
          },
          {
            "name": "37077",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/37077"
          },
          {
            "name": "oval:org.mitre.oval:def:11043",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11043"
          },
          {
            "name": "1023029",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1023029"
          },
          {
            "name": "RHSA-2009:1503",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://rhn.redhat.com/errata/RHSA-2009-1503.html"
          },
          {
            "name": "ADV-2009-2926",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/2926"
          },
          {
            "name": "MDVSA-2011:175",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=526893"
          },
          {
            "name": "xpdf-imagestream-dos(53800)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53800"
          },
          {
            "name": "37037",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/37037"
          },
          {
            "name": "USN-850-3",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-850-3"
          },
          {
            "name": "ADV-2010-0802",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/0802"
          },
          {
            "name": "RHSA-2009:1502",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://rhn.redhat.com/errata/RHSA-2009-1502.html"
          },
          {
            "name": "FEDORA-2010-1842",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035399.html"
          },
          {
            "name": "RHSA-2009:1500",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://rhn.redhat.com/errata/RHSA-2009-1500.html"
          },
          {
            "name": "ADV-2009-2928",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/2928"
          },
          {
            "name": "RHSA-2009:1513",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://rhn.redhat.com/errata/RHSA-2009-1513.html"
          },
          {
            "name": "37034",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/37034"
          },
          {
            "name": "37023",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/37023"
          },
          {
            "name": "ADV-2009-2924",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/2924"
          },
          {
            "name": "37051",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/37051"
          },
          {
            "name": "274030",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1"
          },
          {
            "name": "ADV-2010-1220",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/1220"
          },
          {
            "name": "USN-850-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-850-1"
          },
          {
            "name": "37061",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/37061"
          },
          {
            "name": "39327",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/39327"
          },
          {
            "name": "37043",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/37043"
          },
          {
            "name": "36703",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/36703"
          },
          {
            "name": "ADV-2009-2925",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/2925"
          },
          {
            "name": "RHSA-2010:0755",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2010-0755.html"
          },
          {
            "name": "MDVSA-2009:334",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:334"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-10-15T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Integer overflow in the ImageStream::ImageStream function in Stream.cc in Xpdf before 3.02pl4 and Poppler before 0.12.1, as used in GPdf, kdegraphics KPDF, and CUPS pdftops, allows remote attackers to cause a denial of service (application crash) via a crafted PDF document that triggers a NULL pointer dereference or buffer over-read."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-18T12:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "39938",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/39938"
        },
        {
          "name": "RHSA-2009:1504",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://rhn.redhat.com/errata/RHSA-2009-1504.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl4.patch"
        },
        {
          "name": "MDVSA-2009:287",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:287"
        },
        {
          "name": "37028",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/37028"
        },
        {
          "name": "FEDORA-2010-1377",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035408.html"
        },
        {
          "name": "FEDORA-2009-10823",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00750.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://poppler.freedesktop.org/"
        },
        {
          "name": "RHSA-2009:1501",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://rhn.redhat.com/errata/RHSA-2009-1501.html"
        },
        {
          "name": "37079",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/37079"
        },
        {
          "name": "SUSE-SR:2009:018",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html"
        },
        {
          "name": "oval:org.mitre.oval:def:8134",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8134"
        },
        {
          "name": "DSA-2028",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2010/dsa-2028"
        },
        {
          "name": "DSA-2050",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2010/dsa-2050"
        },
        {
          "name": "37159",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/37159"
        },
        {
          "name": "37054",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/37054"
        },
        {
          "name": "FEDORA-2010-1805",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035340.html"
        },
        {
          "name": "1021706",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1"
        },
        {
          "name": "FEDORA-2009-10845",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00784.html"
        },
        {
          "name": "RHSA-2009:1512",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://rhn.redhat.com/errata/RHSA-2009-1512.html"
        },
        {
          "name": "37114",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/37114"
        },
        {
          "name": "37077",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/37077"
        },
        {
          "name": "oval:org.mitre.oval:def:11043",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11043"
        },
        {
          "name": "1023029",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1023029"
        },
        {
          "name": "RHSA-2009:1503",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://rhn.redhat.com/errata/RHSA-2009-1503.html"
        },
        {
          "name": "ADV-2009-2926",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/2926"
        },
        {
          "name": "MDVSA-2011:175",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=526893"
        },
        {
          "name": "xpdf-imagestream-dos(53800)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53800"
        },
        {
          "name": "37037",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/37037"
        },
        {
          "name": "USN-850-3",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-850-3"
        },
        {
          "name": "ADV-2010-0802",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/0802"
        },
        {
          "name": "RHSA-2009:1502",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://rhn.redhat.com/errata/RHSA-2009-1502.html"
        },
        {
          "name": "FEDORA-2010-1842",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035399.html"
        },
        {
          "name": "RHSA-2009:1500",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://rhn.redhat.com/errata/RHSA-2009-1500.html"
        },
        {
          "name": "ADV-2009-2928",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/2928"
        },
        {
          "name": "RHSA-2009:1513",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://rhn.redhat.com/errata/RHSA-2009-1513.html"
        },
        {
          "name": "37034",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/37034"
        },
        {
          "name": "37023",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/37023"
        },
        {
          "name": "ADV-2009-2924",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/2924"
        },
        {
          "name": "37051",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/37051"
        },
        {
          "name": "274030",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1"
        },
        {
          "name": "ADV-2010-1220",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/1220"
        },
        {
          "name": "USN-850-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-850-1"
        },
        {
          "name": "37061",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/37061"
        },
        {
          "name": "39327",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/39327"
        },
        {
          "name": "37043",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/37043"
        },
        {
          "name": "36703",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/36703"
        },
        {
          "name": "ADV-2009-2925",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/2925"
        },
        {
          "name": "RHSA-2010:0755",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2010-0755.html"
        },
        {
          "name": "MDVSA-2009:334",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:334"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2009-3609",
    "datePublished": "2009-10-21T17:00:00",
    "dateReserved": "2009-10-09T00:00:00",
    "dateUpdated": "2024-08-07T06:31:10.540Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2017-7511 (GCVE-0-2017-7511)
Vulnerability from cvelistv5
Published
2017-05-30 18:00
Modified
2024-08-05 16:04
Severity ?
CWE
Summary
poppler since version 0.17.3 has been vulnerable to NULL pointer dereference in pdfunite triggered by specially crafted documents.
Impacted products
Vendor Product Version
Poppler poppler Version: since 0.17.3
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T16:04:11.847Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "GLSA-201801-17",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201801-17"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cgit.freedesktop.org/poppler/poppler/commit/?id=5c9b08a875b07853be6c44e43ff5f7f059df666a"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "poppler",
          "vendor": "Poppler",
          "versions": [
            {
              "status": "affected",
              "version": "since 0.17.3"
            }
          ]
        }
      ],
      "datePublic": "2017-05-26T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "poppler since version 0.17.3 has been vulnerable to NULL pointer dereference in pdfunite triggered by specially crafted documents."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-476",
              "description": "CWE-476",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-01-18T10:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "GLSA-201801-17",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201801-17"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cgit.freedesktop.org/poppler/poppler/commit/?id=5c9b08a875b07853be6c44e43ff5f7f059df666a"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2017-7511",
    "datePublished": "2017-05-30T18:00:00",
    "dateReserved": "2017-04-05T00:00:00",
    "dateUpdated": "2024-08-05T16:04:11.847Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2005-3624 (GCVE-0-2005-3624)
Vulnerability from cvelistv5
Published
2006-01-06 22:00
Modified
2024-08-07 23:17
Severity ?
CWE
  • n/a
Summary
The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows.
References
http://www.securityfocus.com/bid/16143 vdb-entry, x_refsource_BID
http://www.debian.org/security/2005/dsa-932 vendor-advisory, x_refsource_DEBIAN
http://secunia.com/advisories/18349 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18147 third-party-advisory, x_refsource_SECUNIA
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt vendor-advisory, x_refsource_SCO
http://scary.beasts.org/security/CESA-2005-003.txt x_refsource_MISC
http://www.kde.org/info/security/advisory-20051207-2.txt x_refsource_CONFIRM
http://secunia.com/advisories/18679 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18312 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18644 third-party-advisory, x_refsource_SECUNIA
https://usn.ubuntu.com/236-1/ vendor-advisory, x_refsource_UBUNTU
http://secunia.com/advisories/18425 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18373 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18303 third-party-advisory, x_refsource_SECUNIA
http://www.debian.org/security/2005/dsa-931 vendor-advisory, x_refsource_DEBIAN
http://secunia.com/advisories/18554 third-party-advisory, x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDKSA-2006:003 vendor-advisory, x_refsource_MANDRIVA
http://secunia.com/advisories/19230 third-party-advisory, x_refsource_SECUNIA
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1 vendor-advisory, x_refsource_SUNALERT
http://www.mandriva.com/security/advisories?name=MDKSA-2006:012 vendor-advisory, x_refsource_MANDRIVA
http://www.debian.org/security/2006/dsa-962 vendor-advisory, x_refsource_DEBIAN
http://www.redhat.com/support/errata/RHSA-2006-0163.html vendor-advisory, x_refsource_REDHAT
http://www.debian.org/security/2005/dsa-937 vendor-advisory, x_refsource_DEBIAN
http://secunia.com/advisories/18398 third-party-advisory, x_refsource_SECUNIA
http://www.securityfocus.com/archive/1/427053/100/0/threaded vendor-advisory, x_refsource_FEDORA
http://www.trustix.org/errata/2006/0002/ vendor-advisory, x_refsource_TRUSTIX
http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html vendor-advisory, x_refsource_SUSE
http://www.debian.org/security/2006/dsa-936 vendor-advisory, x_refsource_DEBIAN
http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html vendor-advisory, x_refsource_FEDORA
http://secunia.com/advisories/18329 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18463 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18642 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18674 third-party-advisory, x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDKSA-2006:005 vendor-advisory, x_refsource_MANDRIVA
http://secunia.com/advisories/18313 third-party-advisory, x_refsource_SECUNIA
ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U vendor-advisory, x_refsource_SGI
ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U vendor-advisory, x_refsource_SGI
http://secunia.com/advisories/18448 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18436 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18428 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18380 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18423 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18416 third-party-advisory, x_refsource_SECUNIA
http://rhn.redhat.com/errata/RHSA-2006-0177.html vendor-advisory, x_refsource_REDHAT
http://www.vupen.com/english/advisories/2007/2280 vdb-entry, x_refsource_VUPEN
http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml vendor-advisory, x_refsource_GENTOO
http://secunia.com/advisories/18407 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18332 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18517 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18582 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18534 third-party-advisory, x_refsource_SECUNIA
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683 vendor-advisory, x_refsource_SLACKWARE
http://secunia.com/advisories/18908 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/25729 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18414 third-party-advisory, x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDKSA-2006:006 vendor-advisory, x_refsource_MANDRIVA
http://secunia.com/advisories/18338 third-party-advisory, x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDKSA-2006:008 vendor-advisory, x_refsource_MANDRIVA
ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U vendor-advisory, x_refsource_SGI
http://www.redhat.com/support/errata/RHSA-2006-0160.html vendor-advisory, x_refsource_REDHAT
http://www.mandriva.com/security/advisories?name=MDKSA-2006:010 vendor-advisory, x_refsource_MANDRAKE
http://www.debian.org/security/2005/dsa-940 vendor-advisory, x_refsource_DEBIAN
http://www.mandriva.com/security/advisories?name=MDKSA-2006:004 vendor-advisory, x_refsource_MANDRIVA
http://www.vupen.com/english/advisories/2006/0047 vdb-entry, x_refsource_VUPEN
http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml vendor-advisory, x_refsource_GENTOO
https://exchange.xforce.ibmcloud.com/vulnerabilities/24022 vdb-entry, x_refsource_XF
http://secunia.com/advisories/18389 third-party-advisory, x_refsource_SECUNIA
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9437 vdb-entry, signature, x_refsource_OVAL
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747 vendor-advisory, x_refsource_SLACKWARE
http://secunia.com/advisories/19377 third-party-advisory, x_refsource_SECUNIA
http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html vendor-advisory, x_refsource_FEDORA
http://www.securityfocus.com/archive/1/427990/100/0/threaded vendor-advisory, x_refsource_FEDORA
http://www.debian.org/security/2006/dsa-961 vendor-advisory, x_refsource_DEBIAN
http://secunia.com/advisories/18675 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18913 third-party-advisory, x_refsource_SECUNIA
http://www.debian.org/security/2005/dsa-938 vendor-advisory, x_refsource_DEBIAN
http://secunia.com/advisories/18334 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18375 third-party-advisory, x_refsource_SECUNIA
http://www.debian.org/security/2006/dsa-950 vendor-advisory, x_refsource_DEBIAN
http://secunia.com/advisories/18387 third-party-advisory, x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDKSA-2006:011 vendor-advisory, x_refsource_MANDRIVA
http://secunia.com/advisories/18385 third-party-advisory, x_refsource_SECUNIA
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T23:17:23.457Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "16143",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/16143"
          },
          {
            "name": "DSA-932",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2005/dsa-932"
          },
          {
            "name": "18349",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18349"
          },
          {
            "name": "18147",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18147"
          },
          {
            "name": "SCOSA-2006.15",
            "tags": [
              "vendor-advisory",
              "x_refsource_SCO",
              "x_transferred"
            ],
            "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://scary.beasts.org/security/CESA-2005-003.txt"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.kde.org/info/security/advisory-20051207-2.txt"
          },
          {
            "name": "18679",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18679"
          },
          {
            "name": "18312",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18312"
          },
          {
