Vulnerabilites related to poppler - poppler
Vulnerability from fkie_nvd
Published
2009-10-21 17:30
Modified
2025-04-09 00:30
Severity ?
Summary
Integer overflow in the SplashBitmap::SplashBitmap function in Xpdf 3.x before 3.02pl4 and Poppler before 0.12.1 might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow. NOTE: some of these details are obtained from third party information. NOTE: this issue reportedly exists because of an incomplete fix for CVE-2009-1188.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:foolabs:xpdf:3.02pl1:*:*:*:*:*:*:*", "matchCriteriaId": "0BC500DA-7B3F-4CD5-BB0E-B244000CD19D", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:3.02pl2:*:*:*:*:*:*:*", "matchCriteriaId": "9D5D9CEA-0707-46FC-AEC3-9EC540B22BC3", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:3.02pl3:*:*:*:*:*:*:*", "matchCriteriaId": "BD38AC59-7518-40FB-BC29-EC64142DE682", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.00:*:*:*:*:*:*:*", "matchCriteriaId": "15D08CFD-BEE1-4DEE-926D-F4291F88224D", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.01:*:*:*:*:*:*:*", "matchCriteriaId": "D244903F-5407-4C35-AE2C-1A05D3C227D4", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.02:*:*:*:*:*:*:*", "matchCriteriaId": "F7D4E256-FF91-47BA-B1D4-940FB2D970AF", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:*:*:*:*:*:*:*:*", "matchCriteriaId": "C16CA37E-F28E-47E6-B77B-4CB0A859F831", "versionEndIncluding": "0.12.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.1:*:*:*:*:*:*:*", "matchCriteriaId": "E23EBF88-10DE-4EA6-9F0E-F33C88541F65", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "54F75CFD-3523-4017-992C-4FA6406D49F2", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "DB116A19-6436-40BE-B5C6-32C22D888B9A", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "8A4C1429-593B-47B6-AC84-832F2296FAB5", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "18240BA6-3390-4925-AC25-DA4C42397CF7", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "3090A142-2240-4A8D-A122-C037931A277C", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "EFD63240-4599-4212-8AF2-7C4089CA9D28", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "3C7EE965-EE3F-4B17-AF38-FA3AA0B11164", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "7BE488E5-B3D9-4723-ABBA-A8753EC2DA2D", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "1259C59E-517F-40BE-8BA6-01AB76257C9A", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "63C92F1C-3005-4EA6-B9C0-2BC2E3D611D6", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "576152B4-9ACD-4C4E-B423-4A5EF44332D0", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.4:*:*:*:*:*:*:*", "matchCriteriaId": "322F9E62-6A74-4805-8F6B-9C61739B2D4E", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "F51C453F-6A87-49FB-83F6-22316F28161F", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "75F532F0-6653-4275-A85A-BD9A9A611E96", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "4CC7300E-0CBE-47FD-A241-B4B4F0164EBB", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "255102DA-A2C0-4795-9539-B4CBD587554A", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "349B06F1-772A-4A12-A7B9-EA220ED96D2C", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.9:*:*:*:*:*:*:*", "matchCriteriaId": "B779800A-FF4B-47DD-B56F-77D10D6A335C", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "178680C2-DB1B-4250-9B6E-6ADABA60DE44", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "FCA9036F-92DA-45C2-9FBC-DE03444D34F1", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "B6855B98-DAA2-4850-A765-2F4D6D93A424", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "4743EC55-B61D-4C1A-9ED7-060268F2DB27", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.6.4:*:*:*:*:*:*:*", "matchCriteriaId": "8CD4454E-3D2B-4582-B5E5-0317A6417654", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.7.0:*:*:*:*:*:*:*", "matchCriteriaId": "96402B67-A7A8-44E3-914E-A10A69FAD735", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "66C608C8-F382-4D6B-A638-98763C1CBB66", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.7.2:*:*:*:*:*:*:*", "matchCriteriaId": "21F0F4E0-91B7-4B1F-BFA9-829101A7F90A", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.7.3:*:*:*:*:*:*:*", "matchCriteriaId": "22287102-80B1-4E1F-85E4-488B020A51E0", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.0:*:*:*:*:*:*:*", "matchCriteriaId": "FF3030D6-DE07-418B-AB40-87C85FCA3C58", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.1:*:*:*:*:*:*:*", "matchCriteriaId": "D3583D56-F653-457A-B1F8-25842A15CB82", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.2:*:*:*:*:*:*:*", "matchCriteriaId": "6EEA5DBB-5A80-439E-A135-77CB40772916", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.3:*:*:*:*:*:*:*", "matchCriteriaId": "D4A5C43B-3978-4D0A-8166-A99622106781", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.4:*:*:*:*:*:*:*", "matchCriteriaId": "2A940AF2-A7CA-408F-86E2-797C7BA8A6BD", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.6:*:*:*:*:*:*:*", "matchCriteriaId": "AA56CB7C-E7B3-4F0B-8BEB-F133FAF0D6FC", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.7:*:*:*:*:*:*:*", "matchCriteriaId": "6323ED7A-6FE8-4885-B743-3E2F82ECA08B", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.9.0:*:*:*:*:*:*:*", "matchCriteriaId": "90D3345C-2D35-413C-B6F9-C308BC7C2AA6", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.9.1:*:*:*:*:*:*:*", "matchCriteriaId": "26216EEC-26B7-41C8-ADFB-64D2EA8DAA8F", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.9.2:*:*:*:*:*:*:*", "matchCriteriaId": "A9D3618D-A183-4B09-9CA2-8D622C3486DD", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.9.3:*:*:*:*:*:*:*", "matchCriteriaId": "A88294D9-563E-4AB3-9FE6-971F43B052B4", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.0:*:*:*:*:*:*:*", "matchCriteriaId": "1A39F672-B238-4B21-A48E-5121771949F3", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.1:*:*:*:*:*:*:*", "matchCriteriaId": "58A5D199-E952-44B5-B5E5-170040FA813E", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.2:*:*:*:*:*:*:*", "matchCriteriaId": "349B4B75-32E2-49FB-9606-8B057AFA2E3E", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.3:*:*:*:*:*:*:*", "matchCriteriaId": "55A8D058-224E-467E-AB61-06F90B541F24", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.4:*:*:*:*:*:*:*", "matchCriteriaId": "77C47EDD-2212-4259-8229-FF05E1A7B5AD", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.5:*:*:*:*:*:*:*", "matchCriteriaId": "C52995D0-0986-427F-B37D-2F6726EA330D", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.6:*:*:*:*:*:*:*", "matchCriteriaId": "7E4427C5-DBF0-4EF9-8B7A-61D56C14E3FB", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.7:*:*:*:*:*:*:*", "matchCriteriaId": "B91206CA-7EBE-4E64-9A49-D7EC0D051012", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.11.0:*:*:*:*:*:*:*", "matchCriteriaId": "BFD43644-7F02-42AF-8EC3-C326A13E2F89", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.11.1:*:*:*:*:*:*:*", "matchCriteriaId": "81FE2E6F-44B2-42D5-B986-D1FE2B510968", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.11.2:*:*:*:*:*:*:*", "matchCriteriaId": "0A605079-3705-4E2C-8F6D-C21B4D875817", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.11.3:*:*:*:*:*:*:*", "matchCriteriaId": "3ABBD590-8092-4920-BBC7-F3ACB9CCC900", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Integer overflow in the SplashBitmap::SplashBitmap function in Xpdf 3.x before 3.02pl4 and Poppler before 0.12.1 might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow. NOTE: some of these details are obtained from third party information. NOTE: this issue reportedly exists because of an incomplete fix for CVE-2009-1188." }, { "lang": "es", "value": "Desbordamiento de entero en la funci\u00f3n SplashBitmap::SplashBitmap en Xpdf v3.x anterior a v3.02pl4 y Poppler anteior a v0.12.1, podr\u00eda permitir a atacantes remotos la ejecuci\u00f3n de c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un documento PDF manipulado que provoca un un desbordamiento de b\u00fafer basado en memoria din\u00e1mica (heap). NOTA: algunos detalles han sido obtenidos a partir de informaci\u00f3n de terceros. Esta vulnerabilidad existe por un correcci\u00f3n incompleta de CVE-2009-1188." } ], "id": "CVE-2009-3603", "lastModified": "2025-04-09T00:30:58.490", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2009-10-21T17:30:00.280", "references": [ { "source": "secalert@redhat.com", "tags": [ "Patch" ], "url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl4.patch" }, { "source": "secalert@redhat.com", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035340.html" }, { "source": "secalert@redhat.com", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035399.html" }, { "source": "secalert@redhat.com", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035408.html" }, { "source": "secalert@redhat.com", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://poppler.freedesktop.org/" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/37034" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/37053" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/37054" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/37114" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/37159" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/39327" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/39938" }, { "source": "secalert@redhat.com", "url": "http://securitytracker.com/id?1023029" }, { "source": "secalert@redhat.com", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1" }, { "source": "secalert@redhat.com", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2010/dsa-2028" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2010/dsa-2050" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:287" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175" }, { "source": "secalert@redhat.com", "tags": [ "Exploit", "Patch" ], "url": "http://www.securityfocus.com/bid/36703" }, { "source": "secalert@redhat.com", "url": "http://www.ubuntu.com/usn/USN-850-1" }, { "source": "secalert@redhat.com", "url": "http://www.ubuntu.com/usn/USN-850-3" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/2924" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/2925" }, { "source": "secalert@redhat.com", "url": "http://www.vupen.com/english/advisories/2010/0802" }, { "source": "secalert@redhat.com", "url": "http://www.vupen.com/english/advisories/2010/1040" }, { "source": "secalert@redhat.com", "url": "http://www.vupen.com/english/advisories/2010/1220" }, { "source": "secalert@redhat.com", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=526915" }, { "source": "secalert@redhat.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53793" }, { "source": "secalert@redhat.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9671" }, { "source": "secalert@redhat.com", "url": "https://rhn.redhat.com/errata/RHSA-2009-1504.html" }, { "source": "secalert@redhat.com", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00750.html" }, { "source": "secalert@redhat.com", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00784.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl4.patch" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035340.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035399.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035408.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://poppler.freedesktop.org/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/37034" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/37053" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/37054" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/37114" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/37159" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/39327" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/39938" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securitytracker.com/id?1023029" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2010/dsa-2028" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2010/dsa-2050" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:287" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Patch" ], "url": "http://www.securityfocus.com/bid/36703" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ubuntu.com/usn/USN-850-1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ubuntu.com/usn/USN-850-3" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/2924" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/2925" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2010/0802" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2010/1040" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2010/1220" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=526915" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53793" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9671" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://rhn.redhat.com/errata/RHSA-2009-1504.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00750.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00784.html" } ], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-189" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2009-04-23 17:30
Modified
2025-04-09 00:30
Severity ?
Summary
The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to execute arbitrary code via a crafted PDF file that triggers a free of invalid data.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:foolabs:xpdf:0.5a:*:*:*:*:*:*:*", "matchCriteriaId": "B8ABE533-8FC1-45E6-B574-A4CC7571EF7C", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.7a:*:*:*:*:*:*:*", "matchCriteriaId": "1B02805E-7BD0-4563-82C8-6FFB982D4913", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.91a:*:*:*:*:*:*:*", "matchCriteriaId": "852F526D-F388-4FF0-BDD9-DF7635DB46D8", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.91b:*:*:*:*:*:*:*", "matchCriteriaId": "478D53EA-CC8C-4ECB-8410-0910505AD819", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.91c:*:*:*:*:*:*:*", "matchCriteriaId": "8C84FB90-FF1C-4502-B2D2-390438DD422F", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.92a:*:*:*:*:*:*:*", "matchCriteriaId": "13341DAE-D16D-41A7-BF17-FEC802997B15", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.92b:*:*:*:*:*:*:*", "matchCriteriaId": "3E30BAEA-231C-4A82-B014-9EE3D1E81545", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.92c:*:*:*:*:*:*:*", "matchCriteriaId": "FE1DE5A5-6448-43F6-A612-56998D16E6B9", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.92d:*:*:*:*:*:*:*", "matchCriteriaId": "35F84699-D4CF-4FD1-A959-53E316559EBE", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.92e:*:*:*:*:*:*:*", "matchCriteriaId": "D820DFD5-0EF9-4C9A-B281-D553A4F63141", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.93a:*:*:*:*:*:*:*", "matchCriteriaId": "E2EFC7E4-E513-42DB-BDA5-8D1E497971DD", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.93b:*:*:*:*:*:*:*", "matchCriteriaId": "0AA5CDDC-BFDE-4C5E-920F-5DA1B3C51B52", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.93c:*:*:*:*:*:*:*", "matchCriteriaId": "F4CF839D-D034-4D47-977F-7E27B36EF04F", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:1.00a:*:*:*:*:*:*:*", "matchCriteriaId": "F3B3E8A4-14FE-42DA-B82E-839B092B5302", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:*:*:*:*:*:*:*:*", "matchCriteriaId": "32628280-E2DB-45E0-AB8A-CFC90419A182", "versionEndIncluding": "3.02", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.2:*:*:*:*:*:*:*", "matchCriteriaId": "DEF5EC54-9145-4B51-8241-C9343160BF80", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.3:*:*:*:*:*:*:*", "matchCriteriaId": "D33C2C1D-C1C1-4B1D-BDC8-6480CE8EC24B", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.4:*:*:*:*:*:*:*", "matchCriteriaId": "D1344DF7-9917-4DB0-9256-9E8131C55B0A", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.5:*:*:*:*:*:*:*", "matchCriteriaId": "309F0CF2-4AF7-4F46-91EA-39BA07BAF312", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.6:*:*:*:*:*:*:*", "matchCriteriaId": "36FA872B-74B8-48E4-9D5C-5ACA6FCB8026", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.7:*:*:*:*:*:*:*", "matchCriteriaId": "20311EDE-0E34-432A-AE41-F61EA68F134A", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.80:*:*:*:*:*:*:*", "matchCriteriaId": "16FEF460-3569-4294-ABA4-D7C251D67071", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.90:*:*:*:*:*:*:*", "matchCriteriaId": "BB41E8C2-BBCC-48CB-805B-23411D39E936", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.91:*:*:*:*:*:*:*", "matchCriteriaId": "16670F8A-E70B-4CDF-8C61-414D86E20C84", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.92:*:*:*:*:*:*:*", "matchCriteriaId": "69483A91-53DB-4736-908F-7B14EFB40888", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.93:*:*:*:*:*:*:*", "matchCriteriaId": "5B3E7962-0A95-4E7B-A983-683B02350B93", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:1.00:*:*:*:*:*:*:*", "matchCriteriaId": "BD1120B3-3372-417B-BCA0-FD515638FBFB", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:1.01:*:*:*:*:*:*:*", "matchCriteriaId": "F7397645-3225-4980-8465-28F93322B58B", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.00:*:*:*:*:*:*:*", "matchCriteriaId": "1672587F-ED28-4A8A-A6C1-AD1D6B5DF9F3", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.01:*:*:*:*:*:*:*", "matchCriteriaId": "D5A45EAF-B511-4360-A201-D588E7EEB39D", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.02:*:*:*:*:*:*:*", "matchCriteriaId": "D14637F7-DC99-4AC4-854C-DBA0B4C6BE54", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.03:*:*:*:*:*:*:*", "matchCriteriaId": "9EE03979-D564-4ABD-BEBD-E86E7C1BAF9D", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.00:*:*:*:*:*:*:*", "matchCriteriaId": "15D08CFD-BEE1-4DEE-926D-F4291F88224D", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.01:*:*:*:*:*:*:*", "matchCriteriaId": "D244903F-5407-4C35-AE2C-1A05D3C227D4", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:poppler:poppler:*:*:*:*:*:*:*:*", "matchCriteriaId": "E0299F4A-A027-430C-9A53-AFEF9022960C", "versionEndIncluding": "0.10.5", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.1:*:*:*:*:*:*:*", "matchCriteriaId": "E23EBF88-10DE-4EA6-9F0E-F33C88541F65", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "54F75CFD-3523-4017-992C-4FA6406D49F2", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "DB116A19-6436-40BE-B5C6-32C22D888B9A", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "8A4C1429-593B-47B6-AC84-832F2296FAB5", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "18240BA6-3390-4925-AC25-DA4C42397CF7", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "3090A142-2240-4A8D-A122-C037931A277C", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "EFD63240-4599-4212-8AF2-7C4089CA9D28", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "3C7EE965-EE3F-4B17-AF38-FA3AA0B11164", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "7BE488E5-B3D9-4723-ABBA-A8753EC2DA2D", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "1259C59E-517F-40BE-8BA6-01AB76257C9A", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "63C92F1C-3005-4EA6-B9C0-2BC2E3D611D6", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "576152B4-9ACD-4C4E-B423-4A5EF44332D0", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.4:*:*:*:*:*:*:*", "matchCriteriaId": "322F9E62-6A74-4805-8F6B-9C61739B2D4E", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "F51C453F-6A87-49FB-83F6-22316F28161F", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "75F532F0-6653-4275-A85A-BD9A9A611E96", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "4CC7300E-0CBE-47FD-A241-B4B4F0164EBB", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "255102DA-A2C0-4795-9539-B4CBD587554A", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "349B06F1-772A-4A12-A7B9-EA220ED96D2C", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.9:*:*:*:*:*:*:*", "matchCriteriaId": "B779800A-FF4B-47DD-B56F-77D10D6A335C", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.90:*:*:*:*:*:*:*", "matchCriteriaId": "F0213390-08FA-4E04-835B-8BE0FC61B464", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.91:*:*:*:*:*:*:*", "matchCriteriaId": "0B304657-740A-4F8D-99CD-22E283FEE6F1", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "178680C2-DB1B-4250-9B6E-6ADABA60DE44", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "FCA9036F-92DA-45C2-9FBC-DE03444D34F1", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "B6855B98-DAA2-4850-A765-2F4D6D93A424", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "4743EC55-B61D-4C1A-9ED7-060268F2DB27", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.6.4:*:*:*:*:*:*:*", "matchCriteriaId": "8CD4454E-3D2B-4582-B5E5-0317A6417654", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.7.0:*:*:*:*:*:*:*", "matchCriteriaId": "96402B67-A7A8-44E3-914E-A10A69FAD735", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "66C608C8-F382-4D6B-A638-98763C1CBB66", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.7.2:*:*:*:*:*:*:*", "matchCriteriaId": "21F0F4E0-91B7-4B1F-BFA9-829101A7F90A", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.7.3:*:*:*:*:*:*:*", "matchCriteriaId": "22287102-80B1-4E1F-85E4-488B020A51E0", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.0:*:*:*:*:*:*:*", "matchCriteriaId": "FF3030D6-DE07-418B-AB40-87C85FCA3C58", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.1:*:*:*:*:*:*:*", "matchCriteriaId": "D3583D56-F653-457A-B1F8-25842A15CB82", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.2:*:*:*:*:*:*:*", "matchCriteriaId": "6EEA5DBB-5A80-439E-A135-77CB40772916", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.3:*:*:*:*:*:*:*", "matchCriteriaId": "D4A5C43B-3978-4D0A-8166-A99622106781", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.4:*:*:*:*:*:*:*", "matchCriteriaId": "2A940AF2-A7CA-408F-86E2-797C7BA8A6BD", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.5:*:*:*:*:*:*:*", "matchCriteriaId": "8B2CD8A0-2DBA-4AC9-A97D-D4DAEB6C7A74", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.6:*:*:*:*:*:*:*", "matchCriteriaId": "AA56CB7C-E7B3-4F0B-8BEB-F133FAF0D6FC", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.7:*:*:*:*:*:*:*", "matchCriteriaId": "6323ED7A-6FE8-4885-B743-3E2F82ECA08B", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.9.0:*:*:*:*:*:*:*", "matchCriteriaId": "90D3345C-2D35-413C-B6F9-C308BC7C2AA6", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.9.1:*:*:*:*:*:*:*", "matchCriteriaId": "26216EEC-26B7-41C8-ADFB-64D2EA8DAA8F", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.9.2:*:*:*:*:*:*:*", "matchCriteriaId": "A9D3618D-A183-4B09-9CA2-8D622C3486DD", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.9.3:*:*:*:*:*:*:*", "matchCriteriaId": "A88294D9-563E-4AB3-9FE6-971F43B052B4", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.0:*:*:*:*:*:*:*", "matchCriteriaId": "1A39F672-B238-4B21-A48E-5121771949F3", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.1:*:*:*:*:*:*:*", "matchCriteriaId": "58A5D199-E952-44B5-B5E5-170040FA813E", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.2:*:*:*:*:*:*:*", "matchCriteriaId": "349B4B75-32E2-49FB-9606-8B057AFA2E3E", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.3:*:*:*:*:*:*:*", "matchCriteriaId": "55A8D058-224E-467E-AB61-06F90B541F24", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.4:*:*:*:*:*:*:*", "matchCriteriaId": "77C47EDD-2212-4259-8229-FF05E1A7B5AD", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:apple:cups:*:*:*:*:*:*:*:*", "matchCriteriaId": "B4E90153-8D18-4A50-9581-895C851F6489", "versionEndIncluding": "1.3.9", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "E4D89E03-94D0-4F7F-9A54-3021E3E5A321", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "298D6BE7-7683-4225-8DD6-4C0FC5EB48BC", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "230B77E7-B1AE-4470-859D-7B5F99749D74", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "F8FECBBD-B1A2-4F42-8A68-32AB8331BDC7", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "7B6070FC-4566-4314-940E-0AAE34B56E28", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.5:*:*:*:*:*:*:*", "matchCriteriaId": "BC691F07-8B38-4867-AB18-51F380CAEA46", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.5-1:*:*:*:*:*:*:*", "matchCriteriaId": "E943EFBF-39A7-408F-8AC5-677E83DFDBB4", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.5-2:*:*:*:*:*:*:*", "matchCriteriaId": "5EA7725A-4398-4C76-BEBF-10E56C7F34F4", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.6:*:*:*:*:*:*:*", "matchCriteriaId": "D7415295-0FBF-4946-8D99-8CB2EC391319", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.6-1:*:*:*:*:*:*:*", "matchCriteriaId": "7C702EE3-4B7C-42EA-92AA-8717807CF67C", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.6-2:*:*:*:*:*:*:*", "matchCriteriaId": "73F74581-D71C-4FEC-BA8C-85EF4C1991BD", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.6-3:*:*:*:*:*:*:*", "matchCriteriaId": "7ABCFB52-33D3-428C-B1D5-DCE504170A37", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.7:*:*:*:*:*:*:*", "matchCriteriaId": "45F03F2B-6AC3-4872-9032-293C2E9B837C", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.8:*:*:*:*:*:*:*", "matchCriteriaId": "7E02B6FB-C36D-45F3-95F3-566CA03B29A3", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.9:*:*:*:*:*:*:*", "matchCriteriaId": "96093309-A87D-48D0-84DA-446255ABF231", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.9-1:*:*:*:*:*:*:*", "matchCriteriaId": "CF67F149-614B-4507-A15F-E557A1B73423", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.10:*:*:*:*:*:*:*", "matchCriteriaId": "B4A14432-D8A1-4D19-9408-B9B4F2FC6B0A", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