            "name": "18644",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18644"
          },
          {
            "name": "USN-236-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/236-1/"
          },
          {
            "name": "18425",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18425"
          },
          {
            "name": "18373",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18373"
          },
          {
            "name": "18303",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18303"
          },
          {
            "name": "DSA-931",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2005/dsa-931"
          },
          {
            "name": "18554",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18554"
          },
          {
            "name": "MDKSA-2006:003",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003"
          },
          {
            "name": "19230",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/19230"
          },
          {
            "name": "102972",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1"
          },
          {
            "name": "MDKSA-2006:012",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012"
          },
          {
            "name": "DSA-962",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-962"
          },
          {
            "name": "RHSA-2006:0163",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html"
          },
          {
            "name": "DSA-937",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2005/dsa-937"
          },
          {
            "name": "18398",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18398"
          },
          {
            "name": "FLSA-2006:176751",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded"
          },
          {
            "name": "2006-0002",
            "tags": [
              "vendor-advisory",
              "x_refsource_TRUSTIX",
              "x_transferred"
            ],
            "url": "http://www.trustix.org/errata/2006/0002/"
          },
          {
            "name": "SUSE-SA:2006:001",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html"
          },
          {
            "name": "DSA-936",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-936"
          },
          {
            "name": "FEDORA-2005-026",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html"
          },
          {
            "name": "18329",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18329"
          },
          {
            "name": "18463",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18463"
          },
          {
            "name": "18642",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18642"
          },
          {
            "name": "18674",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18674"
          },
          {
            "name": "MDKSA-2006:005",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005"
          },
          {
            "name": "18313",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18313"
          },
          {
            "name": "20051201-01-U",
            "tags": [
              "vendor-advisory",
              "x_refsource_SGI",
              "x_transferred"
            ],
            "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U"
          },
          {
            "name": "20060101-01-U",
            "tags": [
              "vendor-advisory",
              "x_refsource_SGI",
              "x_transferred"
            ],
            "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U"
          },
          {
            "name": "18448",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18448"
          },
          {
            "name": "18436",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18436"
          },
          {
            "name": "18428",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18428"
          },
          {
            "name": "18380",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18380"
          },
          {
            "name": "18423",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18423"
          },
          {
            "name": "18416",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18416"
          },
          {
            "name": "RHSA-2006:0177",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html"
          },
          {
            "name": "ADV-2007-2280",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/2280"
          },
          {
            "name": "GLSA-200601-02",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml"
          },
          {
            "name": "18407",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18407"
          },
          {
            "name": "18332",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18332"
          },
          {
            "name": "18517",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18517"
          },
          {
            "name": "18582",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18582"
          },
          {
            "name": "18534",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18534"
          },
          {
            "name": "SSA:2006-045-09",
            "tags": [
              "vendor-advisory",
              "x_refsource_SLACKWARE",
              "x_transferred"
            ],
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683"
          },
          {
            "name": "18908",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18908"
          },
          {
            "name": "25729",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25729"
          },
          {
            "name": "18414",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18414"
          },
          {
            "name": "MDKSA-2006:006",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006"
          },
          {
            "name": "18338",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18338"
          },
          {
            "name": "MDKSA-2006:008",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008"
          },
          {
            "name": "20060201-01-U",
            "tags": [
              "vendor-advisory",
              "x_refsource_SGI",
              "x_transferred"
            ],
            "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U"
          },
          {
            "name": "RHSA-2006:0160",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html"
          },
          {
            "name": "MDKSA-2006:010",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010"
          },
          {
            "name": "DSA-940",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2005/dsa-940"
          },
          {
            "name": "MDKSA-2006:004",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004"
          },
          {
            "name": "ADV-2006-0047",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/0047"
          },
          {
            "name": "GLSA-200601-17",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml"
          },
          {
            "name": "xpdf-ccitt-faxstream-bo(24022)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24022"
          },
          {
            "name": "18389",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18389"
          },
          {
            "name": "oval:org.mitre.oval:def:9437",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9437"
          },
          {
            "name": "SSA:2006-045-04",
            "tags": [
              "vendor-advisory",
              "x_refsource_SLACKWARE",
              "x_transferred"
            ],
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747"
          },
          {
            "name": "19377",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/19377"
          },
          {
            "name": "FEDORA-2005-025",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html"
          },
          {
            "name": "FLSA:175404",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded"
          },
          {
            "name": "DSA-961",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-961"
          },
          {
            "name": "18675",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18675"
          },
          {
            "name": "18913",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18913"
          },
          {
            "name": "DSA-938",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2005/dsa-938"
          },
          {
            "name": "18334",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18334"
          },
          {
            "name": "18375",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18375"
          },
          {
            "name": "DSA-950",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-950"
          },
          {
            "name": "18387",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18387"
          },
          {
            "name": "MDKSA-2006:011",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011"
          },
          {
            "name": "18385",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18385"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-01-06T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-19T14:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "16143",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/16143"
        },
        {
          "name": "DSA-932",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2005/dsa-932"
        },
        {
          "name": "18349",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18349"
        },
        {
          "name": "18147",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18147"
        },
        {
          "name": "SCOSA-2006.15",
          "tags": [
            "vendor-advisory",
            "x_refsource_SCO"
          ],
          "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://scary.beasts.org/security/CESA-2005-003.txt"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.kde.org/info/security/advisory-20051207-2.txt"
        },
        {
          "name": "18679",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18679"
        },
        {
          "name": "18312",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18312"
        },
        {
          "name": "18644",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18644"
        },
        {
          "name": "USN-236-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/236-1/"
        },
        {
          "name": "18425",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18425"
        },
        {
          "name": "18373",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18373"
        },
        {
          "name": "18303",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18303"
        },
        {
          "name": "DSA-931",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2005/dsa-931"
        },
        {
          "name": "18554",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18554"
        },
        {
          "name": "MDKSA-2006:003",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003"
        },
        {
          "name": "19230",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/19230"
        },
        {
          "name": "102972",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1"
        },
        {
          "name": "MDKSA-2006:012",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012"
        },
        {
          "name": "DSA-962",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-962"
        },
        {
          "name": "RHSA-2006:0163",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html"
        },
        {
          "name": "DSA-937",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2005/dsa-937"
        },
        {
          "name": "18398",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18398"
        },
        {
          "name": "FLSA-2006:176751",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded"
        },
        {
          "name": "2006-0002",
          "tags": [
            "vendor-advisory",
            "x_refsource_TRUSTIX"
          ],
          "url": "http://www.trustix.org/errata/2006/0002/"
        },
        {
          "name": "SUSE-SA:2006:001",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html"
        },
        {
          "name": "DSA-936",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-936"
        },
        {
          "name": "FEDORA-2005-026",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html"
        },
        {
          "name": "18329",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18329"
        },
        {
          "name": "18463",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18463"
        },
        {
          "name": "18642",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18642"
        },
        {
          "name": "18674",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18674"
        },
        {
          "name": "MDKSA-2006:005",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005"
        },
        {
          "name": "18313",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18313"
        },
        {
          "name": "20051201-01-U",
          "tags": [
            "vendor-advisory",
            "x_refsource_SGI"
          ],
          "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U"
        },
        {
          "name": "20060101-01-U",
          "tags": [
            "vendor-advisory",
            "x_refsource_SGI"
          ],
          "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U"
        },
        {
          "name": "18448",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18448"
        },
        {
          "name": "18436",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18436"
        },
        {
          "name": "18428",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18428"
        },
        {
          "name": "18380",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18380"
        },
        {
          "name": "18423",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18423"
        },
        {
          "name": "18416",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18416"
        },
        {
          "name": "RHSA-2006:0177",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html"
        },
        {
          "name": "ADV-2007-2280",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/2280"
        },
        {
          "name": "GLSA-200601-02",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml"
        },
        {
          "name": "18407",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18407"
        },
        {
          "name": "18332",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18332"
        },
        {
          "name": "18517",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18517"
        },
        {
          "name": "18582",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18582"
        },
        {
          "name": "18534",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18534"
        },
        {
          "name": "SSA:2006-045-09",
          "tags": [
            "vendor-advisory",
            "x_refsource_SLACKWARE"
          ],
          "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683"
        },
        {
          "name": "18908",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18908"
        },
        {
          "name": "25729",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25729"
        },
        {
          "name": "18414",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18414"
        },
        {
          "name": "MDKSA-2006:006",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006"
        },
        {
          "name": "18338",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18338"
        },
        {
          "name": "MDKSA-2006:008",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008"
        },
        {
          "name": "20060201-01-U",
          "tags": [
            "vendor-advisory",
            "x_refsource_SGI"
          ],
          "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U"
        },
        {
          "name": "RHSA-2006:0160",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html"
        },
        {
          "name": "MDKSA-2006:010",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010"
        },
        {
          "name": "DSA-940",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2005/dsa-940"
        },
        {
          "name": "MDKSA-2006:004",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004"
        },
        {
          "name": "ADV-2006-0047",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/0047"
        },
        {
          "name": "GLSA-200601-17",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml"
        },
        {
          "name": "xpdf-ccitt-faxstream-bo(24022)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24022"
        },
        {
          "name": "18389",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18389"
        },
        {
          "name": "oval:org.mitre.oval:def:9437",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9437"
        },
        {
          "name": "SSA:2006-045-04",
          "tags": [
            "vendor-advisory",
            "x_refsource_SLACKWARE"
          ],
          "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747"
        },
        {
          "name": "19377",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/19377"
        },
        {
          "name": "FEDORA-2005-025",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html"
        },
        {
          "name": "FLSA:175404",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded"
        },
        {
          "name": "DSA-961",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-961"
        },
        {
          "name": "18675",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18675"
        },
        {
          "name": "18913",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18913"
        },
        {
          "name": "DSA-938",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2005/dsa-938"
        },
        {
          "name": "18334",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18334"
        },
        {
          "name": "18375",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18375"
        },
        {
          "name": "DSA-950",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-950"
        },
        {
          "name": "18387",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18387"
        },
        {
          "name": "MDKSA-2006:011",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011"
        },
        {
          "name": "18385",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18385"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2005-3624",
    "datePublished": "2006-01-06T22:00:00",
    "dateReserved": "2005-11-16T00:00:00",
    "dateUpdated": "2024-08-07T23:17:23.457Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2010-3703 (GCVE-0-2010-3703)
Vulnerability from cvelistv5
Published
2010-11-05 17:00
Modified
2024-08-07 03:18
Severity ?
CWE
  • n/a
Summary
The PostScriptFunction::PostScriptFunction function in poppler/Function.cc in the PDF parser in poppler 0.8.7 and possibly other versions up to 0.15.1, and possibly other products, allows context-dependent attackers to cause a denial of service (crash) via a PDF file that triggers an uninitialized pointer dereference.