.10-1:*:*:*:*:*:*:*", "matchCriteriaId": "49862F77-B8DE-4AA7-AE17-B348B05AC00E", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.11:*:*:*:*:*:*:*", "matchCriteriaId": "78D7719F-03E0-4E66-A50A-F8E857A9B6AD", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.12:*:*:*:*:*:*:*", "matchCriteriaId": "F3139FDA-9476-4414-B349-7119E63FD268", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.13:*:*:*:*:*:*:*", "matchCriteriaId": "523FE78C-441F-4ACD-B9F2-3E5293E277AB", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.14:*:*:*:*:*:*:*", "matchCriteriaId": "F887B5B1-7528-4086-AE6C-134F54A93342", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.15:*:*:*:*:*:*:*", "matchCriteriaId": "0D6D24ED-0D73-4CF2-B746-6EF29F2EF56F", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.16:*:*:*:*:*:*:*", "matchCriteriaId": "E8C5C552-6276-4791-80CD-6B3EB425EF04", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.17:*:*:*:*:*:*:*", "matchCriteriaId": "8335D4E3-563D-4288-B708-A9635BCA595F", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.18:*:*:*:*:*:*:*", "matchCriteriaId": "5279D055-248A-4BD1-9FBB-0024BA16DF5B", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.19:*:*:*:*:*:*:*", "matchCriteriaId": "BF791C1D-9AF8-4F0F-8F4B-844BC9A55DFD", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.19:rc1:*:*:*:*:*:*", "matchCriteriaId": "16519855-FCB9-44A8-9C7E-116192327BAB", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.19:rc2:*:*:*:*:*:*", "matchCriteriaId": "B1D9330B-C51A-4C7D-A322-85103C64D86C", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.19:rc3:*:*:*:*:*:*", "matchCriteriaId": "2DA0C19F-95EB-429C-AF06-A2C1D5643662", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.19:rc4:*:*:*:*:*:*", "matchCriteriaId": "225CCE80-FF4B-4B39-B8BD-EB4710047524", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.19:rc5:*:*:*:*:*:*", "matchCriteriaId": "07925DD8-50C0-4908-95D1-7342A4617BBC", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.20:*:*:*:*:*:*:*", "matchCriteriaId": "48A519DB-6C6D-4094-814D-33BD5EF389BC", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.20:rc1:*:*:*:*:*:*", "matchCriteriaId": "B6ED7566-5092-4B08-97A9-B2B53117A224", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.20:rc2:*:*:*:*:*:*", "matchCriteriaId": "98DCAC0C-896F-4353-A665-5BCD0D8AEBA5", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.20:rc3:*:*:*:*:*:*", "matchCriteriaId": "E72614CD-8F70-4E07-AD83-8FDE8026CEC7", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.20:rc4:*:*:*:*:*:*", "matchCriteriaId": "48E62419-C165-4B42-8C23-E24821BD4BB4", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.20:rc5:*:*:*:*:*:*", "matchCriteriaId": "217D804B-CA56-49CE-B9EB-2A297EB1763C", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.20:rc6:*:*:*:*:*:*", "matchCriteriaId": "A41E8583-C837-4871-B4D2-FD41C78D538E", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.21:*:*:*:*:*:*:*", "matchCriteriaId": "D480C37B-0DA8-4096-80B0-5198FE589A4B", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.21:rc1:*:*:*:*:*:*", "matchCriteriaId": "74F5A83B-3C1A-49F3-A9D6-F7B9B897E447", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.21:rc2:*:*:*:*:*:*", "matchCriteriaId": "241D4183-879D-4974-BACB-A6987EDA2E7D", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.22:*:*:*:*:*:*:*", "matchCriteriaId": "96592A93-4967-4B91-BCF7-558DC472E7BC", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.22:rc1:*:*:*:*:*:*", "matchCriteriaId": "8758715D-B973-4960-8B7D-6F9A11E73288", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.22:rc2:*:*:*:*:*:*", "matchCriteriaId": "0370E9EB-B830-4362-B83C-912579695691", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.23:*:*:*:*:*:*:*", "matchCriteriaId": "DA3EC6EE-720D-4F27-A2E1-88AE53FC41A5", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.23:rc1:*:*:*:*:*:*", "matchCriteriaId": "D644926A-C2A5-45FE-85A3-2782CE87ED86", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "0696E675-0A13-45FC-8917-845E6FF7A311", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "78BAC98C-1FE6-42A3-8B62-E3C321914F6A", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "BCC3EF2F-0140-4185-9FB3-2B595B61CDC1", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "7C36785A-F735-45C0-986B-9624AD65F0C3", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "3C1D3916-607F-44E8-9D47-93C6C0789083", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.2.5:*:*:*:*:*:*:*", "matchCriteriaId": "174613C3-A04B-4701-849B-BAA598BF4F72", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.2.6:*:*:*:*:*:*:*", "matchCriteriaId": "81C1137C-BE3D-45F9-83C9-D212107F0E14", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.2.7:*:*:*:*:*:*:*", "matchCriteriaId": "3CBC1F81-E93A-42A7-8BC8-4B903688F2E0", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.2.8:*:*:*:*:*:*:*", "matchCriteriaId": "1FA876FF-C58A-45CF-A8E8-E2068DF79421", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.2.9:*:*:*:*:*:*:*", "matchCriteriaId": "5FD78771-BD9A-4AC2-B664-B189DD288FB2", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.2.10:*:*:*:*:*:*:*", "matchCriteriaId": "50A16424-732F-4B76-A753-1642A97BC1EA", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.2.11:*:*:*:*:*:*:*", "matchCriteriaId": "E189C976-2DD2-485C-828E-7FC3DC6A8F32", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.2.12:*:*:*:*:*:*:*", "matchCriteriaId": "A86CA90F-A944-4F3E-B75F-8147125335D2", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "9FAFABDC-E40F-4C53-AC66-94EFD077665D", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "42A2F7B3-F4A7-416E-A07F-D4C5F0768B6F", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "F96C1B80-9E20-4832-8308-BF7911569EF6", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "3F2D7DB3-F467-4BC0-83BB-4706D067A2C5", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.3.4:*:*:*:*:*:*:*", "matchCriteriaId": "ABD33C2C-7D39-4CCE-AC99-BC7B1B205A4F", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.3.5:*:*:*:*:*:*:*", "matchCriteriaId": "46C394DC-65A7-4713-B823-6F5D329A0C5C", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.3.6:*:*:*:*:*:*:*", "matchCriteriaId": "E5E9F74F-3C7D-486A-8BA1-EE2A73160B39", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.3.7:*:*:*:*:*:*:*", "matchCriteriaId": "69BD64BB-BDA7-4F82-8324-B7C7C941133C", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.3.8:*:*:*:*:*:*:*", "matchCriteriaId": "FCAEE03E-0B8A-4D10-BD4D-2DA25B7BBE16", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.3.10:*:*:*:*:*:*:*", "matchCriteriaId": "D8814509-8B08-46C6-AE50-19B7D30DCF40", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.3.11:*:*:*:*:*:*:*", "matchCriteriaId": "0718FB6B-D787-409A-B535-0318F2C63A81", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to execute arbitrary code via a crafted PDF file that triggers a free of invalid data." }, { "lang": "es", "value": "El decodificador JBIG2 en Xpdf versi\u00f3n 3.02 PL2 y anteriores, CUPS versi\u00f3n 1.3.9 y anteriores, Poppler versi\u00f3n anterior a 0.10.6, y otros productos, permite a los atacantes remotos ejecutar c\u00f3digo arbitrario por medio de un archivo PDF creado que desencadena una liberaci\u00f3n de datos no v\u00e1lidos." } ], "id": "CVE-2009-1180", "lastModified": "2025-04-09T00:30:58.490", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2009-04-23T17:30:01.767", "references": [ { "source": "secalert@redhat.com", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html" }, { "source": "secalert@redhat.com", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html" }, { "source": "secalert@redhat.com", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://poppler.freedesktop.org/releases.html" }, { "source": "secalert@redhat.com", "tags": [ "Patch" ], "url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34291" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34481" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34746" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34755" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34756" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34852" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34959" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34963" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34991" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/35037" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/35064" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/35065" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/35618" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/35685" }, { "source": "secalert@redhat.com", "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477" }, { "source": "secalert@redhat.com", "tags": [ "Patch" ], "url": "http://www.debian.org/security/2009/dsa-1790" }, { "source": "secalert@redhat.com", "tags": [ "Patch" ], "url": "http://www.debian.org/security/2009/dsa-1793" }, { "source": "secalert@redhat.com", "tags": [ "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/196617" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175" }, { "source": "secalert@redhat.com", "tags": [ "Patch" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html" }, { "source": "secalert@redhat.com", "tags": [ "Patch" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html" }, { "source": "secalert@redhat.com", "tags": [ "Patch" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html" }, { "source": "secalert@redhat.com", "tags": [ "Patch" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html" }, { "source": "secalert@redhat.com", "tags": [ "Patch" ], "url": "http://www.securityfocus.com/bid/34568" }, { "source": "secalert@redhat.com", "url": "http://www.securitytracker.com/id?1022073" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/1065" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/1066" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/1076" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/1077" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2010/1040" }, { "source": "secalert@redhat.com", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=495892" }, { "source": "secalert@redhat.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9926" }, { "source": "secalert@redhat.com", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html" }, { "source": "secalert@redhat.com", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html" }, { "source": "secalert@redhat.com", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://poppler.freedesktop.org/releases.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34291" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34481" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34746" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34755" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34756" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34852" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34959" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34963" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34991" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/35037" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/35064" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/35065" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/35618" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/35685" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.debian.org/security/2009/dsa-1790" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.debian.org/security/2009/dsa-1793" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/196617" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.securityfocus.com/bid/34568" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id?1022073" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/1065" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/1066" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/1076" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/1077" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2010/1040" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=495892" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9926" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html" } ], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-399" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2009-10-21 17:30
Modified
2025-04-09 00:30
Severity ?