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T03:18:52.924Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "[oss-security] 20101004 Re: CVE requests: Poppler, Quassel, Pyfribidi, Overkill, DocUtils, FireGPG, Wireshark",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2010/10/04/6"
          },
          {
            "name": "FEDORA-2010-15857",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049392.html"
          },
          {
            "name": "RHSA-2010:0859",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2010-0859.html"
          },
          {
            "name": "42357",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/42357"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=639356"
          },
          {
            "name": "MDVSA-2010:231",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:231"
          },
          {
            "name": "SSA:2010-324-01",
            "tags": [
              "vendor-advisory",
              "x_refsource_SLACKWARE",
              "x_transferred"
            ],
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2010\u0026m=slackware-security.571720"
          },
          {
            "name": "FEDORA-2010-15911",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049523.html"
          },
          {
            "name": "USN-1005-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-1005-1"
          },
          {
            "name": "FEDORA-2010-15981",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049545.html"
          },
          {
            "name": "SUSE-SR:2010:024",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=bf2055088a3a2d3bb3d3c37d464954ec1a25771f"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2010-10-01T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The PostScriptFunction::PostScriptFunction function in poppler/Function.cc in the PDF parser in poppler 0.8.7 and possibly other versions up to 0.15.1, and possibly other products, allows context-dependent attackers to cause a denial of service (crash) via a PDF file that triggers an uninitialized pointer dereference."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2010-12-07T10:00:00",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "[oss-security] 20101004 Re: CVE requests: Poppler, Quassel, Pyfribidi, Overkill, DocUtils, FireGPG, Wireshark",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2010/10/04/6"
        },
        {
          "name": "FEDORA-2010-15857",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049392.html"
        },
        {
          "name": "RHSA-2010:0859",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2010-0859.html"
        },
        {
          "name": "42357",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/42357"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=639356"
        },
        {
          "name": "MDVSA-2010:231",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:231"
        },
        {
          "name": "SSA:2010-324-01",
          "tags": [
            "vendor-advisory",
            "x_refsource_SLACKWARE"
          ],
          "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2010\u0026m=slackware-security.571720"
        },
        {
          "name": "FEDORA-2010-15911",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049523.html"
        },
        {
          "name": "USN-1005-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-1005-1"
        },
        {
          "name": "FEDORA-2010-15981",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049545.html"
        },
        {
          "name": "SUSE-SR:2010:024",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=bf2055088a3a2d3bb3d3c37d464954ec1a25771f"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2010-3703",
    "datePublished": "2010-11-05T17:00:00",
    "dateReserved": "2010-10-01T00:00:00",
    "dateUpdated": "2024-08-07T03:18:52.924Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2010-3704 (GCVE-0-2010-3704)
Vulnerability from cvelistv5
Published
2010-11-05 17:00
Modified
2024-08-07 03:18
Severity ?
CWE
  • n/a
Summary
The FoFiType1::parse function in fofi/FoFiType1.cc in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, kdegraphics, and possibly other products allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a PDF file with a crafted PostScript Type1 font that contains a negative array index, which bypasses input validation and triggers memory corruption.
References
http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050285.html vendor-advisory, x_refsource_FEDORA
http://www.openwall.com/lists/oss-security/2010/10/04/6 mailing-list, x_refsource_MLIST
http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049392.html vendor-advisory, x_refsource_FEDORA
http://www.redhat.com/support/errata/RHSA-2010-0859.html vendor-advisory, x_refsource_REDHAT
http://secunia.com/advisories/42357 third-party-advisory, x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDVSA-2010:228 vendor-advisory, x_refsource_MANDRIVA
http://www.vupen.com/english/advisories/2011/0230 vdb-entry, x_refsource_VUPEN
http://www.redhat.com/support/errata/RHSA-2010-0752.html vendor-advisory, x_refsource_REDHAT
http://www.openoffice.org/security/cves/CVE-2010-3702_CVE-2010-3704.html x_refsource_CONFIRM
https://bugzilla.redhat.com/show_bug.cgi?id=638960 x_refsource_CONFIRM
http://www.mandriva.com/security/advisories?name=MDVSA-2010:230 vendor-advisory, x_refsource_MANDRIVA
http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00006.html vendor-advisory, x_refsource_SUSE
http://cgit.freedesktop.org/poppler/poppler/commit/?id=39d140bfc0b8239bdd96d6a55842034ae5c05473 x_refsource_CONFIRM
ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl5.patch x_refsource_CONFIRM
http://rhn.redhat.com/errata/RHSA-2012-1201.html vendor-advisory, x_refsource_REDHAT
http://www.mandriva.com/security/advisories?name=MDVSA-2010:231 vendor-advisory, x_refsource_MANDRIVA
http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050390.html vendor-advisory, x_refsource_FEDORA
http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.571720 vendor-advisory, x_refsource_SLACKWARE
http://www.redhat.com/support/errata/RHSA-2010-0751.html vendor-advisory, x_refsource_REDHAT
http://secunia.com/advisories/42397 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/42141 third-party-advisory, x_refsource_SECUNIA
http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049523.html vendor-advisory, x_refsource_FEDORA
http://www.mandriva.com/security/advisories?name=MDVSA-2012:144 vendor-advisory, x_refsource_MANDRIVA
http://www.vupen.com/english/advisories/2010/3097 vdb-entry, x_refsource_VUPEN
http://www.ubuntu.com/usn/USN-1005-1 vendor-advisory, x_refsource_UBUNTU
http://www.redhat.com/support/errata/RHSA-2010-0749.html vendor-advisory, x_refsource_REDHAT
http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049545.html vendor-advisory, x_refsource_FEDORA
http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050268.html vendor-advisory, x_refsource_FEDORA
http://www.vupen.com/english/advisories/2010/2897 vdb-entry, x_refsource_VUPEN
http://secunia.com/advisories/42691 third-party-advisory, x_refsource_SECUNIA
http://www.debian.org/security/2010/dsa-2119 vendor-advisory, x_refsource_DEBIAN
http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html vendor-advisory, x_refsource_SUSE
http://www.mandriva.com/security/advisories?name=MDVSA-2010:229 vendor-advisory, x_refsource_MANDRIVA
http://www.securityfocus.com/bid/43841 vdb-entry, x_refsource_BID
http://www.debian.org/security/2010/dsa-2135 vendor-advisory, x_refsource_DEBIAN
http://www.redhat.com/support/errata/RHSA-2010-0753.html vendor-advisory, x_refsource_REDHAT
http://secunia.com/advisories/43079 third-party-advisory, x_refsource_SECUNIA
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T03:18:53.042Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "FEDORA-2010-16662",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050285.html"
          },
          {
            "name": "[oss-security] 20101004 Re: CVE requests: Poppler, Quassel, Pyfribidi, Overkill, DocUtils, FireGPG, Wireshark",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2010/10/04/6"
          },
          {
            "name": "FEDORA-2010-15857",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049392.html"
          },
          {
            "name": "RHSA-2010:0859",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2010-0859.html"
          },
          {
            "name": "42357",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/42357"
          },
          {
            "name": "MDVSA-2010:228",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:228"
          },
          {
            "name": "ADV-2011-0230",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0230"
          },
          {
            "name": "RHSA-2010:0752",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2010-0752.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.openoffice.org/security/cves/CVE-2010-3702_CVE-2010-3704.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=638960"
          },
          {
            "name": "MDVSA-2010:230",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:230"
          },
          {
            "name": "SUSE-SR:2010:022",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00006.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=39d140bfc0b8239bdd96d6a55842034ae5c05473"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl5.patch"
          },
          {
            "name": "RHSA-2012:1201",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2012-1201.html"
          },
          {
            "name": "MDVSA-2010:231",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:231"
          },
          {
            "name": "FEDORA-2010-16705",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050390.html"
          },
          {
            "name": "SSA:2010-324-01",
            "tags": [
              "vendor-advisory",
              "x_refsource_SLACKWARE",
              "x_transferred"
            ],
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2010\u0026m=slackware-security.571720"
          },
          {
            "name": "RHSA-2010:0751",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2010-0751.html"
          },
          {
            "name": "42397",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/42397"
          },
          {
            "name": "42141",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/42141"
          },
          {
            "name": "FEDORA-2010-15911",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049523.html"
          },
          {
            "name": "MDVSA-2012:144",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:144"
          },
          {
            "name": "ADV-2010-3097",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/3097"
          },
          {
            "name": "USN-1005-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-1005-1"
          },
          {
            "name": "RHSA-2010:0749",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2010-0749.html"
          },
          {
            "name": "FEDORA-2010-15981",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049545.html"
          },
          {
            "name": "FEDORA-2010-16744",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050268.html"
          },
          {
            "name": "ADV-2010-2897",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/2897"
          },
          {
            "name": "42691",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/42691"
          },
          {
            "name": "DSA-2119",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2010/dsa-2119"
          },
          {
            "name": "SUSE-SR:2010:024",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html"
          },
          {
            "name": "MDVSA-2010:229",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:229"
          },
          {
            "name": "43841",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/43841"
          },
          {
            "name": "DSA-2135",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2010/dsa-2135"
          },
          {
            "name": "RHSA-2010:0753",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2010-0753.html"
          },
          {
            "name": "43079",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/43079"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2010-09-21T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The FoFiType1::parse function in fofi/FoFiType1.cc in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, kdegraphics, and possibly other products allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a PDF file with a crafted PostScript Type1 font that contains a negative array index, which bypasses input validation and triggers memory corruption."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2010-11-19T10:00:00",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "FEDORA-2010-16662",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050285.html"
        },
        {
          "name": "[oss-security] 20101004 Re: CVE requests: Poppler, Quassel, Pyfribidi, Overkill, DocUtils, FireGPG, Wireshark",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2010/10/04/6"
        },
        {
          "name": "FEDORA-2010-15857",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049392.html"
        },
        {
          "name": "RHSA-2010:0859",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2010-0859.html"
        },
        {
          "name": "42357",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/42357"
        },
        {
          "name": "MDVSA-2010:228",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:228"
        },
        {
          "name": "ADV-2011-0230",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0230"
        },
        {
          "name": "RHSA-2010:0752",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2010-0752.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.openoffice.org/security/cves/CVE-2010-3702_CVE-2010-3704.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=638960"
        },
        {
          "name": "MDVSA-2010:230",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:230"
        },
        {
          "name": "SUSE-SR:2010:022",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00006.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=39d140bfc0b8239bdd96d6a55842034ae5c05473"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl5.patch"
        },
        {
          "name": "RHSA-2012:1201",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2012-1201.html"
        },
        {
          "name": "MDVSA-2010:231",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:231"
        },
        {
          "name": "FEDORA-2010-16705",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050390.html"
        },
        {
          "name": "SSA:2010-324-01",
          "tags": [
            "vendor-advisory",
            "x_refsource_SLACKWARE"
          ],
          "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2010\u0026m=slackware-security.571720"
        },
        {
          "name": "RHSA-2010:0751",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2010-0751.html"
        },
        {
          "name": "42397",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/42397"
        },
        {
          "name": "42141",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/42141"
        },
        {
          "name": "FEDORA-2010-15911",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049523.html"
        },
        {
          "name": "MDVSA-2012:144",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:144"
        },
        {
          "name": "ADV-2010-3097",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/3097"
        },
        {
          "name": "USN-1005-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-1005-1"
        },
        {
          "name": "RHSA-2010:0749",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2010-0749.html"
        },
        {
          "name": "FEDORA-2010-15981",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049545.html"
        },
        {
          "name": "FEDORA-2010-16744",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050268.html"
        },
        {
          "name": "ADV-2010-2897",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/2897"
        },
        {
          "name": "42691",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/42691"
        },
        {
          "name": "DSA-2119",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2010/dsa-2119"
        },
        {
          "name": "SUSE-SR:2010:024",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html"
        },
        {
          "name": "MDVSA-2010:229",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:229"
        },
        {
          "name": "43841",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/43841"
        },
        {
          "name": "DSA-2135",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2010/dsa-2135"
        },
        {
          "name": "RHSA-2010:0753",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2010-0753.html"
        },
        {
          "name": "43079",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/43079"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2010-3704",
    "datePublished": "2010-11-05T17:00:00",
    "dateReserved": "2010-10-01T00:00:00",
    "dateUpdated": "2024-08-07T03:18:53.042Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2012-2142 (GCVE-0-2012-2142)
Vulnerability from cvelistv5
Published
2020-01-09 20:42
Modified
2024-08-06 19:26
Severity ?
CWE
  • Other
Summary
The error function in Error.cc in poppler before 0.21.4 allows remote attackers to execute arbitrary commands via a PDF containing an escape sequence for a terminal emulator.
Impacted products
Vendor Product Version
poppler poppler Version: before 0.21.4
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T19:26:08.483Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2013/08/09/6"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2013/08/09/5"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=71bad47ed6a36d825b0d08992c8db56845c71e40"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://cgit.freedesktop.org/poppler/poppler/commit/NEWS?id=2bc48d5369f1dbecfc4db2878f33bdeb80d8d90f"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=789936"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00049.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "poppler",
          "vendor": "poppler",
          "versions": [
            {
              "status": "affected",
              "version": "before 0.21.4"
            }
          ]
        }
      ],
      "datePublic": "2012-12-09T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The error function in Error.cc in poppler before 0.21.4 allows remote attackers to execute arbitrary commands via a PDF containing an escape sequence for a terminal emulator."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Other",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-01-09T20:42:47",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2013/08/09/6"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2013/08/09/5"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=71bad47ed6a36d825b0d08992c8db56845c71e40"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://cgit.freedesktop.org/poppler/poppler/commit/NEWS?id=2bc48d5369f1dbecfc4db2878f33bdeb80d8d90f"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=789936"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00049.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2012-2142",
    "datePublished": "2020-01-09T20:42:47",
    "dateReserved": "2012-04-04T00:00:00",
    "dateUpdated": "2024-08-06T19:26:08.483Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2009-0755 (GCVE-0-2009-0755)
Vulnerability from cvelistv5
Published
2009-03-03 16:00
Modified
2024-08-07 04:48
Severity ?
CWE
  • n/a
Summary
The FormWidgetChoice::loadDefaults function in Poppler before 0.10.4 allows remote attackers to cause a denial of service (crash) via a PDF file with an invalid Form Opt entry.
References
http://www.securityfocus.com/bid/33749 vdb-entry, x_refsource_BID
http://www.debian.org/security/2009/dsa-1941 vendor-advisory, x_refsource_DEBIAN
http://lists.freedesktop.org/archives/poppler/2009-January/004406.html mailing-list, x_refsource_MLIST
http://secunia.com/advisories/33853 third-party-advisory, x_refsource_SECUNIA
http://www.openwall.com/lists/oss-security/2009/02/19/2 mailing-list, x_refsource_MLIST
http://secunia.com/advisories/37114 third-party-advisory, x_refsource_SECUNIA
http://www.openwall.com/lists/oss-security/2009/02/13/1 mailing-list, x_refsource_MLIST
http://wiki.rpath.com/Advisories:rPSA-2009-0059 x_refsource_CONFIRM
http://bugs.freedesktop.org/show_bug.cgi?id=19790 x_refsource_CONFIRM
http://secunia.com/advisories/35685 third-party-advisory, x_refsource_SECUNIA
http://www.ubuntu.com/usn/USN-850-1 vendor-advisory, x_refsource_UBUNTU
http://www.securityfocus.com/archive/1/502761/100/0/threaded mailing-list, x_refsource_BUGTRAQ
http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html vendor-advisory, x_refsource_SUSE
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T04:48:51.910Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "33749",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/33749"
          },
          {
            "name": "DSA-1941",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2009/dsa-1941"
          },
          {
            "name": "[poppler] 20090128 poppler/Form.cc",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://lists.freedesktop.org/archives/poppler/2009-January/004406.html"
          },
          {
            "name": "33853",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/33853"
          },
          {
            "name": "[oss-security] 20090219 Re: CVE Request: Poppler -Two Denial of Service Vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2009/02/19/2"
          },
          {
            "name": "37114",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/37114"
          },
          {
            "name": "[oss-security] 20090213 CVE Request: Poppler -Two Denial of Service Vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2009/02/13/1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://wiki.rpath.com/Advisories:rPSA-2009-0059"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://bugs.freedesktop.org/show_bug.cgi?id=19790"
          },
          {
            "name": "35685",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35685"
          },
          {
            "name": "USN-850-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-850-1"
          },
          {
            "name": "20090417 rPSA-2009-0059-1 poppler",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/502761/100/0/threaded"
          },
          {
            "name": "SUSE-SR:2009:012",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-01-28T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The FormWidgetChoice::loadDefaults function in Poppler before 0.10.4 allows remote attackers to cause a denial of service (crash) via a PDF file with an invalid Form Opt entry."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-10T18:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "33749",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/33749"
        },
        {
          "name": "DSA-1941",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2009/dsa-1941"
        },
        {
          "name": "[poppler] 20090128 poppler/Form.cc",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://lists.freedesktop.org/archives/poppler/2009-January/004406.html"
        },
        {
          "name": "33853",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/33853"
        },
        {
          "name": "[oss-security] 20090219 Re: CVE Request: Poppler -Two Denial of Service Vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2009/02/19/2"
        },
        {
          "name": "37114",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/37114"
        },
        {
          "name": "[oss-security] 20090213 CVE Request: Poppler -Two Denial of Service Vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2009/02/13/1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://wiki.rpath.com/Advisories:rPSA-2009-0059"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://bugs.freedesktop.org/show_bug.cgi?id=19790"
        },
        {
          "name": "35685",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35685"
        },
        {
          "name": "USN-850-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-850-1"
        },
        {
          "name": "20090417 rPSA-2009-0059-1 poppler",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/502761/100/0/threaded"
        },
        {
          "name": "SUSE-SR:2009:012",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2009-0755",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The FormWidgetChoice::loadDefaults function in Poppler before 0.10.4 allows remote attackers to cause a denial of service (crash) via a PDF file with an invalid Form Opt entry."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "33749",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/33749"
            },
            {
              "name": "DSA-1941",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2009/dsa-1941"
            },
            {
              "name": "[poppler] 20090128 poppler/Form.cc",
              "refsource": "MLIST",
              "url": "http://lists.freedesktop.org/archives/poppler/2009-January/004406.html"
            },
            {
              "name": "33853",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/33853"
            },
            {
              "name": "[oss-security] 20090219 Re: CVE Request: Poppler -Two Denial of Service Vulnerabilities",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2009/02/19/2"
            },
            {
              "name": "37114",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/37114"
            },
            {
              "name": "[oss-security] 20090213 CVE Request: Poppler -Two Denial of Service Vulnerabilities",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2009/02/13/1"
            },
            {
              "name": "http://wiki.rpath.com/Advisories:rPSA-2009-0059",
              "refsource": "CONFIRM",
              "url": "http://wiki.rpath.com/Advisories:rPSA-2009-0059"
            },
            {
              "name": "http://bugs.freedesktop.org/show_bug.cgi?id=19790",
              "refsource": "CONFIRM",
              "url": "http://bugs.freedesktop.org/show_bug.cgi?id=19790"
            },
            {
              "name": "35685",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/35685"
            },
            {
              "name": "USN-850-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-850-1"
            },
            {
              "name": "20090417 rPSA-2009-0059-1 poppler",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/502761/100/0/threaded"
            },
            {
              "name": "SUSE-SR:2009:012",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2009-0755",
    "datePublished": "2009-03-03T16:00:00",
    "dateReserved": "2009-03-03T00:00:00",
    "dateUpdated": "2024-08-07T04:48:51.910Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2010-4653 (GCVE-0-2010-4653)
Vulnerability from cvelistv5
Published
2019-11-13 19:12
Modified
2024-08-07 03:51
Severity ?
CWE
  • Integer Overflow
Summary
An integer overflow condition in poppler before 0.16.3 can occur when parsing CharCodes for fonts.
Impacted products
Vendor Product Version
poppler poppler Version: before 0.16.3
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T03:51:17.954Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://security-tracker.debian.org/tracker/CVE-2010-4653"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4653"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/cve/cve-2010-4653"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-201310-03.xml"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/45948"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "poppler",
          "vendor": "poppler",
          "versions": [
            {
              "status": "affected",
              "version": "before 0.16.3"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An integer overflow condition in poppler before 0.16.3 can occur when parsing CharCodes for fonts."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Integer Overflow",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-11-13T19:12:53",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://security-tracker.debian.org/tracker/CVE-2010-4653"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4653"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://access.redhat.com/security/cve/cve-2010-4653"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-201310-03.xml"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.securityfocus.com/bid/45948"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2010-4653",
    "datePublished": "2019-11-13T19:12:53",
    "dateReserved": "2011-01-03T00:00:00",
    "dateUpdated": "2024-08-07T03:51:17.954Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2009-1188 (GCVE-0-2009-1188)
Vulnerability from cvelistv5
Published
2009-04-23 19:11
Modified
2024-08-07 05:04
Severity ?
CWE
  • n/a
Summary
Integer overflow in the JBIG2 decoding feature in the SplashBitmap::SplashBitmap function in SplashBitmap.cc in Xpdf 3.x before 3.02pl4 and Poppler before 0.10.6, as used in GPdf and kdegraphics KPDF, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document.
References
http://secunia.com/advisories/39938 third-party-advisory, x_refsource_SECUNIA
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9957 vdb-entry, signature, x_refsource_OVAL
http://secunia.com/advisories/37028 third-party-advisory, x_refsource_SECUNIA
http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035408.html vendor-advisory, x_refsource_FEDORA
http://bugs.gentoo.org/show_bug.cgi?id=263028#c16 x_refsource_CONFIRM
https://rhn.redhat.com/errata/RHSA-2009-1501.html vendor-advisory, x_refsource_REDHAT
http://secunia.com/advisories/37079 third-party-advisory, x_refsource_SECUNIA
https://bugs.launchpad.net/ubuntu/+source/poppler/+bug/361875 x_refsource_CONFIRM
http://secunia.com/advisories/35064 third-party-advisory, x_refsource_SECUNIA
http://www.debian.org/security/2010/dsa-2028 vendor-advisory, x_refsource_DEBIAN
http://www.debian.org/security/2010/dsa-2050 vendor-advisory, x_refsource_DEBIAN
http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035340.html vendor-advisory, x_refsource_FEDORA
https://rhn.redhat.com/errata/RHSA-2009-1512.html vendor-advisory, x_refsource_REDHAT
https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html vendor-advisory, x_refsource_FEDORA
http://secunia.com/advisories/35618 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/37077 third-party-advisory, x_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2009-0480.html vendor-advisory, x_refsource_REDHAT
http://poppler.freedesktop.org/releases.html x_refsource_CONFIRM
https://rhn.redhat.com/errata/RHSA-2009-1503.html vendor-advisory, x_refsource_REDHAT
http://www.securityfocus.com/bid/34568 vdb-entry, x_refsource_BID
http://www.mandriva.com/security/advisories?name=MDVSA-2011:175 vendor-advisory, x_refsource_MANDRIVA
http://www.kb.cert.org/vuls/id/196617 third-party-advisory, x_refsource_CERT-VN
http://secunia.com/advisories/37037 third-party-advisory, x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2010/1040 vdb-entry, x_refsource_VUPEN
http://www.vupen.com/english/advisories/2010/0802 vdb-entry, x_refsource_VUPEN
https://rhn.redhat.com/errata/RHSA-2009-1502.html vendor-advisory, x_refsource_REDHAT
https://exchange.xforce.ibmcloud.com/vulnerabilities/50185 vdb-entry, x_refsource_XF
https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html vendor-advisory, x_refsource_FEDORA
http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035399.html vendor-advisory, x_refsource_FEDORA
http://wiki.rpath.com/Advisories:rPSA-2009-0059 x_refsource_CONFIRM
http://www.vupen.com/english/advisories/2009/2928 vdb-entry, x_refsource_VUPEN
http://www.mandriva.com/security/advisories?name=MDVSA-2010:087 vendor-advisory, x_refsource_MANDRIVA
http://www.vupen.com/english/advisories/2010/1220 vdb-entry, x_refsource_VUPEN
http://www.vupen.com/english/advisories/2009/1076 vdb-entry, x_refsource_VUPEN
http://secunia.com/advisories/37053 third-party-advisory, x_refsource_SECUNIA
http://www.securityfocus.com/archive/1/502761/100/0/threaded mailing-list, x_refsource_BUGTRAQ
http://secunia.com/advisories/39327 third-party-advisory, x_refsource_SECUNIA
https://bugzilla.redhat.com/show_bug.cgi?id=495907 x_refsource_CONFIRM
https://bugzilla.redhat.com/show_bug.cgi?id=526915 x_refsource_CONFIRM
https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html vendor-advisory, x_refsource_FEDORA
http://secunia.com/advisories/37043 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/34746 third-party-advisory, x_refsource_SECUNIA
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T05:04:49.317Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "39938",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/39938"
          },
          {
            "name": "oval:org.mitre.oval:def:9957",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9957"
          },
          {
            "name": "37028",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/37028"
          },
          {
            "name": "FEDORA-2010-1377",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035408.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://bugs.gentoo.org/show_bug.cgi?id=263028#c16"
          },
          {
            "name": "RHSA-2009:1501",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://rhn.redhat.com/errata/RHSA-2009-1501.html"
          },
          {
            "name": "37079",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/37079"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.launchpad.net/ubuntu/+source/poppler/+bug/361875"
          },
          {
            "name": "35064",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35064"
          },
          {
            "name": "DSA-2028",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2010/dsa-2028"
          },
          {
            "name": "DSA-2050",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2010/dsa-2050"
          },
          {
            "name": "FEDORA-2010-1805",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035340.html"
          },
          {
            "name": "RHSA-2009:1512",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://rhn.redhat.com/errata/RHSA-2009-1512.html"
          },
          {
            "name": "FEDORA-2009-6972",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html"
          },
          {
            "name": "35618",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35618"
          },
          {
            "name": "37077",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/37077"
          },
          {
            "name": "RHSA-2009:0480",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://poppler.freedesktop.org/releases.html"
          },
          {
            "name": "RHSA-2009:1503",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://rhn.redhat.com/errata/RHSA-2009-1503.html"
          },
          {
            "name": "34568",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/34568"
          },
          {
            "name": "MDVSA-2011:175",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
          },
          {
            "name": "VU#196617",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/196617"
          },
          {
            "name": "37037",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/37037"
          },
          {
            "name": "ADV-2010-1040",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/1040"
          },
          {
            "name": "ADV-2010-0802",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/0802"
          },
          {
            "name": "RHSA-2009:1502",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://rhn.redhat.com/errata/RHSA-2009-1502.html"
          },
          {
            "name": "poppler-jbig2-splashbitmap-code-execution(50185)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50185"
          },
          {
            "name": "FEDORA-2009-6982",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html"
          },
          {
            "name": "FEDORA-2010-1842",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035399.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://wiki.rpath.com/Advisories:rPSA-2009-0059"
          },
          {
            "name": "ADV-2009-2928",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/2928"
          },
          {
            "name": "MDVSA-2010:087",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
          },
          {
            "name": "ADV-2010-1220",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/1220"
          },
          {
            "name": "ADV-2009-1076",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/1076"
          },
          {
            "name": "37053",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/37053"
          },
          {
            "name": "20090417 rPSA-2009-0059-1 poppler",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/502761/100/0/threaded"
          },
          {
            "name": "39327",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/39327"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=495907"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=526915"
          },
          {
            "name": "FEDORA-2009-6973",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html"
          },
          {
            "name": "37043",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/37043"
          },
          {
            "name": "34746",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34746"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-04-16T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Integer overflow in the JBIG2 decoding feature in the SplashBitmap::SplashBitmap function in SplashBitmap.cc in Xpdf 3.x before 3.02pl4 and Poppler before 0.10.6, as used in GPdf and kdegraphics KPDF, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-10T18:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "39938",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/39938"