Summary
The Splash::drawImage function in Splash.cc in Xpdf 2.x and 3.x before 3.02pl4, and Poppler 0.x, as used in GPdf and kdegraphics KPDF, does not properly allocate memory, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document that triggers a NULL pointer dereference or a heap-based buffer overflow.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:gnome:gpdf:*:*:*:*:*:*:*:*", "matchCriteriaId": "E4A9A98B-5E37-4938-9506-927E0C8FACB8", "vulnerable": false }, { "criteria": "cpe:2.3:a:kde:kpdf:*:*:*:*:*:*:*:*", "matchCriteriaId": "41EF2714-DEC9-407F-9D1B-EF2A4D8B4DC3", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:foolabs:xpdf:3.02pl1:*:*:*:*:*:*:*", "matchCriteriaId": "0BC500DA-7B3F-4CD5-BB0E-B244000CD19D", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:3.02pl2:*:*:*:*:*:*:*", "matchCriteriaId": "9D5D9CEA-0707-46FC-AEC3-9EC540B22BC3", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:3.02pl3:*:*:*:*:*:*:*", "matchCriteriaId": "BD38AC59-7518-40FB-BC29-EC64142DE682", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.00:*:*:*:*:*:*:*", "matchCriteriaId": "1672587F-ED28-4A8A-A6C1-AD1D6B5DF9F3", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.01:*:*:*:*:*:*:*", "matchCriteriaId": "D5A45EAF-B511-4360-A201-D588E7EEB39D", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.02:*:*:*:*:*:*:*", "matchCriteriaId": "D14637F7-DC99-4AC4-854C-DBA0B4C6BE54", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.03:*:*:*:*:*:*:*", "matchCriteriaId": "9EE03979-D564-4ABD-BEBD-E86E7C1BAF9D", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.00:*:*:*:*:*:*:*", "matchCriteriaId": "15D08CFD-BEE1-4DEE-926D-F4291F88224D", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.01:*:*:*:*:*:*:*", "matchCriteriaId": "D244903F-5407-4C35-AE2C-1A05D3C227D4", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.02:*:*:*:*:*:*:*", "matchCriteriaId": "F7D4E256-FF91-47BA-B1D4-940FB2D970AF", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.1:*:*:*:*:*:*:*", "matchCriteriaId": "E23EBF88-10DE-4EA6-9F0E-F33C88541F65", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "54F75CFD-3523-4017-992C-4FA6406D49F2", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "DB116A19-6436-40BE-B5C6-32C22D888B9A", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "8A4C1429-593B-47B6-AC84-832F2296FAB5", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "18240BA6-3390-4925-AC25-DA4C42397CF7", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "3090A142-2240-4A8D-A122-C037931A277C", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "EFD63240-4599-4212-8AF2-7C4089CA9D28", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "3C7EE965-EE3F-4B17-AF38-FA3AA0B11164", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "7BE488E5-B3D9-4723-ABBA-A8753EC2DA2D", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "1259C59E-517F-40BE-8BA6-01AB76257C9A", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "63C92F1C-3005-4EA6-B9C0-2BC2E3D611D6", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "576152B4-9ACD-4C4E-B423-4A5EF44332D0", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.4:*:*:*:*:*:*:*", "matchCriteriaId": "322F9E62-6A74-4805-8F6B-9C61739B2D4E", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "F51C453F-6A87-49FB-83F6-22316F28161F", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "75F532F0-6653-4275-A85A-BD9A9A611E96", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "4CC7300E-0CBE-47FD-A241-B4B4F0164EBB", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "255102DA-A2C0-4795-9539-B4CBD587554A", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "349B06F1-772A-4A12-A7B9-EA220ED96D2C", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.9:*:*:*:*:*:*:*", "matchCriteriaId": "B779800A-FF4B-47DD-B56F-77D10D6A335C", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.90:*:*:*:*:*:*:*", "matchCriteriaId": "F0213390-08FA-4E04-835B-8BE0FC61B464", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.91:*:*:*:*:*:*:*", "matchCriteriaId": "0B304657-740A-4F8D-99CD-22E283FEE6F1", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "178680C2-DB1B-4250-9B6E-6ADABA60DE44", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "FCA9036F-92DA-45C2-9FBC-DE03444D34F1", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "B6855B98-DAA2-4850-A765-2F4D6D93A424", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "4743EC55-B61D-4C1A-9ED7-060268F2DB27", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.6.4:*:*:*:*:*:*:*", "matchCriteriaId": "8CD4454E-3D2B-4582-B5E5-0317A6417654", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.7.0:*:*:*:*:*:*:*", "matchCriteriaId": "96402B67-A7A8-44E3-914E-A10A69FAD735", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "66C608C8-F382-4D6B-A638-98763C1CBB66", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.7.2:*:*:*:*:*:*:*", "matchCriteriaId": "21F0F4E0-91B7-4B1F-BFA9-829101A7F90A", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.7.3:*:*:*:*:*:*:*", "matchCriteriaId": "22287102-80B1-4E1F-85E4-488B020A51E0", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.0:*:*:*:*:*:*:*", "matchCriteriaId": "FF3030D6-DE07-418B-AB40-87C85FCA3C58", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.1:*:*:*:*:*:*:*", "matchCriteriaId": "D3583D56-F653-457A-B1F8-25842A15CB82", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.2:*:*:*:*:*:*:*", "matchCriteriaId": "6EEA5DBB-5A80-439E-A135-77CB40772916", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.3:*:*:*:*:*:*:*", "matchCriteriaId": "D4A5C43B-3978-4D0A-8166-A99622106781", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.4:*:*:*:*:*:*:*", "matchCriteriaId": "2A940AF2-A7CA-408F-86E2-797C7BA8A6BD", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.5:*:*:*:*:*:*:*", "matchCriteriaId": "8B2CD8A0-2DBA-4AC9-A97D-D4DAEB6C7A74", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.6:*:*:*:*:*:*:*", "matchCriteriaId": "AA56CB7C-E7B3-4F0B-8BEB-F133FAF0D6FC", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.7:*:*:*:*:*:*:*", "matchCriteriaId": "6323ED7A-6FE8-4885-B743-3E2F82ECA08B", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.9.0:*:*:*:*:*:*:*", "matchCriteriaId": "90D3345C-2D35-413C-B6F9-C308BC7C2AA6", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.9.1:*:*:*:*:*:*:*", "matchCriteriaId": "26216EEC-26B7-41C8-ADFB-64D2EA8DAA8F", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.9.2:*:*:*:*:*:*:*", "matchCriteriaId": "A9D3618D-A183-4B09-9CA2-8D622C3486DD", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.9.3:*:*:*:*:*:*:*", "matchCriteriaId": "A88294D9-563E-4AB3-9FE6-971F43B052B4", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.0:*:*:*:*:*:*:*", "matchCriteriaId": "1A39F672-B238-4B21-A48E-5121771949F3", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.1:*:*:*:*:*:*:*", "matchCriteriaId": "58A5D199-E952-44B5-B5E5-170040FA813E", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.2:*:*:*:*:*:*:*", "matchCriteriaId": "349B4B75-32E2-49FB-9606-8B057AFA2E3E", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.3:*:*:*:*:*:*:*", "matchCriteriaId": "55A8D058-224E-467E-AB61-06F90B541F24", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.4:*:*:*:*:*:*:*", "matchCriteriaId": "77C47EDD-2212-4259-8229-FF05E1A7B5AD", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.5:*:*:*:*:*:*:*", "matchCriteriaId": "C52995D0-0986-427F-B37D-2F6726EA330D", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.6:*:*:*:*:*:*:*", "matchCriteriaId": "7E4427C5-DBF0-4EF9-8B7A-61D56C14E3FB", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.7:*:*:*:*:*:*:*", "matchCriteriaId": "B91206CA-7EBE-4E64-9A49-D7EC0D051012", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.11.0:*:*:*:*:*:*:*", "matchCriteriaId": "BFD43644-7F02-42AF-8EC3-C326A13E2F89", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.11.1:*:*:*:*:*:*:*", "matchCriteriaId": "81FE2E6F-44B2-42D5-B986-D1FE2B510968", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.11.2:*:*:*:*:*:*:*", "matchCriteriaId": "0A605079-3705-4E2C-8F6D-C21B4D875817", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.11.3:*:*:*:*:*:*:*", "matchCriteriaId": "3ABBD590-8092-4920-BBC7-F3ACB9CCC900", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.12.0:*:*:*:*:*:*:*", "matchCriteriaId": "14D812D5-BC8B-4907-AA70-F8D7F982A8DD", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Splash::drawImage function in Splash.cc in Xpdf 2.x and 3.x before 3.02pl4, and Poppler 0.x, as used in GPdf and kdegraphics KPDF, does not properly allocate memory, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document that triggers a NULL pointer dereference or a heap-based buffer overflow." }, { "lang": "es", "value": "Desbordamiento de entero en la funci\u00f3n Splash.cc en Xpdf v3.02pl4 y Poppler v0.x, usado en n kdegraphics KPDF y GPdf, no asigna la memoria adecuadamente, lo que permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda de aplicaci\u00f3n) y probablemente, la ejecuci\u00f3n de c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un documento PDF manipulado que provoca un deferencia a puntero nulo o un desbordamiento de b\u00fafer basado en memoria din\u00e1mica (heap)." } ], "id": "CVE-2009-3604", "lastModified": "2025-04-09T00:30:58.490", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2009-10-21T17:30:00.313", "references": [ { "source": "secalert@redhat.com", "tags": [ "Patch" ], "url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl4.patch" }, { "source": "secalert@redhat.com", "url": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=9cf2325fb2" }, { "source": "secalert@redhat.com", "url": "http://cgit.freedesktop.org/poppler/poppler/diff/?id=284a928996\u0026id2=75c3466ba2" }, { "source": "secalert@redhat.com", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035340.html" }, { "source": "secalert@redhat.com", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035399.html" }, { "source": "secalert@redhat.com", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035408.html" }, { "source": "secalert@redhat.com", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/37023" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/37028" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/37037" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/37042" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/37043" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/37053" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/37077" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/37079" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/37114" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/37159" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/39327" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/39938" }, { "source": "secalert@redhat.com", "url": "http://securitytracker.com/id?1023029" }, { "source": "secalert@redhat.com", "tags": [ "Exploit" ], "url": "http://site.pi3.com.pl/adv/xpdf.txt" }, { "source": "secalert@redhat.com", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1" }, { "source": "secalert@redhat.com", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2010/dsa-2028" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2010/dsa-2050" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:287" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175" }, { "source": "secalert@redhat.com", "tags": [ "Exploit", "Patch" ], "url": "http://www.securityfocus.com/bid/36703" }, { "source": "secalert@redhat.com", "url": "http://www.ubuntu.com/usn/USN-850-1" }, { "source": "secalert@redhat.com", "url": "http://www.ubuntu.com/usn/USN-850-3" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/2924" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/2928" }, { "source": "secalert@redhat.com", "url": "http://www.vupen.com/english/advisories/2010/0802" }, { "source": "secalert@redhat.com", "url": "http://www.vupen.com/english/advisories/2010/1040" }, { "source": "secalert@redhat.com", "url": "http://www.vupen.com/english/advisories/2010/1220" }, { "source": "secalert@redhat.com", "tags": [ "Patch" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=526911" }, { "source": "secalert@redhat.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53795" }, { "source": "secalert@redhat.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10969" }, { "source": "secalert@redhat.com", "url": "https://rhn.redhat.com/errata/RHSA-2009-1500.html" }, { "source": "secalert@redhat.com", "url": "https://rhn.redhat.com/errata/RHSA-2009-1501.html" }, { "source": "secalert@redhat.com", "url": "https://rhn.redhat.com/errata/RHSA-2009-1502.html" }, { "source": "secalert@redhat.com", "url": "https://rhn.redhat.com/errata/RHSA-2009-1503.html" }, { "source": "secalert@redhat.com", "url": "https://rhn.redhat.com/errata/RHSA-2009-1512.html" }, { "source": "secalert@redhat.com", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00750.html" }, { "source": "secalert@redhat.com", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00784.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl4.patch" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=9cf2325fb2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://cgit.freedesktop.org/poppler/poppler/diff/?id=284a928996\u0026id2=75c3466ba2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035340.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035399.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035408.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/37023" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/37028" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/37037" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/37042" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/37043" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/37053" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/37077" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/37079" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/37114" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/37159" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/39327" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/39938" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securitytracker.com/id?1023029" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit" ], "url": "http://site.pi3.com.pl/adv/xpdf.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2010/dsa-2028" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2010/dsa-2050" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:287" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Patch" ], "url": "http://www.securityfocus.com/bid/36703" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ubuntu.com/usn/USN-850-1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ubuntu.com/usn/USN-850-3" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/2924" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/2928" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2010/0802" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2010/1040" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2010/1220" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=526911" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53795" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10969" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://rhn.redhat.com/errata/RHSA-2009-1500.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://rhn.redhat.com/errata/RHSA-2009-1501.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://rhn.redhat.com/errata/RHSA-2009-1502.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://rhn.redhat.com/errata/RHSA-2009-1503.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://rhn.redhat.com/errata/RHSA-2009-1512.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00750.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00784.html" } ], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-399" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2008-07-07 23:41
Modified
2025-04-09 00:30
Severity ?