        },
        {
          "name": "oval:org.mitre.oval:def:9957",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9957"
        },
        {
          "name": "37028",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/37028"
        },
        {
          "name": "FEDORA-2010-1377",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035408.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://bugs.gentoo.org/show_bug.cgi?id=263028#c16"
        },
        {
          "name": "RHSA-2009:1501",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://rhn.redhat.com/errata/RHSA-2009-1501.html"
        },
        {
          "name": "37079",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/37079"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.launchpad.net/ubuntu/+source/poppler/+bug/361875"
        },
        {
          "name": "35064",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35064"
        },
        {
          "name": "DSA-2028",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2010/dsa-2028"
        },
        {
          "name": "DSA-2050",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2010/dsa-2050"
        },
        {
          "name": "FEDORA-2010-1805",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035340.html"
        },
        {
          "name": "RHSA-2009:1512",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://rhn.redhat.com/errata/RHSA-2009-1512.html"
        },
        {
          "name": "FEDORA-2009-6972",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html"
        },
        {
          "name": "35618",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35618"
        },
        {
          "name": "37077",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/37077"
        },
        {
          "name": "RHSA-2009:0480",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://poppler.freedesktop.org/releases.html"
        },
        {
          "name": "RHSA-2009:1503",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://rhn.redhat.com/errata/RHSA-2009-1503.html"
        },
        {
          "name": "34568",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/34568"
        },
        {
          "name": "MDVSA-2011:175",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
        },
        {
          "name": "VU#196617",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/196617"
        },
        {
          "name": "37037",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/37037"
        },
        {
          "name": "ADV-2010-1040",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/1040"
        },
        {
          "name": "ADV-2010-0802",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/0802"
        },
        {
          "name": "RHSA-2009:1502",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://rhn.redhat.com/errata/RHSA-2009-1502.html"
        },
        {
          "name": "poppler-jbig2-splashbitmap-code-execution(50185)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50185"
        },
        {
          "name": "FEDORA-2009-6982",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html"
        },
        {
          "name": "FEDORA-2010-1842",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035399.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://wiki.rpath.com/Advisories:rPSA-2009-0059"
        },
        {
          "name": "ADV-2009-2928",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/2928"
        },
        {
          "name": "MDVSA-2010:087",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
        },
        {
          "name": "ADV-2010-1220",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/1220"
        },
        {
          "name": "ADV-2009-1076",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/1076"
        },
        {
          "name": "37053",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/37053"
        },
        {
          "name": "20090417 rPSA-2009-0059-1 poppler",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/502761/100/0/threaded"
        },
        {
          "name": "39327",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/39327"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=495907"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=526915"
        },
        {
          "name": "FEDORA-2009-6973",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html"
        },
        {
          "name": "37043",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/37043"
        },
        {
          "name": "34746",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34746"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2009-1188",
    "datePublished": "2009-04-23T19:11:00",
    "dateReserved": "2009-03-31T00:00:00",
    "dateUpdated": "2024-08-07T05:04:49.317Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2009-1183 (GCVE-0-2009-1183)
Vulnerability from cvelistv5
Published
2009-04-23 17:00
Modified
2024-08-07 05:04
Severity ?
CWE
  • n/a
Summary
The JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service (infinite loop and hang) via a crafted PDF file.
References
http://www.debian.org/security/2009/dsa-1793 vendor-advisory, x_refsource_DEBIAN
http://secunia.com/advisories/34963 third-party-advisory, x_refsource_SECUNIA
http://www.debian.org/security/2009/dsa-1790 vendor-advisory, x_refsource_DEBIAN
http://secunia.com/advisories/35037 third-party-advisory, x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2009/1077 vdb-entry, x_refsource_VUPEN
http://secunia.com/advisories/35064 third-party-advisory, x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2009/1066 vdb-entry, x_refsource_VUPEN
http://secunia.com/advisories/34481 third-party-advisory, x_refsource_SECUNIA
http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.578477 vendor-advisory, x_refsource_SLACKWARE
http://www.securitytracker.com/id?1022072 vdb-entry, x_refsource_SECTRACK
http://www.redhat.com/support/errata/RHSA-2009-0431.html vendor-advisory, x_refsource_REDHAT
http://www.vupen.com/english/advisories/2009/1065 vdb-entry, x_refsource_VUPEN
http://www.redhat.com/support/errata/RHSA-2009-0430.html vendor-advisory, x_refsource_REDHAT
https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html vendor-advisory, x_refsource_FEDORA
https://bugzilla.redhat.com/show_bug.cgi?id=495899 x_refsource_CONFIRM
http://secunia.com/advisories/35618 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/35065 third-party-advisory, x_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2009-0480.html vendor-advisory, x_refsource_REDHAT
http://poppler.freedesktop.org/releases.html x_refsource_CONFIRM
http://www.securityfocus.com/bid/34568 vdb-entry, x_refsource_BID
http://www.mandriva.com/security/advisories?name=MDVSA-2011:175 vendor-advisory, x_refsource_MANDRIVA
http://www.kb.cert.org/vuls/id/196617 third-party-advisory, x_refsource_CERT-VN
http://www.vupen.com/english/advisories/2010/1040 vdb-entry, x_refsource_VUPEN
http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html vendor-advisory, x_refsource_SUSE
http://rhn.redhat.com/errata/RHSA-2009-0458.html vendor-advisory, x_refsource_REDHAT
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10769 vdb-entry, signature, x_refsource_OVAL
https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html vendor-advisory, x_refsource_FEDORA
http://secunia.com/advisories/34991 third-party-advisory, x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDVSA-2009:101 vendor-advisory, x_refsource_MANDRIVA
http://www.mandriva.com/security/advisories?name=MDVSA-2010:087 vendor-advisory, x_refsource_MANDRIVA
http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html vendor-advisory, x_refsource_SUSE
http://secunia.com/advisories/35685 third-party-advisory, x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2009/1076 vdb-entry, x_refsource_VUPEN
http://secunia.com/advisories/34756 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/34291 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/34755 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/34852 third-party-advisory, x_refsource_SECUNIA
http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html vendor-advisory, x_refsource_SUSE
https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html vendor-advisory, x_refsource_FEDORA
http://secunia.com/advisories/34959 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/34746 third-party-advisory, x_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2009-0429.html vendor-advisory, x_refsource_REDHAT
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T05:04:49.221Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "DSA-1793",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2009/dsa-1793"
          },
          {
            "name": "34963",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34963"
          },
          {
            "name": "DSA-1790",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2009/dsa-1790"
          },
          {
            "name": "35037",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35037"
          },
          {
            "name": "ADV-2009-1077",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/1077"
          },
          {
            "name": "35064",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35064"
          },
          {
            "name": "ADV-2009-1066",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/1066"
          },
          {
            "name": "34481",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34481"
          },
          {
            "name": "SSA:2009-129-01",
            "tags": [
              "vendor-advisory",
              "x_refsource_SLACKWARE",
              "x_transferred"
            ],
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477"
          },
          {
            "name": "1022072",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1022072"
          },
          {
            "name": "RHSA-2009:0431",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html"
          },
          {
            "name": "ADV-2009-1065",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/1065"
          },
          {
            "name": "RHSA-2009:0430",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html"
          },
          {
            "name": "FEDORA-2009-6972",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=495899"
          },
          {
            "name": "35618",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35618"
          },
          {
            "name": "35065",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35065"
          },
          {
            "name": "RHSA-2009:0480",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://poppler.freedesktop.org/releases.html"
          },
          {
            "name": "34568",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/34568"
          },
          {
            "name": "MDVSA-2011:175",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
          },
          {
            "name": "VU#196617",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/196617"
          },
          {
            "name": "ADV-2010-1040",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/1040"
          },
          {
            "name": "SUSE-SA:2009:024",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html"
          },
          {
            "name": "RHSA-2009:0458",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html"
          },
          {
            "name": "oval:org.mitre.oval:def:10769",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10769"
          },
          {
            "name": "FEDORA-2009-6982",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html"
          },
          {
            "name": "34991",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34991"
          },
          {
            "name": "MDVSA-2009:101",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101"
          },
          {
            "name": "MDVSA-2010:087",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
          },
          {
            "name": "SUSE-SR:2009:010",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
          },
          {
            "name": "35685",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35685"
          },
          {
            "name": "ADV-2009-1076",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/1076"
          },
          {
            "name": "34756",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34756"
          },
          {
            "name": "34291",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34291"
          },
          {
            "name": "34755",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34755"
          },
          {
            "name": "34852",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34852"
          },
          {
            "name": "SUSE-SR:2009:012",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
          },
          {
            "name": "FEDORA-2009-6973",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html"
          },
          {
            "name": "34959",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34959"
          },
          {
            "name": "34746",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34746"
          },
          {
            "name": "RHSA-2009:0429",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-04-16T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service (infinite loop and hang) via a crafted PDF file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-28T12:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "DSA-1793",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2009/dsa-1793"
        },
        {
          "name": "34963",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34963"
        },
        {
          "name": "DSA-1790",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2009/dsa-1790"
        },
        {
          "name": "35037",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35037"
        },
        {
          "name": "ADV-2009-1077",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/1077"
        },
        {
          "name": "35064",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35064"
        },
        {
          "name": "ADV-2009-1066",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/1066"
        },
        {
          "name": "34481",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34481"
        },
        {
          "name": "SSA:2009-129-01",
          "tags": [
            "vendor-advisory",
            "x_refsource_SLACKWARE"
          ],
          "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477"
        },
        {
          "name": "1022072",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1022072"
        },
        {
          "name": "RHSA-2009:0431",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html"
        },
        {
          "name": "ADV-2009-1065",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/1065"
        },
        {
          "name": "RHSA-2009:0430",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html"
        },
        {
          "name": "FEDORA-2009-6972",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=495899"
        },
        {
          "name": "35618",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35618"
        },
        {
          "name": "35065",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35065"
        },
        {
          "name": "RHSA-2009:0480",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://poppler.freedesktop.org/releases.html"
        },
        {
          "name": "34568",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/34568"
        },
        {
          "name": "MDVSA-2011:175",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
        },
        {
          "name": "VU#196617",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/196617"
        },
        {
          "name": "ADV-2010-1040",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/1040"
        },
        {
          "name": "SUSE-SA:2009:024",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html"
        },
        {
          "name": "RHSA-2009:0458",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html"
        },
        {
          "name": "oval:org.mitre.oval:def:10769",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10769"
        },
        {
          "name": "FEDORA-2009-6982",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html"
        },
        {
          "name": "34991",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34991"
        },
        {
          "name": "MDVSA-2009:101",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101"
        },
        {
          "name": "MDVSA-2010:087",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
        },
        {
          "name": "SUSE-SR:2009:010",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
        },
        {
          "name": "35685",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35685"
        },
        {
          "name": "ADV-2009-1076",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/1076"
        },
        {
          "name": "34756",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34756"
        },
        {
          "name": "34291",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34291"
        },
        {
          "name": "34755",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34755"
        },
        {
          "name": "34852",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34852"
        },
        {
          "name": "SUSE-SR:2009:012",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
        },
        {
          "name": "FEDORA-2009-6973",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html"
        },
        {
          "name": "34959",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34959"
        },
        {
          "name": "34746",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34746"
        },
        {
          "name": "RHSA-2009:0429",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2009-1183",
    "datePublished": "2009-04-23T17:00:00",
    "dateReserved": "2009-03-31T00:00:00",
    "dateUpdated": "2024-08-07T05:04:49.221Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2009-1179 (GCVE-0-2009-1179)
Vulnerability from cvelistv5
Published
2009-04-23 17:00
Modified
2024-08-07 05:04
Severity ?
CWE
  • n/a
Summary
Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to execute arbitrary code via a crafted PDF file.
References
http://www.debian.org/security/2009/dsa-1793 vendor-advisory, x_refsource_DEBIAN
http://secunia.com/advisories/34963 third-party-advisory, x_refsource_SECUNIA
http://support.apple.com/kb/HT3639 x_refsource_CONFIRM
http://www.debian.org/security/2009/dsa-1790 vendor-advisory, x_refsource_DEBIAN
http://secunia.com/advisories/35037 third-party-advisory, x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2009/1077 vdb-entry, x_refsource_VUPEN
http://www.vupen.com/english/advisories/2009/1621 vdb-entry, x_refsource_VUPEN
http://secunia.com/advisories/35064 third-party-advisory, x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2009/1066 vdb-entry, x_refsource_VUPEN
http://secunia.com/advisories/34481 third-party-advisory, x_refsource_SECUNIA
http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.578477 vendor-advisory, x_refsource_SLACKWARE
http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html vendor-advisory, x_refsource_APPLE
http://www.redhat.com/support/errata/RHSA-2009-0431.html vendor-advisory, x_refsource_REDHAT
http://www.vupen.com/english/advisories/2009/1065 vdb-entry, x_refsource_VUPEN
http://www.redhat.com/support/errata/RHSA-2009-0430.html vendor-advisory, x_refsource_REDHAT
http://www.vupen.com/english/advisories/2009/1522 vdb-entry, x_refsource_VUPEN
https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html vendor-advisory, x_refsource_FEDORA
http://secunia.com/advisories/35618 third-party-advisory, x_refsource_SECUNIA
http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html vendor-advisory, x_refsource_APPLE
http://secunia.com/advisories/35065 third-party-advisory, x_refsource_SECUNIA
https://bugzilla.redhat.com/show_bug.cgi?id=495889 x_refsource_CONFIRM
http://www.redhat.com/support/errata/RHSA-2009-0480.html vendor-advisory, x_refsource_REDHAT
http://poppler.freedesktop.org/releases.html x_refsource_CONFIRM
http://www.securityfocus.com/bid/34568 vdb-entry, x_refsource_BID
http://www.mandriva.com/security/advisories?name=MDVSA-2011:175 vendor-advisory, x_refsource_MANDRIVA
http://www.kb.cert.org/vuls/id/196617 third-party-advisory, x_refsource_CERT-VN
http://www.vupen.com/english/advisories/2010/1040 vdb-entry, x_refsource_VUPEN
http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html vendor-advisory, x_refsource_SUSE
http://rhn.redhat.com/errata/RHSA-2009-0458.html vendor-advisory, x_refsource_REDHAT
https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html vendor-advisory, x_refsource_FEDORA
http://secunia.com/advisories/34991 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/35379 third-party-advisory, x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDVSA-2009:101 vendor-advisory, x_refsource_MANDRIVA
http://www.mandriva.com/security/advisories?name=MDVSA-2010:087 vendor-advisory, x_refsource_MANDRIVA
http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html vendor-advisory, x_refsource_SUSE
http://secunia.com/advisories/35685 third-party-advisory, x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2009/1076 vdb-entry, x_refsource_VUPEN
http://secunia.com/advisories/34756 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/34291 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/34755 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/34852 third-party-advisory, x_refsource_SECUNIA
http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html vendor-advisory, x_refsource_SUSE
https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html vendor-advisory, x_refsource_FEDORA
http://secunia.com/advisories/34959 third-party-advisory, x_refsource_SECUNIA
http://support.apple.com/kb/HT3613 x_refsource_CONFIRM
http://secunia.com/advisories/34746 third-party-advisory, x_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2009-0429.html vendor-advisory, x_refsource_REDHAT
http://www.securitytracker.com/id?1022073 vdb-entry, x_refsource_SECTRACK
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11892 vdb-entry, signature, x_refsource_OVAL
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T05:04:49.216Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "DSA-1793",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2009/dsa-1793"
          },
          {
            "name": "34963",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34963"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT3639"
          },
          {
            "name": "DSA-1790",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2009/dsa-1790"
          },
          {
            "name": "35037",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35037"
          },
          {
            "name": "ADV-2009-1077",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/1077"
          },
          {
            "name": "ADV-2009-1621",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/1621"
          },
          {
            "name": "35064",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35064"
          },
          {
            "name": "ADV-2009-1066",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/1066"
          },
          {
            "name": "34481",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34481"
          },
          {
            "name": "SSA:2009-129-01",
            "tags": [
              "vendor-advisory",
              "x_refsource_SLACKWARE",
              "x_transferred"
            ],
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477"
          },
          {
            "name": "APPLE-SA-2009-06-08-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html"
          },
          {
            "name": "RHSA-2009:0431",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html"
          },
          {
            "name": "ADV-2009-1065",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/1065"
          },
          {
            "name": "RHSA-2009:0430",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html"
          },
          {
            "name": "ADV-2009-1522",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/1522"
          },
          {
            "name": "FEDORA-2009-6972",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html"
          },
          {
            "name": "35618",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35618"
          },
          {
            "name": "APPLE-SA-2009-06-17-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html"
          },
          {
            "name": "35065",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35065"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=495889"
          },
          {
            "name": "RHSA-2009:0480",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://poppler.freedesktop.org/releases.html"
          },
          {
            "name": "34568",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/34568"
          },
          {
            "name": "MDVSA-2011:175",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
          },
          {
            "name": "VU#196617",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/196617"
          },
          {
            "name": "ADV-2010-1040",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/1040"
          },
          {
            "name": "SUSE-SA:2009:024",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html"
          },
          {
            "name": "RHSA-2009:0458",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html"
          },
          {
            "name": "FEDORA-2009-6982",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html"
          },
          {
            "name": "34991",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34991"
          },
          {
            "name": "35379",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35379"
          },
          {
            "name": "MDVSA-2009:101",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101"
          },
          {
            "name": "MDVSA-2010:087",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
          },
          {
            "name": "SUSE-SR:2009:010",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
          },
          {
            "name": "35685",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35685"
          },
          {
            "name": "ADV-2009-1076",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/1076"
          },
          {
            "name": "34756",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34756"
          },
          {
            "name": "34291",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34291"
          },
          {
            "name": "34755",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34755"
          },
          {
            "name": "34852",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34852"
          },
          {
            "name": "SUSE-SR:2009:012",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
          },
          {
            "name": "FEDORA-2009-6973",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html"
          },
          {
            "name": "34959",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34959"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT3613"
          },
          {
            "name": "34746",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34746"
          },
          {
            "name": "RHSA-2009:0429",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html"
          },
          {
            "name": "1022073",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1022073"
          },
          {
            "name": "oval:org.mitre.oval:def:11892",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11892"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-04-16T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to execute arbitrary code via a crafted PDF file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-28T12:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "DSA-1793",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2009/dsa-1793"
        },
        {
          "name": "34963",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34963"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT3639"
        },
        {
          "name": "DSA-1790",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2009/dsa-1790"
        },
        {
          "name": "35037",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35037"
        },
        {
          "name": "ADV-2009-1077",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/1077"
        },
        {
          "name": "ADV-2009-1621",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/1621"
        },
        {
          "name": "35064",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35064"
        },
        {
          "name": "ADV-2009-1066",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/1066"
        },
        {
          "name": "34481",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34481"
        },
        {
          "name": "SSA:2009-129-01",
          "tags": [
            "vendor-advisory",
            "x_refsource_SLACKWARE"
          ],
          "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477"
        },
        {
          "name": "APPLE-SA-2009-06-08-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html"
        },
        {
          "name": "RHSA-2009:0431",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html"
        },
        {
          "name": "ADV-2009-1065",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/1065"
        },
        {
          "name": "RHSA-2009:0430",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html"
        },
        {
          "name": "ADV-2009-1522",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/1522"
        },
        {
          "name": "FEDORA-2009-6972",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html"
        },
        {
          "name": "35618",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35618"
        },
        {
          "name": "APPLE-SA-2009-06-17-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html"
        },
        {
          "name": "35065",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35065"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=495889"
        },
        {
          "name": "RHSA-2009:0480",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://poppler.freedesktop.org/releases.html"
        },
        {
          "name": "34568",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/34568"
        },
        {
          "name": "MDVSA-2011:175",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
        },
        {
          "name": "VU#196617",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/196617"
        },
        {
          "name": "ADV-2010-1040",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/1040"
        },
        {
          "name": "SUSE-SA:2009:024",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html"
        },
        {
          "name": "RHSA-2009:0458",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html"
        },
        {
          "name": "FEDORA-2009-6982",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html"
        },
        {
          "name": "34991",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34991"
        },
        {
          "name": "35379",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35379"
        },
        {
          "name": "MDVSA-2009:101",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101"
        },
        {
          "name": "MDVSA-2010:087",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
        },
        {
          "name": "SUSE-SR:2009:010",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
        },
        {
          "name": "35685",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35685"
        },
        {
          "name": "ADV-2009-1076",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/1076"
        },
        {
          "name": "34756",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34756"
        },
        {
          "name": "34291",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34291"
        },
        {
          "name": "34755",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34755"
        },
        {
          "name": "34852",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34852"
        },
        {
          "name": "SUSE-SR:2009:012",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
        },
        {
          "name": "FEDORA-2009-6973",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html"
        },
        {
          "name": "34959",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34959"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT3613"
        },
        {
          "name": "34746",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34746"
        },
        {
          "name": "RHSA-2009:0429",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html"
        },
        {
          "name": "1022073",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1022073"
        },
        {
          "name": "oval:org.mitre.oval:def:11892",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11892"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2009-1179",
    "datePublished": "2009-04-23T17:00:00",
    "dateReserved": "2009-03-31T00:00:00",
    "dateUpdated": "2024-08-07T05:04:49.216Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2009-1187 (GCVE-0-2009-1187)
Vulnerability from cvelistv5
Published
2009-04-23 19:11
Modified
2024-08-07 05:04
Severity ?
CWE
  • n/a
Summary
Integer overflow in the JBIG2 decoding feature in Poppler before 0.10.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to CairoOutputDev (CairoOutputDev.cc).
References
http://bugs.gentoo.org/show_bug.cgi?id=263028#c16 x_refsource_CONFIRM
https://bugs.launchpad.net/ubuntu/+source/poppler/+bug/361875 x_refsource_CONFIRM
http://secunia.com/advisories/35064 third-party-advisory, x_refsource_SECUNIA
https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html vendor-advisory, x_refsource_FEDORA
https://exchange.xforce.ibmcloud.com/vulnerabilities/50184 vdb-entry, x_refsource_XF
http://secunia.com/advisories/35618 third-party-advisory, x_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2009-0480.html vendor-advisory, x_refsource_REDHAT
http://poppler.freedesktop.org/releases.html x_refsource_CONFIRM
http://www.securityfocus.com/bid/34568 vdb-entry, x_refsource_BID
http://www.mandriva.com/security/advisories?name=MDVSA-2011:175 vendor-advisory, x_refsource_MANDRIVA
http://www.kb.cert.org/vuls/id/196617 third-party-advisory, x_refsource_CERT-VN
http://www.vupen.com/english/advisories/2010/1040 vdb-entry, x_refsource_VUPEN
https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html vendor-advisory, x_refsource_FEDORA
http://wiki.rpath.com/Advisories:rPSA-2009-0059 x_refsource_CONFIRM
http://www.mandriva.com/security/advisories?name=MDVSA-2010:087 vendor-advisory, x_refsource_MANDRIVA
http://www.vupen.com/english/advisories/2009/1076 vdb-entry, x_refsource_VUPEN
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10292 vdb-entry, signature, x_refsource_OVAL
http://www.securityfocus.com/archive/1/502761/100/0/threaded mailing-list, x_refsource_BUGTRAQ
https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html vendor-advisory, x_refsource_FEDORA
http://secunia.com/advisories/34746 third-party-advisory, x_refsource_SECUNIA
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T05:04:49.269Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://bugs.gentoo.org/show_bug.cgi?id=263028#c16"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.launchpad.net/ubuntu/+source/poppler/+bug/361875"
          },
          {
            "name": "35064",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35064"
          },
          {
            "name": "FEDORA-2009-6972",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html"
          },
          {
            "name": "poppler-jbig2-cairooutputdev-code-excution(50184)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50184"
          },
          {
            "name": "35618",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35618"
          },
          {
            "name": "RHSA-2009:0480",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://poppler.freedesktop.org/releases.html"
          },
          {
            "name": "34568",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/34568"
          },
          {
            "name": "MDVSA-2011:175",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
          },
          {
            "name": "VU#196617",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/196617"
          },
          {
            "name": "ADV-2010-1040",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/1040"
          },
          {
            "name": "FEDORA-2009-6982",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://wiki.rpath.com/Advisories:rPSA-2009-0059"
          },
          {
            "name": "MDVSA-2010:087",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
          },
          {
            "name": "ADV-2009-1076",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/1076"
          },
          {
            "name": "oval:org.mitre.oval:def:10292",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10292"
          },
          {
            "name": "20090417 rPSA-2009-0059-1 poppler",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/502761/100/0/threaded"
          },
          {
            "name": "FEDORA-2009-6973",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html"
          },
          {
            "name": "34746",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34746"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-04-16T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Integer overflow in the JBIG2 decoding feature in Poppler before 0.10.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to CairoOutputDev (CairoOutputDev.cc)."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-10T18:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://bugs.gentoo.org/show_bug.cgi?id=263028#c16"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.launchpad.net/ubuntu/+source/poppler/+bug/361875"
        },
        {
          "name": "35064",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35064"
        },
        {
          "name": "FEDORA-2009-6972",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html"
        },
        {
          "name": "poppler-jbig2-cairooutputdev-code-excution(50184)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50184"
        },
        {
          "name": "35618",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35618"
        },
        {
          "name": "RHSA-2009:0480",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://poppler.freedesktop.org/releases.html"
        },
        {
          "name": "34568",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/34568"
        },
        {
          "name": "MDVSA-2011:175",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
        },
        {
          "name": "VU#196617",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/196617"
        },
        {
          "name": "ADV-2010-1040",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/1040"
        },
        {
          "name": "FEDORA-2009-6982",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://wiki.rpath.com/Advisories:rPSA-2009-0059"
        },
        {
          "name": "MDVSA-2010:087",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
        },
        {
          "name": "ADV-2009-1076",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/1076"
        },
        {
          "name": "oval:org.mitre.oval:def:10292",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10292"
        },
        {
          "name": "20090417 rPSA-2009-0059-1 poppler",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/502761/100/0/threaded"
        },
        {
          "name": "FEDORA-2009-6973",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html"
        },
        {
          "name": "34746",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34746"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2009-1187",
    "datePublished": "2009-04-23T19:11:00",
    "dateReserved": "2009-03-31T00:00:00",
    "dateUpdated": "2024-08-07T05:04:49.269Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2009-0800 (GCVE-0-2009-0800)
Vulnerability from cvelistv5
Published
2009-04-23 17:00
Modified
2024-08-07 04:48
Severity ?