Summary
The Page destructor in Page.cc in libpoppler in Poppler 0.8.4 and earlier deletes a pageWidgets object even if it is not initialized by a Page constructor, which allows remote attackers to execute arbitrary code via a crafted PDF document.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:poppler:poppler:*:*:*:*:*:*:*:*", "matchCriteriaId": "5739C603-4976-48C9-B28F-9E3FD9D3E2A9", "versionEndIncluding": "0.8.4", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Page destructor in Page.cc in libpoppler in Poppler 0.8.4 and earlier deletes a pageWidgets object even if it is not initialized by a Page constructor, which allows remote attackers to execute arbitrary code via a crafted PDF document." }, { "lang": "es", "value": "El destructor Page de Page.cc en libpoppler de Poppler 0.8.4 y anteriores, elimina el objeto pageWidgets incluso si \u00e9ste no ha sido iniciado por un constructor Page, esto permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante un documento PDF manipulado." } ], "id": "CVE-2008-2950", "lastModified": "2025-04-09T00:30:58.490", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2008-07-07T23:41:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00006.html" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/30963" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/31002" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/31167" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/31267" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/31405" }, { "source": "cve@mitre.org", "url": "http://security.gentoo.org/glsa/glsa-200807-04.xml" }, { "source": "cve@mitre.org", "url": "http://securityreason.com/securityalert/3977" }, { "source": "cve@mitre.org", "url": "http://wiki.rpath.com/Advisories:rPSA-2008-0223" }, { "source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:146" }, { "source": "cve@mitre.org", "url": "http://www.ocert.org/advisories/ocert-2008-007.html" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/493980/100/0/threaded" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/494142/100/0/threaded" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/30107" }, { "source": "cve@mitre.org", "url": "http://www.securitytracker.com/id?1020435" }, { "source": "cve@mitre.org", "url": "http://www.ubuntu.com/usn/usn-631-1" }, { "source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2008/2024/references" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43619" }, { "source": "cve@mitre.org", "url": "https://www.exploit-db.com/exploits/6032" }, { "source": "cve@mitre.org", "url": "https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00161.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00006.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/30963" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/31002" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/31167" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/31267" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/31405" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://security.gentoo.org/glsa/glsa-200807-04.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securityreason.com/securityalert/3977" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://wiki.rpath.com/Advisories:rPSA-2008-0223" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:146" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ocert.org/advisories/ocert-2008-007.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/493980/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/494142/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/30107" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id?1020435" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ubuntu.com/usn/usn-631-1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2008/2024/references" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43619" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.exploit-db.com/exploits/6032" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00161.html" } ], "sourceIdentifier": "cve@mitre.org", "vendorComments": [ { "comment": "Not vulnerable. This issue did not affect the versions of poppler as shipped with Red Hat Enterprise Linux 5, or other PDF parsing applications derived from the xpdf code as shipped in Red Hat Enterprise Linux 2.1, 3, 4, or 5.", "lastModified": "2008-07-08T00:00:00", "organization": "Red Hat" } ], "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-94" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2009-04-23 17:30
Modified
2025-04-09 00:30
Severity ?
Summary
The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers a free of uninitialized memory.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:foolabs:xpdf:0.5a:*:*:*:*:*:*:*", "matchCriteriaId": "B8ABE533-8FC1-45E6-B574-A4CC7571EF7C", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.7a:*:*:*:*:*:*:*", "matchCriteriaId": "1B02805E-7BD0-4563-82C8-6FFB982D4913", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.91a:*:*:*:*:*:*:*", "matchCriteriaId": "852F526D-F388-4FF0-BDD9-DF7635DB46D8", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.91b:*:*:*:*:*:*:*", "matchCriteriaId": "478D53EA-CC8C-4ECB-8410-0910505AD819", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.91c:*:*:*:*:*:*:*", "matchCriteriaId": "8C84FB90-FF1C-4502-B2D2-390438DD422F", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.92a:*:*:*:*:*:*:*", "matchCriteriaId": "13341DAE-D16D-41A7-BF17-FEC802997B15", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.92b:*:*:*:*:*:*:*", "matchCriteriaId": "3E30BAEA-231C-4A82-B014-9EE3D1E81545", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.92c:*:*:*:*:*:*:*", "matchCriteriaId": "FE1DE5A5-6448-43F6-A612-56998D16E6B9", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.92d:*:*:*:*:*:*:*", "matchCriteriaId": "35F84699-D4CF-4FD1-A959-53E316559EBE", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.92e:*:*:*:*:*:*:*", "matchCriteriaId": "D820DFD5-0EF9-4C9A-B281-D553A4F63141", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.93a:*:*:*:*:*:*:*", "matchCriteriaId": "E2EFC7E4-E513-42DB-BDA5-8D1E497971DD", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.93b:*:*:*:*:*:*:*", "matchCriteriaId": "0AA5CDDC-BFDE-4C5E-920F-5DA1B3C51B52", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.93c:*:*:*:*:*:*:*", "matchCriteriaId": "F4CF839D-D034-4D47-977F-7E27B36EF04F", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:1.00a:*:*:*:*:*:*:*", "matchCriteriaId": "F3B3E8A4-14FE-42DA-B82E-839B092B5302", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:*:*:*:*:*:*:*:*", "matchCriteriaId": "32628280-E2DB-45E0-AB8A-CFC90419A182", "versionEndIncluding": "3.02", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.2:*:*:*:*:*:*:*", "matchCriteriaId": "DEF5EC54-9145-4B51-8241-C9343160BF80", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.3:*:*:*:*:*:*:*", "matchCriteriaId": "D33C2C1D-C1C1-4B1D-BDC8-6480CE8EC24B", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.4:*:*:*:*:*:*:*", "matchCriteriaId": "D1344DF7-9917-4DB0-9256-9E8131C55B0A", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.5:*:*:*:*:*:*:*", "matchCriteriaId": "309F0CF2-4AF7-4F46-91EA-39BA07BAF312", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.6:*:*:*:*:*:*:*", "matchCriteriaId": "36FA872B-74B8-48E4-9D5C-5ACA6FCB8026", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.7:*:*:*:*:*:*:*", "matchCriteriaId": "20311EDE-0E34-432A-AE41-F61EA68F134A", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.80:*:*:*:*:*:*:*", "matchCriteriaId": "16FEF460-3569-4294-ABA4-D7C251D67071", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.90:*:*:*:*:*:*:*", "matchCriteriaId": "BB41E8C2-BBCC-48CB-805B-23411D39E936", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.91:*:*:*:*:*:*:*", "matchCriteriaId": "16670F8A-E70B-4CDF-8C61-414D86E20C84", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.92:*:*:*:*:*:*:*", "matchCriteriaId": "69483A91-53DB-4736-908F-7B14EFB40888", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.93:*:*:*:*:*:*:*", "matchCriteriaId": "5B3E7962-0A95-4E7B-A983-683B02350B93", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:1.00:*:*:*:*:*:*:*", "matchCriteriaId": "BD1120B3-3372-417B-BCA0-FD515638FBFB", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:1.01:*:*:*:*:*:*:*", "matchCriteriaId": "F7397645-3225-4980-8465-28F93322B58B", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.00:*:*:*:*:*:*:*", "matchCriteriaId": "1672587F-ED28-4A8A-A6C1-AD1D6B5DF9F3", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.01:*:*:*:*:*:*:*", "matchCriteriaId": "D5A45EAF-B511-4360-A201-D588E7EEB39D", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.02:*:*:*:*:*:*:*", "matchCriteriaId": "D14637F7-DC99-4AC4-854C-DBA0B4C6BE54", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.03:*:*:*:*:*:*:*", "matchCriteriaId": "9EE03979-D564-4ABD-BEBD-E86E7C1BAF9D", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.00:*:*:*:*:*:*:*", "matchCriteriaId": "15D08CFD-BEE1-4DEE-926D-F4291F88224D", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.01:*:*:*:*:*:*:*", "matchCriteriaId": "D244903F-5407-4C35-AE2C-1A05D3C227D4", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:poppler:poppler:*:*:*:*:*:*:*:*", "matchCriteriaId": "E0299F4A-A027-430C-9A53-AFEF9022960C", "versionEndIncluding": "0.10.5", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.1:*:*:*:*:*:*:*", "matchCriteriaId": "E23EBF88-10DE-4EA6-9F0E-F33C88541F65", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "54F75CFD-3523-4017-992C-4FA6406D49F2", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "DB116A19-6436-40BE-B5C6-32C22D888B9A", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "8A4C1429-593B-47B6-AC84-832F2296FAB5", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "18240BA6-3390-4925-AC25-DA4C42397CF7", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "3090A142-2240-4A8D-A122-C037931A277C", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "EFD63240-4599-4212-8AF2-7C4089CA9D28", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "3C7EE965-EE3F-4B17-AF38-FA3AA0B11164", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "7BE488E5-B3D9-4723-ABBA-A8753EC2DA2D", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "1259C59E-517F-40BE-8BA6-01AB76257C9A", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "63C92F1C-3005-4EA6-B9C0-2BC2E3D611D6", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "576152B4-9ACD-4C4E-B423-4A5EF44332D0", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.4:*:*:*:*:*:*:*", "matchCriteriaId": "322F9E62-6A74-4805-8F6B-9C61739B2D4E", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "F51C453F-6A87-49FB-83F6-22316F28161F", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "75F532F0-6653-4275-A85A-BD9A9A611E96", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "4CC7300E-0CBE-47FD-A241-B4B4F0164EBB", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "255102DA-A2C0-4795-9539-B4CBD587554A", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "349B06F1-772A-4A12-A7B9-EA220ED96D2C", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.9:*:*:*:*:*:*:*", "matchCriteriaId": "B779800A-FF4B-47DD-B56F-77D10D6A335C", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.90:*:*:*:*:*:*:*", "matchCriteriaId": "F0213390-08FA-4E04-835B-8BE0FC61B464", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.91:*:*:*:*:*:*:*", "matchCriteriaId": "0B304657-740A-4F8D-99CD-22E283FEE6F1", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "178680C2-DB1B-4250-9B6E-6ADABA60DE44", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "FCA9036F-92DA-45C2-9FBC-DE03444D34F1", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "B6855B98-DAA2-4850-A765-2F4D6D93A424", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "4743EC55-B61D-4C1A-9ED7-060268F2DB27", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.6.4:*:*:*:*:*:*:*", "matchCriteriaId": "8CD4454E-3D2B-4582-B5E5-0317A6417654", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.7.0:*:*:*:*:*:*:*", "matchCriteriaId": "96402B67-A7A8-44E3-914E-A10A69FAD735", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "66C608C8-F382-4D6B-A638-98763C1CBB66", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.7.2:*:*:*:*:*:*:*", "matchCriteriaId": "21F0F4E0-91B7-4B1F-BFA9-829101A7F90A", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.7.3:*:*:*:*:*:*:*", "matchCriteriaId": "22287102-80B1-4E1F-85E4-488B020A51E0", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.0:*:*:*:*:*:*:*", "matchCriteriaId": "FF3030D6-DE07-418B-AB40-87C85FCA3C58", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.1:*:*:*:*:*:*:*", "matchCriteriaId": "D3583D56-F653-457A-B1F8-25842A15CB82", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.2:*:*:*:*:*:*:*", "matchCriteriaId": "6EEA5DBB-5A80-439E-A135-77CB40772916", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.3:*:*:*:*:*:*:*", "matchCriteriaId": "D4A5C43B-3978-4D0A-8166-A99622106781", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.4:*:*:*:*:*:*:*", "matchCriteriaId": "2A940AF2-A7CA-408F-86E2-797C7BA8A6BD", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.5:*:*:*:*:*:*:*", "matchCriteriaId": "8B2CD8A0-2DBA-4AC9-A97D-D4DAEB6C7A74", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.6:*:*:*:*:*:*:*", "matchCriteriaId": "AA56CB7C-E7B3-4F0B-8BEB-F133FAF0D6FC", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.7:*:*:*:*:*:*:*", "matchCriteriaId": "6323ED7A-6FE8-4885-B743-3E2F82ECA08B", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.9.0:*:*:*:*:*:*:*", "matchCriteriaId": "90D3345C-2D35-413C-B6F9-C308BC7C2AA6", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.9.1:*:*:*:*:*:*:*", "matchCriteriaId": "26216EEC-26B7-41C8-ADFB-64D2EA8DAA8F", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.9.2:*:*:*:*:*:*:*", "matchCriteriaId": "A9D3618D-A183-4B09-9CA2-8D622C3486DD", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.9.3:*:*:*:*:*:*:*", "matchCriteriaId": "A88294D9-563E-4AB3-9FE6-971F43B052B4", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.0:*:*:*:*:*:*:*", "matchCriteriaId": "1A39F672-B238-4B21-A48E-5121771949F3", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.1:*:*:*:*:*:*:*", "matchCriteriaId": "58A5D199-E952-44B5-B5E5-170040FA813E", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.2:*:*:*:*:*:*:*", "matchCriteriaId": "349B4B75-32E2-49FB-9606-8B057AFA2E3E", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.3:*:*:*:*:*:*:*", "matchCriteriaId": "55A8D058-224E-467E-AB61-06F90B541F24", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.4:*:*:*:*:*:*:*", "matchCriteriaId": "77C47EDD-2212-4259-8229-FF05E1A7B5AD", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:apple:cups:*:*:*:*:*:*:*:*", "matchCriteriaId": "B4E90153-8D18-4A50-9581-895C851F6489", "versionEndIncluding": "1.3.9", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "E4D89E03-94D0-4F7F-9A54-3021E3E5A321", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "298D6BE7-7683-4225-8DD6-4C0FC5EB48BC", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "230B77E7-B1AE-4470-859D-7B5F99749D74", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "F8FECBBD-B1A2-4F42-8A68-32AB8331BDC7", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "7B6070FC-4566-4314-940E-0AAE34B56E28", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.5:*:*:*:*:*:*:*", "matchCriteriaId": "BC691F07-8B38-4867-AB18-51F380CAEA46", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.5-1:*:*:*:*:*:*:*", "matchCriteriaId": "E943EFBF-39A7-408F-8AC5-677E83DFDBB4", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.5-2:*:*:*:*:*:*:*", "matchCriteriaId": "5EA7725A-4398-4C76-BEBF-10E56C7F34F4", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.6:*:*:*:*:*:*:*", "matchCriteriaId": "D7415295-0FBF-4946-8D99-8CB2EC391319", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.6-1:*:*:*:*:*:*:*", "matchCriteriaId": "7C702EE3-4B7C-42EA-92AA-8717807CF67C", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.6-2:*:*:*:*:*:*:*", "matchCriteriaId": "73F74581-D71C-4FEC-BA8C-85EF4C1991BD", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.6-3:*:*:*:*:*:*:*", "matchCriteriaId": "7ABCFB52-33D3-428C-B1D5-DCE504170A37", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.7:*:*:*:*:*:*:*", "matchCriteriaId": "45F03F2B-6AC3-4872-9032-293C2E9B837C", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.8:*:*:*:*:*:*:*", "matchCriteriaId": "7E02B6FB-C36D-45F3-95F3-566CA03B29A3", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.9:*:*:*:*:*:*:*", "matchCriteriaId": "96093309-A87D-48D0-84DA-446255ABF231", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.9-1:*:*:*:*:*:*:*", "matchCriteriaId": "CF67F149-614B-4507-A15F-E557A1B73423", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.10:*:*:*:*:*:*:*", "matchCriteriaId": "B4A14432-D8A1-4D19-9408-B9B4F2FC6B0A", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.10-1:*:*:*:*:*:*:*", "matchCriteriaId": "49862F77-B8DE-4AA7-AE17-B348B05AC00E", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.11:*:*:*:*:*:*:*", "matchCriteriaId": "78D7719F-03E0-4E66-A50A-F8E857A9B6AD", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.12:*:*:*:*:*:*:*", "matchCriteriaId": "F3139FDA-9476-4414-B349-7119E63FD268", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.13:*:*:*:*:*:*:*", "matchCriteriaId": "523FE78C-441F-4ACD-B9F2-3E5293E277AB", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.14:*:*:*:*:*:*:*", "matchCriteriaId": "F887B5B1-7528-4086-AE6C-134F54A93342", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.15:*:*:*:*:*:*:*", "matchCriteriaId": "0D6D24ED-0D73-4CF2-B746-6EF29F2EF56F", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.16:*:*:*:*:*:*:*", "matchCriteriaId": "E8C5C552-6276-4791-80CD-6B3EB425EF04", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.17:*:*:*:*:*:*:*", "matchCriteriaId": "8335D4E3-563D-4288-B708-A9635BCA595F", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.18:*:*:*:*:*:*:*", "matchCriteriaId": "5279D055-248A-4BD1-9FBB-0024BA16DF5B", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.19:*:*:*:*:*:*:*", "matchCriteriaId": "BF791C1D-9AF8-4F0F-8F4B-844BC9A55DFD", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.19:rc1:*:*:*:*:*:*", "matchCriteriaId": "16519855-FCB9-44A8-9C7E-116192327BAB", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.19:rc2:*:*:*:*:*:*", "matchCriteriaId": "B1D9330B-C51A-4C7D-A322-85103C64D86C", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.19:rc3:*:*:*:*:*:*", "matchCriteriaId": "2DA0C19F-95EB-429C-AF06-A2C1D5643662", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.19:rc4:*:*:*:*:*:*", "matchCriteriaId": "225CCE80-FF4B-4B39-B8BD-EB4710047524", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.19:rc5:*:*:*:*:*:*", "matchCriteriaId": "07925DD8-50C0-4908-95D1-7342A4617BBC", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.20:*:*:*:*:*:*:*", "matchCriteriaId": "48A519DB-6C6D-4094-814D-33BD5EF389BC", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.20:rc1:*:*:*:*:*:*", "matchCriteriaId": "B6ED7566-5092-4B08-97A9-B2B53117A224", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.20:rc2:*:*:*:*:*:*", "matchCriteriaId": "98DCAC0C-896F-4353-A665-5BCD0D8AEBA5", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.20:rc3:*:*:*:*:*:*", "matchCriteriaId": "E72614CD-8F70-4E07-AD83-8FDE8026CEC7", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.20:rc4:*:*:*:*:*:*", "matchCriteriaId": "48E62419-C165-4B42-8C23-E24821BD4BB4", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.20:rc5:*:*:*:*:*:*", "matchCriteriaId": "217D804B-CA56-49CE-B9EB-2A297EB1763C", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.20:rc6:*:*:*:*:*:*", "matchCriteriaId": "A41E8583-C837-4871-B4D2-FD41C78D538E", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.21:*:*:*:*:*:*:*", "matchCriteriaId": "D480C37B-0DA8-4096-80B0-5198FE589A4B", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.21:rc1:*:*:*:*:*:*", "matchCriteriaId": "74F5A83B-3C1A-49F3-A9D6-F7B9B897E447", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.21:rc2:*:*:*:*:*:*", "matchCriteriaId": "241D4183-879D-4974-BACB-A6987EDA2E7D", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.22:*:*:*:*:*:*:*", "matchCriteriaId": "96592A93-4967-4B91-BCF7-558DC472E7BC", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.22:rc1:*:*:*:*:*:*", "matchCriteriaId": "8758715D-B973-4960-8B7D-6F9A11E73288", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.22:rc2:*:*:*:*:*:*", "matchCriteriaId": "0370E9EB-B830-4362-B83C-912579695691", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.23:*:*:*:*:*:*:*", "matchCriteriaId": "DA3EC6EE-720D-4F27-A2E1-88AE53FC41A5", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.23:rc1:*:*:*:*:*:*", "matchCriteriaId": "D644926A-C2A5-45FE-85A3-2782CE87ED86", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "0696E675-0A13-45FC-8917-845E6FF7A311", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "78BAC98C-1FE6-42A3-8B62-E3C321914F6A", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "BCC3EF2F-0140-4185-9FB3-2B595B61CDC1", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "7C36785A-F735-45C0-986B-9624AD65F0C3", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "3C1D3916-607F-44E8-9D47-93C6C0789083", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.2.5:*:*:*:*:*:*:*", "matchCriteriaId": "174613C3-A04B-4701-849B-BAA598BF4F72", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.2.6:*:*:*:*:*:*:*", "matchCriteriaId": "81C1137C-BE3D-45F9-83C9-D212107F0E14", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.2.7:*:*:*:*:*:*:*", "matchCriteriaId": "3CBC1F81-E93A-42A7-8BC8-4B903688F2E0", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.2.8:*:*:*:*:*:*:*", "matchCriteriaId": "1FA876FF-C58A-45CF-A8E8-E2068DF79421", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.2.9:*:*:*:*:*:*:*", "matchCriteriaId": "5FD78771-BD9A-4AC2-B664-B189DD288FB2", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.2.10:*:*:*:*:*:*:*", "matchCriteriaId": "50A16424-732F-4B76-A753-1642A97BC1EA", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.2.11:*:*:*:*:*:*:*", "matchCriteriaId": "E189C976-2DD2-485C-828E-7FC3DC6A8F32", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.2.12:*:*:*:*:*:*:*", "matchCriteriaId": "A86CA90F-A944-4F3E-B75F-8147125335D2", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "9FAFABDC-E40F-4C53-AC66-94EFD077665D", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "42A2F7B3-F4A7-416E-A07F-D4C5F0768B6F", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "F96C1B80-9E20-4832-8308-BF7911569EF6", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "3F2D7DB3-F467-4BC0-83BB-4706D067A2C5", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.3.4:*:*:*:*:*:*:*", "matchCriteriaId": "ABD33C2C-7D39-4CCE-AC99-BC7B1B205A4F", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.3.5:*:*:*:*:*:*:*", "matchCriteriaId": "46C394DC-65A7-4713-B823-6F5D329A0C5C", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.3.6:*:*:*:*:*:*:*", "matchCriteriaId": "E5E9F74F-3C7D-486A-8BA1-EE2A73160B39", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.3.7:*:*:*:*:*:*:*", "matchCriteriaId": "69BD64BB-BDA7-4F82-8324-B7C7C941133C", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.3.8:*:*:*:*:*:*:*", "matchCriteriaId": "FCAEE03E-0B8A-4D10-BD4D-2DA25B7BBE16", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.3.10:*:*:*:*:*:*:*", "matchCriteriaId": "D8814509-8B08-46C6-AE50-19B7D30DCF40", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.3.11:*:*:*:*:*:*:*", "matchCriteriaId": "0718FB6B-D787-409A-B535-0318F2C63A81", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers a free of uninitialized memory." }, { "lang": "es", "value": "El decodificador JBIG2 en Xpdf versi\u00f3n 3.02 PL2 y anteriores, CUPS versi\u00f3n 1.3.9 y anteriores, y otros productos permite a los atacantes remotos causar una denegaci\u00f3n de servicio (bloqueo) por medio de un archivo PDF creado que desencadena una liberaci\u00f3n de memoria no inicializada." } ], "id": "CVE-2009-0166", "lastModified": "2025-04-09T00:30:58.490", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2009-04-23T17:30:01.610", "references": [ { "source": "cve@mitre.org", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html" }, { "source": "cve@mitre.org", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html" }, { "source": "cve@mitre.org", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html" }, { "source": "cve@mitre.org", "tags": [ "Patch" ], "url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34291" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34481" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34755" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34756" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34852" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34959" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34963" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34991" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/35037" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/35064" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/35065" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/35618" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/35685" }, { "source": "cve@mitre.org", "url": "http://security.gentoo.org/glsa/glsa-200904-20.xml" }, { "source": "cve@mitre.org", "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477" }, { "source": "cve@mitre.org", "url": "http://wiki.rpath.com/Advisories:rPSA-2009-0061" }, { "source": "cve@mitre.org", "tags": [ "Patch" ], "url": "http://www.debian.org/security/2009/dsa-1790" }, { "source": "cve@mitre.org", "tags": [ "Patch" ], "url": "http://www.debian.org/security/2009/dsa-1793" }, { "source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101" }, { "source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087" }, { "source": "cve@mitre.org", "tags": [ "Patch" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html" }, { "source": "cve@mitre.org", "tags": [ "Patch" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html" }, { "source": "cve@mitre.org", "tags": [ "Patch" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html" }, { "source": "cve@mitre.org", "tags": [ "Patch" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/502750/100/0/threaded" }, { "source": "cve@mitre.org", "tags": [ "Patch" ], "url": "http://www.securityfocus.com/bid/34568" }, { "source": "cve@mitre.org", "url": "http://www.securitytracker.com/id?1022073" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/1065" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/1066" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/1077" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2010/1040" }, { "source": "cve@mitre.org", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=490625" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9778" }, { "source": "cve@mitre.org", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html" }, { "source": "cve@mitre.org", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html" }, { "source": "cve@mitre.org", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34291" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34481" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34755" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34756" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34852" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34959" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34963" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34991" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/35037" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/35064" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/35065" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/35618" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/35685" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://security.gentoo.org/glsa/glsa-200904-20.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://wiki.rpath.com/Advisories:rPSA-2009-0061" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.debian.org/security/2009/dsa-1790" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.debian.org/security/2009/dsa-1793" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/502750/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.securityfocus.com/bid/34568" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id?1022073" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/1065" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/1066" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/1077" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2010/1040" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=490625" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9778" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-399" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2009-03-03 16:30
Modified
2025-04-09 00:30
Severity ?
Summary
The FormWidgetChoice::loadDefaults function in Poppler before 0.10.4 allows remote attackers to cause a denial of service (crash) via a PDF file with an invalid Form Opt entry.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
poppler | poppler | * | |
poppler | poppler | 0.1 | |
poppler | poppler | 0.1.1 | |
poppler | poppler | 0.1.2 | |
poppler | poppler | 0.2.0 | |
poppler | poppler | 0.3.0 | |
poppler | poppler | 0.3.1 | |
poppler | poppler | 0.3.2 | |
poppler | poppler | 0.3.3 | |
poppler | poppler | 0.4.0 | |
poppler | poppler | 0.4.1 | |
poppler | poppler | 0.4.2 | |
poppler | poppler | 0.4.3 | |
poppler | poppler | 0.4.4 | |
poppler | poppler | 0.5.0 | |
poppler | poppler | 0.5.1 | |
poppler | poppler | 0.5.2 | |
poppler | poppler | 0.5.3 | |
poppler | poppler | 0.5.4 | |
poppler | poppler | 0.5.9 | |
poppler | poppler | 0.5.90 | |
poppler | poppler | 0.5.91 | |
poppler | poppler | 0.6.0 | |
poppler | poppler | 0.6.1 | |
poppler | poppler | 0.6.2 | |
poppler | poppler | 0.6.3 | |
poppler | poppler | 0.6.4 | |
poppler | poppler | 0.7.0 | |
poppler | poppler | 0.7.1 | |
poppler | poppler | 0.7.2 | |
poppler | poppler | 0.7.3 | |
poppler | poppler | 0.8.4 | |
poppler | poppler | 0.10.1 | |
poppler | poppler | 0.10.2 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:poppler:poppler:*:*:*:*:*:*:*:*", "matchCriteriaId": "D94A745A-9BB3-4EE9-AC87-CACA64FB5C81", "versionEndIncluding": "0.10.3", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.1:*:*:*:*:*:*:*", "matchCriteriaId": "E23EBF88-10DE-4EA6-9F0E-F33C88541F65", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "54F75CFD-3523-4017-992C-4FA6406D49F2", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "DB116A19-6436-40BE-B5C6-32C22D888B9A", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "8A4C1429-593B-47B6-AC84-832F2296FAB5", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "18240BA6-3390-4925-AC25-DA4C42397CF7", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "3090A142-2240-4A8D-A122-C037931A277C", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "EFD63240-4599-4212-8AF2-7C4089CA9D28", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "3C7EE965-EE3F-4B17-AF38-FA3AA0B11164", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "7BE488E5-B3D9-4723-ABBA-A8753EC2DA2D", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "1259C59E-517F-40BE-8BA6-01AB76257C9A", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "63C92F1C-3005-4EA6-B9C0-2BC2E3D611D6", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "576152B4-9ACD-4C4E-B423-4A5EF44332D0", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.4:*:*:*:*:*:*:*", "matchCriteriaId": "322F9E62-6A74-4805-8F6B-9C61739B2D4E", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "F51C453F-6A87-49FB-83F6-22316F28161F", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "75F532F0-6653-4275-A85A-BD9A9A611E96", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "4CC7300E-0CBE-47FD-A241-B4B4F0164EBB", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "255102DA-A2C0-4795-9539-B4CBD587554A", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "349B06F1-772A-4A12-A7B9-EA220ED96D2C", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.9:*:*:*:*:*:*:*", "matchCriteriaId": "B779800A-FF4B-47DD-B56F-77D10D6A335C", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.90:*:*:*:*:*:*:*", "matchCriteriaId": "F0213390-08FA-4E04-835B-8BE0FC61B464", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.91:*:*:*:*:*:*:*", "matchCriteriaId": "0B304657-740A-4F8D-99CD-22E283FEE6F1", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "178680C2-DB1B-4250-9B6E-6ADABA60DE44", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "FCA9036F-92DA-45C2-9FBC-DE03444D34F1", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "B6855B98-DAA2-4850-A765-2F4D6D93A424", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "4743EC55-B61D-4C1A-9ED7-060268F2DB27", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.6.4:*:*:*:*:*:*:*", "matchCriteriaId": "8CD4454E-3D2B-4582-B5E5-0317A6417654", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.7.0:*:*:*:*:*:*:*", "matchCriteriaId": "96402B67-A7A8-44E3-914E-A10A69FAD735", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "66C608C8-F382-4D6B-A638-98763C1CBB66", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.7.2:*:*:*:*:*:*:*", "matchCriteriaId": "21F0F4E0-91B7-4B1F-BFA9-829101A7F90A", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.7.3:*:*:*:*:*:*:*", "matchCriteriaId": "22287102-80B1-4E1F-85E4-488B020A51E0", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.4:*:*:*:*:*:*:*", "matchCriteriaId": "2A940AF2-A7CA-408F-86E2-797C7BA8A6BD", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.1:*:*:*:*:*:*:*", "matchCriteriaId": "58A5D199-E952-44B5-B5E5-170040FA813E", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.2:*:*:*:*:*:*:*", "matchCriteriaId": "349B4B75-32E2-49FB-9606-8B057AFA2E3E", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "The FormWidgetChoice::loadDefaults function in Poppler before 0.10.4 allows remote attackers to cause a denial of service (crash) via a PDF file with an invalid Form Opt entry." }, { "lang": "es", "value": "La funcion FormWidgetChoice::loadDefaults en Poppler anteriores v0.10.4 permite a atacantes remotos producir una denegacion de servicio (caida) a traves de un fichero PDF con una entrada \"Form Opt\" incorrecta." } ], "id": "CVE-2009-0755", "lastModified": "2025-04-09T00:30:58.490", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2009-03-03T16:30:05.250", "references": [ { "source": "cve@mitre.org", "url": "http://bugs.freedesktop.org/show_bug.cgi?id=19790" }, { "source": "cve@mitre.org", "tags": [ "Exploit" ], "url": "http://lists.freedesktop.org/archives/poppler/2009-January/004406.html" }, { "source": "cve@mitre.org", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/33853" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/35685" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/37114" }, { "source": "cve@mitre.org", "url": "http://wiki.rpath.com/Advisories:rPSA-2009-0059" }, { "source": "cve@mitre.org", "url": "http://www.debian.org/security/2009/dsa-1941" }, { "source": "cve@mitre.org", "url": "http://www.openwall.com/lists/oss-security/2009/02/13/1" }, { "source": "cve@mitre.org", "url": "http://www.openwall.com/lists/oss-security/2009/02/19/2" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/502761/100/0/threaded" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/33749" }, { "source": "cve@mitre.org", "url": "http://www.ubuntu.com/usn/USN-850-1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://bugs.freedesktop.org/show_bug.cgi?id=19790" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit" ], "url": "http://lists.freedesktop.org/archives/poppler/2009-January/004406.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/33853" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/35685" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/37114" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://wiki.rpath.com/Advisories:rPSA-2009-0059" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2009/dsa-1941" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.openwall.com/lists/oss-security/2009/02/13/1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.openwall.com/lists/oss-security/2009/02/19/2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/502761/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/33749" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ubuntu.com/usn/USN-850-1" } ], "sourceIdentifier": "cve@mitre.org", "vendorComments": [ { "comment": "Not vulnerable. This issue did not affect the versions of poppler, xpdf, gpdf and kdegraphics as shipped with Red Hat Enterprise Linux 3, 4, or 5.", "lastModified": "2009-07-15T00:00:00", "organization": "Red Hat" } ], "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2009-10-21 17:30
Modified
2025-04-09 00:30
Severity ?