CWE
  • n/a
Summary
Multiple "input validation flaws" in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allow remote attackers to execute arbitrary code via a crafted PDF file.
References
http://www.debian.org/security/2009/dsa-1793 vendor-advisory, x_refsource_DEBIAN
http://secunia.com/advisories/34963 third-party-advisory, x_refsource_SECUNIA
http://www.debian.org/security/2009/dsa-1790 vendor-advisory, x_refsource_DEBIAN
http://secunia.com/advisories/35037 third-party-advisory, x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2009/1077 vdb-entry, x_refsource_VUPEN
http://secunia.com/advisories/35064 third-party-advisory, x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2009/1066 vdb-entry, x_refsource_VUPEN
http://secunia.com/advisories/34481 third-party-advisory, x_refsource_SECUNIA
http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.578477 vendor-advisory, x_refsource_SLACKWARE
http://www.redhat.com/support/errata/RHSA-2009-0431.html vendor-advisory, x_refsource_REDHAT
http://www.vupen.com/english/advisories/2009/1065 vdb-entry, x_refsource_VUPEN
http://www.redhat.com/support/errata/RHSA-2009-0430.html vendor-advisory, x_refsource_REDHAT
https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html vendor-advisory, x_refsource_FEDORA
http://secunia.com/advisories/35618 third-party-advisory, x_refsource_SECUNIA
https://bugzilla.redhat.com/show_bug.cgi?id=495887 x_refsource_CONFIRM
http://secunia.com/advisories/35065 third-party-advisory, x_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2009-0480.html vendor-advisory, x_refsource_REDHAT
http://poppler.freedesktop.org/releases.html x_refsource_CONFIRM
http://www.securityfocus.com/bid/34568 vdb-entry, x_refsource_BID
http://www.mandriva.com/security/advisories?name=MDVSA-2011:175 vendor-advisory, x_refsource_MANDRIVA
http://www.kb.cert.org/vuls/id/196617 third-party-advisory, x_refsource_CERT-VN
http://www.vupen.com/english/advisories/2010/1040 vdb-entry, x_refsource_VUPEN
http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html vendor-advisory, x_refsource_SUSE
http://rhn.redhat.com/errata/RHSA-2009-0458.html vendor-advisory, x_refsource_REDHAT
https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html vendor-advisory, x_refsource_FEDORA
http://secunia.com/advisories/34991 third-party-advisory, x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDVSA-2009:101 vendor-advisory, x_refsource_MANDRIVA
http://www.mandriva.com/security/advisories?name=MDVSA-2010:087 vendor-advisory, x_refsource_MANDRIVA
http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html vendor-advisory, x_refsource_SUSE
http://secunia.com/advisories/35685 third-party-advisory, x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2009/1076 vdb-entry, x_refsource_VUPEN
http://secunia.com/advisories/34756 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/34291 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/34755 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/34852 third-party-advisory, x_refsource_SECUNIA
http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html vendor-advisory, x_refsource_SUSE
https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html vendor-advisory, x_refsource_FEDORA
http://secunia.com/advisories/34959 third-party-advisory, x_refsource_SECUNIA
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11323 vdb-entry, signature, x_refsource_OVAL
http://secunia.com/advisories/34746 third-party-advisory, x_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2009-0429.html vendor-advisory, x_refsource_REDHAT
http://www.securitytracker.com/id?1022073 vdb-entry, x_refsource_SECTRACK
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T04:48:52.150Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "DSA-1793",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2009/dsa-1793"
          },
          {
            "name": "34963",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34963"
          },
          {
            "name": "DSA-1790",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2009/dsa-1790"
          },
          {
            "name": "35037",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35037"
          },
          {
            "name": "ADV-2009-1077",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/1077"
          },
          {
            "name": "35064",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35064"
          },
          {
            "name": "ADV-2009-1066",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/1066"
          },
          {
            "name": "34481",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34481"
          },
          {
            "name": "SSA:2009-129-01",
            "tags": [
              "vendor-advisory",
              "x_refsource_SLACKWARE",
              "x_transferred"
            ],
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477"
          },
          {
            "name": "RHSA-2009:0431",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html"
          },
          {
            "name": "ADV-2009-1065",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/1065"
          },
          {
            "name": "RHSA-2009:0430",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html"
          },
          {
            "name": "FEDORA-2009-6972",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html"
          },
          {
            "name": "35618",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35618"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=495887"
          },
          {
            "name": "35065",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35065"
          },
          {
            "name": "RHSA-2009:0480",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://poppler.freedesktop.org/releases.html"
          },
          {
            "name": "34568",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/34568"
          },
          {
            "name": "MDVSA-2011:175",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
          },
          {
            "name": "VU#196617",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/196617"
          },
          {
            "name": "ADV-2010-1040",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/1040"
          },
          {
            "name": "SUSE-SA:2009:024",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html"
          },
          {
            "name": "RHSA-2009:0458",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html"
          },
          {
            "name": "FEDORA-2009-6982",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html"
          },
          {
            "name": "34991",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34991"
          },
          {
            "name": "MDVSA-2009:101",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101"
          },
          {
            "name": "MDVSA-2010:087",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
          },
          {
            "name": "SUSE-SR:2009:010",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
          },
          {
            "name": "35685",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35685"
          },
          {
            "name": "ADV-2009-1076",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/1076"
          },
          {
            "name": "34756",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34756"
          },
          {
            "name": "34291",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34291"
          },
          {
            "name": "34755",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34755"
          },
          {
            "name": "34852",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34852"
          },
          {
            "name": "SUSE-SR:2009:012",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
          },
          {
            "name": "FEDORA-2009-6973",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html"
          },
          {
            "name": "34959",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34959"
          },
          {
            "name": "oval:org.mitre.oval:def:11323",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11323"
          },
          {
            "name": "34746",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34746"
          },
          {
            "name": "RHSA-2009:0429",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html"
          },
          {
            "name": "1022073",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1022073"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-04-16T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple \"input validation flaws\" in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allow remote attackers to execute arbitrary code via a crafted PDF file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-28T12:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "DSA-1793",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2009/dsa-1793"
        },
        {
          "name": "34963",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34963"
        },
        {
          "name": "DSA-1790",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2009/dsa-1790"
        },
        {
          "name": "35037",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35037"
        },
        {
          "name": "ADV-2009-1077",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/1077"
        },
        {
          "name": "35064",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35064"
        },
        {
          "name": "ADV-2009-1066",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/1066"
        },
        {
          "name": "34481",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34481"
        },
        {
          "name": "SSA:2009-129-01",
          "tags": [
            "vendor-advisory",
            "x_refsource_SLACKWARE"
          ],
          "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477"
        },
        {
          "name": "RHSA-2009:0431",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html"
        },
        {
          "name": "ADV-2009-1065",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/1065"
        },
        {
          "name": "RHSA-2009:0430",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html"
        },
        {
          "name": "FEDORA-2009-6972",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html"
        },
        {
          "name": "35618",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35618"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=495887"
        },
        {
          "name": "35065",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35065"
        },
        {
          "name": "RHSA-2009:0480",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://poppler.freedesktop.org/releases.html"
        },
        {
          "name": "34568",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/34568"
        },
        {
          "name": "MDVSA-2011:175",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
        },
        {
          "name": "VU#196617",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/196617"
        },
        {
          "name": "ADV-2010-1040",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/1040"
        },
        {
          "name": "SUSE-SA:2009:024",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html"
        },
        {
          "name": "RHSA-2009:0458",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html"
        },
        {
          "name": "FEDORA-2009-6982",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html"
        },
        {
          "name": "34991",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34991"
        },
        {
          "name": "MDVSA-2009:101",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101"
        },
        {
          "name": "MDVSA-2010:087",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
        },
        {
          "name": "SUSE-SR:2009:010",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
        },
        {
          "name": "35685",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35685"
        },
        {
          "name": "ADV-2009-1076",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/1076"
        },
        {
          "name": "34756",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34756"
        },
        {
          "name": "34291",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34291"
        },
        {
          "name": "34755",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34755"
        },
        {
          "name": "34852",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34852"
        },
        {
          "name": "SUSE-SR:2009:012",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
        },
        {
          "name": "FEDORA-2009-6973",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html"
        },
        {
          "name": "34959",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34959"
        },
        {
          "name": "oval:org.mitre.oval:def:11323",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11323"
        },
        {
          "name": "34746",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34746"
        },
        {
          "name": "RHSA-2009:0429",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html"
        },
        {
          "name": "1022073",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1022073"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2009-0800",
    "datePublished": "2009-04-23T17:00:00",
    "dateReserved": "2009-03-04T00:00:00",
    "dateUpdated": "2024-08-07T04:48:52.150Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2009-3608 (GCVE-0-2009-3608)
Vulnerability from cvelistv5
Published
2009-10-21 17:00
Modified
2024-08-07 06:31
Severity ?
CWE
  • n/a
Summary
Integer overflow in the ObjectStream::ObjectStream function in XRef.cc in Xpdf 3.x before 3.02pl4 and Poppler before 0.12.1, as used in GPdf, kdegraphics KPDF, CUPS pdftops, and teTeX, might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow.
References
http://secunia.com/advisories/39938 third-party-advisory, x_refsource_SECUNIA
https://rhn.redhat.com/errata/RHSA-2009-1504.html vendor-advisory, x_refsource_REDHAT
ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl4.patch x_refsource_CONFIRM
http://www.debian.org/security/2009/dsa-1941 vendor-advisory, x_refsource_DEBIAN
http://www.mandriva.com/security/advisories?name=MDVSA-2009:287 vendor-advisory, x_refsource_MANDRIVA
https://bugzilla.redhat.com/show_bug.cgi?id=526637 x_refsource_CONFIRM
http://www.openwall.com/lists/oss-security/2009/12/01/6 mailing-list, x_refsource_MLIST
http://secunia.com/advisories/37028 third-party-advisory, x_refsource_SECUNIA
http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035408.html vendor-advisory, x_refsource_FEDORA
https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00750.html vendor-advisory, x_refsource_FEDORA
http://poppler.freedesktop.org/ x_refsource_CONFIRM
https://rhn.redhat.com/errata/RHSA-2009-1501.html vendor-advisory, x_refsource_REDHAT
http://secunia.com/advisories/37079 third-party-advisory, x_refsource_SECUNIA
http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html vendor-advisory, x_refsource_SUSE
http://www.debian.org/security/2010/dsa-2028 vendor-advisory, x_refsource_DEBIAN
http://www.debian.org/security/2010/dsa-2050 vendor-advisory, x_refsource_DEBIAN
http://www.openwall.com/lists/oss-security/2009/12/01/1 mailing-list, x_refsource_MLIST
http://secunia.com/advisories/37159 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/37054 third-party-advisory, x_refsource_SECUNIA
http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035340.html vendor-advisory, x_refsource_FEDORA
http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1 vendor-advisory, x_refsource_SUNALERT
https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00784.html vendor-advisory, x_refsource_FEDORA
https://rhn.redhat.com/errata/RHSA-2009-1512.html vendor-advisory, x_refsource_REDHAT
http://secunia.com/advisories/37114 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/37077 third-party-advisory, x_refsource_SECUNIA
http://securitytracker.com/id?1023029 vdb-entry, x_refsource_SECTRACK
https://rhn.redhat.com/errata/RHSA-2009-1503.html vendor-advisory, x_refsource_REDHAT
http://www.vupen.com/english/advisories/2009/2926 vdb-entry, x_refsource_VUPEN
http://www.mandriva.com/security/advisories?name=MDVSA-2011:175 vendor-advisory, x_refsource_MANDRIVA
http://secunia.com/advisories/37037 third-party-advisory, x_refsource_SECUNIA
http://www.ubuntu.com/usn/USN-850-3 vendor-advisory, x_refsource_UBUNTU
http://www.vupen.com/english/advisories/2010/0802 vdb-entry, x_refsource_VUPEN
https://rhn.redhat.com/errata/RHSA-2009-1502.html vendor-advisory, x_refsource_REDHAT
http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035399.html vendor-advisory, x_refsource_FEDORA
https://exchange.xforce.ibmcloud.com/vulnerabilities/53794 vdb-entry, x_refsource_XF
http://www.vupen.com/english/advisories/2009/2928 vdb-entry, x_refsource_VUPEN
https://rhn.redhat.com/errata/RHSA-2009-1513.html vendor-advisory, x_refsource_REDHAT
http://secunia.com/advisories/37034 third-party-advisory, x_refsource_SECUNIA
http://www.openwall.com/lists/oss-security/2009/12/01/5 mailing-list, x_refsource_MLIST
http://www.vupen.com/english/advisories/2009/2924 vdb-entry, x_refsource_VUPEN
http://secunia.com/advisories/37051 third-party-advisory, x_refsource_SECUNIA
http://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1 vendor-advisory, x_refsource_SUNALERT
http://www.vupen.com/english/advisories/2010/1220 vdb-entry, x_refsource_VUPEN
http://www.ubuntu.com/usn/USN-850-1 vendor-advisory, x_refsource_UBUNTU
http://secunia.com/advisories/37053 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/37061 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/39327 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/37043 third-party-advisory, x_refsource_SECUNIA
http://www.ocert.org/advisories/ocert-2009-016.html x_refsource_MISC
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9536 vdb-entry, signature, x_refsource_OVAL
http://www.securityfocus.com/bid/36703 vdb-entry, x_refsource_BID
http://www.vupen.com/english/advisories/2009/2925 vdb-entry, x_refsource_VUPEN
http://www.mandriva.com/security/advisories?name=MDVSA-2009:334 vendor-advisory, x_refsource_MANDRIVA
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T06:31:10.520Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "39938",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/39938"
          },
          {
            "name": "RHSA-2009:1504",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://rhn.redhat.com/errata/RHSA-2009-1504.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl4.patch"
          },
          {
            "name": "DSA-1941",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2009/dsa-1941"
          },
          {
            "name": "MDVSA-2009:287",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:287"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=526637"
          },
          {
            "name": "[oss-security] 20091201 Re: Need more information on recent poppler issues",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2009/12/01/6"
          },
          {
            "name": "37028",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/37028"
          },
          {
            "name": "FEDORA-2010-1377",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035408.html"
          },
          {
            "name": "FEDORA-2009-10823",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00750.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://poppler.freedesktop.org/"
          },
          {
            "name": "RHSA-2009:1501",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://rhn.redhat.com/errata/RHSA-2009-1501.html"
          },
          {
            "name": "37079",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/37079"
          },
          {
            "name": "SUSE-SR:2009:018",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html"
          },
          {
            "name": "DSA-2028",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2010/dsa-2028"
          },
          {
            "name": "DSA-2050",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2010/dsa-2050"
          },
          {
            "name": "[oss-security] 20091130 Need more information on recent poppler issues",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2009/12/01/1"
          },
          {
            "name": "37159",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/37159"
          },
          {
            "name": "37054",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/37054"
          },
          {
            "name": "FEDORA-2010-1805",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035340.html"
          },
          {
            "name": "1021706",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1"
          },
          {
            "name": "FEDORA-2009-10845",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00784.html"
          },
          {
            "name": "RHSA-2009:1512",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://rhn.redhat.com/errata/RHSA-2009-1512.html"
          },
          {
            "name": "37114",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/37114"
          },
          {
            "name": "37077",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/37077"
          },
          {
            "name": "1023029",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1023029"
          },
          {
            "name": "RHSA-2009:1503",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://rhn.redhat.com/errata/RHSA-2009-1503.html"
          },
          {
            "name": "ADV-2009-2926",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/2926"
          },
          {
            "name": "MDVSA-2011:175",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
          },
          {
            "name": "37037",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/37037"
          },
          {
            "name": "USN-850-3",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-850-3"
          },
          {
            "name": "ADV-2010-0802",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/0802"
          },
          {
            "name": "RHSA-2009:1502",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://rhn.redhat.com/errata/RHSA-2009-1502.html"
          },
          {
            "name": "FEDORA-2010-1842",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035399.html"
          },
          {
            "name": "xpdf-objectstream-bo(53794)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53794"
          },
          {
            "name": "ADV-2009-2928",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/2928"
          },
          {
            "name": "RHSA-2009:1513",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://rhn.redhat.com/errata/RHSA-2009-1513.html"
          },
          {
            "name": "37034",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/37034"
          },
          {
            "name": "[oss-security] 20091130 Re: Need more information on recent poppler issues",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2009/12/01/5"
          },
          {
            "name": "ADV-2009-2924",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/2924"
          },
          {
            "name": "37051",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/37051"
          },
          {
            "name": "274030",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1"
          },
          {
            "name": "ADV-2010-1220",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/1220"
          },
          {
            "name": "USN-850-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-850-1"
          },
          {
            "name": "37053",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/37053"
          },
          {
            "name": "37061",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/37061"
          },
          {
            "name": "39327",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/39327"
          },
          {
            "name": "37043",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/37043"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.ocert.org/advisories/ocert-2009-016.html"
          },
          {
            "name": "oval:org.mitre.oval:def:9536",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9536"
          },
          {
            "name": "36703",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/36703"
          },
          {
            "name": "ADV-2009-2925",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/2925"
          },
          {
            "name": "MDVSA-2009:334",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:334"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-10-15T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Integer overflow in the ObjectStream::ObjectStream function in XRef.cc in Xpdf 3.x before 3.02pl4 and Poppler before 0.12.1, as used in GPdf, kdegraphics KPDF, CUPS pdftops, and teTeX, might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-18T12:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "39938",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/39938"
        },
        {
          "name": "RHSA-2009:1504",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://rhn.redhat.com/errata/RHSA-2009-1504.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl4.patch"
        },
        {
          "name": "DSA-1941",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2009/dsa-1941"
        },
        {
          "name": "MDVSA-2009:287",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:287"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=526637"
        },
        {
          "name": "[oss-security] 20091201 Re: Need more information on recent poppler issues",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2009/12/01/6"
        },
        {
          "name": "37028",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/37028"
        },
        {
          "name": "FEDORA-2010-1377",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035408.html"
        },
        {
          "name": "FEDORA-2009-10823",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00750.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://poppler.freedesktop.org/"
        },
        {
          "name": "RHSA-2009:1501",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://rhn.redhat.com/errata/RHSA-2009-1501.html"
        },
        {
          "name": "37079",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/37079"
        },
        {
          "name": "SUSE-SR:2009:018",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html"
        },
        {
          "name": "DSA-2028",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2010/dsa-2028"
        },
        {
          "name": "DSA-2050",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2010/dsa-2050"
        },
        {
          "name": "[oss-security] 20091130 Need more information on recent poppler issues",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2009/12/01/1"
        },
        {
          "name": "37159",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/37159"
        },
        {
          "name": "37054",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/37054"
        },
        {
          "name": "FEDORA-2010-1805",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035340.html"
        },
        {
          "name": "1021706",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1"
        },
        {
          "name": "FEDORA-2009-10845",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00784.html"
        },
        {
          "name": "RHSA-2009:1512",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://rhn.redhat.com/errata/RHSA-2009-1512.html"
        },
        {
          "name": "37114",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/37114"
        },
        {
          "name": "37077",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/37077"
        },
        {
          "name": "1023029",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1023029"
        },
        {
          "name": "RHSA-2009:1503",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://rhn.redhat.com/errata/RHSA-2009-1503.html"
        },
        {
          "name": "ADV-2009-2926",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/2926"
        },
        {
          "name": "MDVSA-2011:175",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
        },
        {
          "name": "37037",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/37037"
        },
        {
          "name": "USN-850-3",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-850-3"
        },
        {
          "name": "ADV-2010-0802",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/0802"
        },
        {
          "name": "RHSA-2009:1502",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://rhn.redhat.com/errata/RHSA-2009-1502.html"
        },
        {
          "name": "FEDORA-2010-1842",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035399.html"
        },
        {
          "name": "xpdf-objectstream-bo(53794)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53794"
        },
        {
          "name": "ADV-2009-2928",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/2928"
        },
        {
          "name": "RHSA-2009:1513",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://rhn.redhat.com/errata/RHSA-2009-1513.html"
        },
        {
          "name": "37034",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/37034"
        },
        {
          "name": "[oss-security] 20091130 Re: Need more information on recent poppler issues",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2009/12/01/5"
        },
        {
          "name": "ADV-2009-2924",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/2924"
        },
        {
          "name": "37051",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/37051"
        },
        {
          "name": "274030",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1"
        },
        {
          "name": "ADV-2010-1220",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/1220"
        },
        {
          "name": "USN-850-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-850-1"
        },
        {
          "name": "37053",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/37053"
        },
        {
          "name": "37061",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/37061"
        },
        {
          "name": "39327",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/39327"
        },
        {
          "name": "37043",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/37043"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.ocert.org/advisories/ocert-2009-016.html"
        },
        {
          "name": "oval:org.mitre.oval:def:9536",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9536"
        },
        {
          "name": "36703",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/36703"
        },
        {
          "name": "ADV-2009-2925",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/2925"
        },
        {
          "name": "MDVSA-2009:334",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:334"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2009-3608",
    "datePublished": "2009-10-21T17:00:00",
    "dateReserved": "2009-10-09T00:00:00",
    "dateUpdated": "2024-08-07T06:31:10.520Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2017-2818 (GCVE-0-2017-2818)
Vulnerability from cvelistv5
Published
2017-07-12 17:00
Modified
2024-09-17 04:29
CWE
  • heap overflow
Summary
An exploitable heap overflow vulnerability exists in the image rendering functionality of Poppler 0.53.0. A specifically crafted PDF can cause an overly large number of color components during image rendering, resulting in heap corruption. An attacker controlled PDF file can be used to trigger this vulnerability.
References
Impacted products
Vendor Product Version
Poppler Poppler Version: 0.53.0
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T14:02:07.753Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "99497",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/99497"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2017-0319"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Poppler",
          "vendor": "Poppler",
          "versions": [
            {
              "status": "affected",
              "version": "0.53.0"
            }
          ]
        }
      ],
      "datePublic": "2017-07-11T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "An exploitable heap overflow vulnerability exists in the image rendering functionality of Poppler 0.53.0. A specifically crafted PDF can cause an overly large number of color components during image rendering, resulting in heap corruption. An attacker controlled PDF file can be used to trigger this vulnerability."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "heap overflow",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-04-19T18:22:47",
        "orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
        "shortName": "talos"
      },
      "references": [
        {
          "name": "99497",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/99497"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2017-0319"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "talos-cna@cisco.com",
          "DATE_PUBLIC": "2017-07-11T00:00:00",
          "ID": "CVE-2017-2818",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Poppler",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "0.53.0"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Poppler"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An exploitable heap overflow vulnerability exists in the image rendering functionality of Poppler 0.53.0. A specifically crafted PDF can cause an overly large number of color components during image rendering, resulting in heap corruption. An attacker controlled PDF file can be used to trigger this vulnerability."
            }
          ]
        },
        "impact": {
          "cvss": {
            "baseScore": 7.5,
            "baseSeverity": "High",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "heap overflow"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "99497",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/99497"
            },
            {
              "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2017-0319",
              "refsource": "MISC",
              "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2017-0319"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
    "assignerShortName": "talos",
    "cveId": "CVE-2017-2818",
    "datePublished": "2017-07-12T17:00:00Z",
    "dateReserved": "2016-12-01T00:00:00",
    "dateUpdated": "2024-09-17T04:29:31.861Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}