Summary
Integer overflow in the PSOutputDev::doImageL1Sep function in Xpdf before 3.02pl4, and Poppler 0.x, as used in kdegraphics KPDF, might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:foolabs:xpdf:3.02pl1:*:*:*:*:*:*:*", "matchCriteriaId": "0BC500DA-7B3F-4CD5-BB0E-B244000CD19D", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:3.02pl2:*:*:*:*:*:*:*", "matchCriteriaId": "9D5D9CEA-0707-46FC-AEC3-9EC540B22BC3", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:3.02pl3:*:*:*:*:*:*:*", "matchCriteriaId": "BD38AC59-7518-40FB-BC29-EC64142DE682", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.00:*:*:*:*:*:*:*", "matchCriteriaId": "15D08CFD-BEE1-4DEE-926D-F4291F88224D", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.01:*:*:*:*:*:*:*", "matchCriteriaId": "D244903F-5407-4C35-AE2C-1A05D3C227D4", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.02:*:*:*:*:*:*:*", "matchCriteriaId": "F7D4E256-FF91-47BA-B1D4-940FB2D970AF", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.1:*:*:*:*:*:*:*", "matchCriteriaId": "E23EBF88-10DE-4EA6-9F0E-F33C88541F65", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "54F75CFD-3523-4017-992C-4FA6406D49F2", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "DB116A19-6436-40BE-B5C6-32C22D888B9A", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "8A4C1429-593B-47B6-AC84-832F2296FAB5", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "18240BA6-3390-4925-AC25-DA4C42397CF7", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "3090A142-2240-4A8D-A122-C037931A277C", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "EFD63240-4599-4212-8AF2-7C4089CA9D28", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "3C7EE965-EE3F-4B17-AF38-FA3AA0B11164", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "7BE488E5-B3D9-4723-ABBA-A8753EC2DA2D", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "1259C59E-517F-40BE-8BA6-01AB76257C9A", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "63C92F1C-3005-4EA6-B9C0-2BC2E3D611D6", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "576152B4-9ACD-4C4E-B423-4A5EF44332D0", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.4:*:*:*:*:*:*:*", "matchCriteriaId": "322F9E62-6A74-4805-8F6B-9C61739B2D4E", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "F51C453F-6A87-49FB-83F6-22316F28161F", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "75F532F0-6653-4275-A85A-BD9A9A611E96", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "4CC7300E-0CBE-47FD-A241-B4B4F0164EBB", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "255102DA-A2C0-4795-9539-B4CBD587554A", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "349B06F1-772A-4A12-A7B9-EA220ED96D2C", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.9:*:*:*:*:*:*:*", "matchCriteriaId": "B779800A-FF4B-47DD-B56F-77D10D6A335C", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "178680C2-DB1B-4250-9B6E-6ADABA60DE44", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "FCA9036F-92DA-45C2-9FBC-DE03444D34F1", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "B6855B98-DAA2-4850-A765-2F4D6D93A424", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "4743EC55-B61D-4C1A-9ED7-060268F2DB27", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.6.4:*:*:*:*:*:*:*", "matchCriteriaId": "8CD4454E-3D2B-4582-B5E5-0317A6417654", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.7.0:*:*:*:*:*:*:*", "matchCriteriaId": "96402B67-A7A8-44E3-914E-A10A69FAD735", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "66C608C8-F382-4D6B-A638-98763C1CBB66", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.7.2:*:*:*:*:*:*:*", "matchCriteriaId": "21F0F4E0-91B7-4B1F-BFA9-829101A7F90A", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.7.3:*:*:*:*:*:*:*", "matchCriteriaId": "22287102-80B1-4E1F-85E4-488B020A51E0", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.0:*:*:*:*:*:*:*", "matchCriteriaId": "FF3030D6-DE07-418B-AB40-87C85FCA3C58", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.1:*:*:*:*:*:*:*", "matchCriteriaId": "D3583D56-F653-457A-B1F8-25842A15CB82", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.2:*:*:*:*:*:*:*", "matchCriteriaId": "6EEA5DBB-5A80-439E-A135-77CB40772916", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.3:*:*:*:*:*:*:*", "matchCriteriaId": "D4A5C43B-3978-4D0A-8166-A99622106781", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.4:*:*:*:*:*:*:*", "matchCriteriaId": "2A940AF2-A7CA-408F-86E2-797C7BA8A6BD", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.6:*:*:*:*:*:*:*", "matchCriteriaId": "AA56CB7C-E7B3-4F0B-8BEB-F133FAF0D6FC", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.7:*:*:*:*:*:*:*", "matchCriteriaId": "6323ED7A-6FE8-4885-B743-3E2F82ECA08B", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.9.0:*:*:*:*:*:*:*", "matchCriteriaId": "90D3345C-2D35-413C-B6F9-C308BC7C2AA6", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.9.1:*:*:*:*:*:*:*", "matchCriteriaId": "26216EEC-26B7-41C8-ADFB-64D2EA8DAA8F", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.9.2:*:*:*:*:*:*:*", "matchCriteriaId": "A9D3618D-A183-4B09-9CA2-8D622C3486DD", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.9.3:*:*:*:*:*:*:*", "matchCriteriaId": "A88294D9-563E-4AB3-9FE6-971F43B052B4", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.0:*:*:*:*:*:*:*", "matchCriteriaId": "1A39F672-B238-4B21-A48E-5121771949F3", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.1:*:*:*:*:*:*:*", "matchCriteriaId": "58A5D199-E952-44B5-B5E5-170040FA813E", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.2:*:*:*:*:*:*:*", "matchCriteriaId": "349B4B75-32E2-49FB-9606-8B057AFA2E3E", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.3:*:*:*:*:*:*:*", "matchCriteriaId": "55A8D058-224E-467E-AB61-06F90B541F24", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.4:*:*:*:*:*:*:*", "matchCriteriaId": "77C47EDD-2212-4259-8229-FF05E1A7B5AD", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.5:*:*:*:*:*:*:*", "matchCriteriaId": "C52995D0-0986-427F-B37D-2F6726EA330D", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.6:*:*:*:*:*:*:*", "matchCriteriaId": "7E4427C5-DBF0-4EF9-8B7A-61D56C14E3FB", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.7:*:*:*:*:*:*:*", "matchCriteriaId": "B91206CA-7EBE-4E64-9A49-D7EC0D051012", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.11.0:*:*:*:*:*:*:*", "matchCriteriaId": "BFD43644-7F02-42AF-8EC3-C326A13E2F89", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.11.1:*:*:*:*:*:*:*", "matchCriteriaId": "81FE2E6F-44B2-42D5-B986-D1FE2B510968", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.11.2:*:*:*:*:*:*:*", "matchCriteriaId": "0A605079-3705-4E2C-8F6D-C21B4D875817", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.11.3:*:*:*:*:*:*:*", "matchCriteriaId": "3ABBD590-8092-4920-BBC7-F3ACB9CCC900", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.12.0:*:*:*:*:*:*:*", "matchCriteriaId": "14D812D5-BC8B-4907-AA70-F8D7F982A8DD", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:kde:kpdf:*:*:*:*:*:*:*:*", "matchCriteriaId": "41EF2714-DEC9-407F-9D1B-EF2A4D8B4DC3", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Integer overflow in the PSOutputDev::doImageL1Sep function in Xpdf before 3.02pl4, and Poppler 0.x, as used in kdegraphics KPDF, might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow." }, { "lang": "es", "value": "Desbordamiento de entero en la funci\u00f3n PSOutputDev::doImageL1Sep en Xpdf v3.02pl4 y Poppler v0.x, usado en n kdegraphics KPDF, podr\u00eda permitir a atacantes remotos la ejecuci\u00f3n de c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un documento PDF manipulado que provoca un desbordamiento de b\u00fafer basado en memoria din\u00e1mica (heap)." } ], "id": "CVE-2009-3606", "lastModified": "2025-04-09T00:30:58.490", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2009-10-21T17:30:00.343", "references": [ { "source": "secalert@redhat.com", "tags": [ "Patch" ], "url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl4.patch" }, { "source": "secalert@redhat.com", "url": "http://cgit.freedesktop.org/poppler/poppler/diff/poppler/PSOutputDev.cc?id=7b2d314a61" }, { "source": "secalert@redhat.com", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035340.html" }, { "source": "secalert@redhat.com", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035399.html" }, { "source": "secalert@redhat.com", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035408.html" }, { "source": "secalert@redhat.com", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/37023" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/37037" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/37042" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/37043" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/37053" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/37077" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/37159" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/39327" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/39938" }, { "source": "secalert@redhat.com", "tags": [ "Patch" ], "url": "http://securitytracker.com/id?1023029" }, { "source": "secalert@redhat.com", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1" }, { "source": "secalert@redhat.com", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2009/dsa-1941" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2010/dsa-2028" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2010/dsa-2050" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:287" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175" }, { "source": "secalert@redhat.com", "url": "http://www.openwall.com/lists/oss-security/2009/12/01/1" }, { "source": "secalert@redhat.com", "url": "http://www.openwall.com/lists/oss-security/2009/12/01/5" }, { "source": "secalert@redhat.com", "url": "http://www.openwall.com/lists/oss-security/2009/12/01/6" }, { "source": "secalert@redhat.com", "tags": [ "Exploit", "Patch" ], "url": "http://www.securityfocus.com/bid/36703" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/2924" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/2928" }, { "source": "secalert@redhat.com", "url": "http://www.vupen.com/english/advisories/2010/0802" }, { "source": "secalert@redhat.com", "url": "http://www.vupen.com/english/advisories/2010/1040" }, { "source": "secalert@redhat.com", "url": "http://www.vupen.com/english/advisories/2010/1220" }, { "source": "secalert@redhat.com", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=526877" }, { "source": "secalert@redhat.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53798" }, { "source": "secalert@redhat.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11289" }, { "source": "secalert@redhat.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7836" }, { "source": "secalert@redhat.com", "url": "https://rhn.redhat.com/errata/RHSA-2009-1500.html" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "https://rhn.redhat.com/errata/RHSA-2009-1501.html" }, { "source": "secalert@redhat.com", "url": "https://rhn.redhat.com/errata/RHSA-2009-1502.html" }, { "source": "secalert@redhat.com", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00750.html" }, { "source": "secalert@redhat.com", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00784.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl4.patch" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://cgit.freedesktop.org/poppler/poppler/diff/poppler/PSOutputDev.cc?id=7b2d314a61" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035340.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035399.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035408.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/37023" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/37037" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/37042" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/37043" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/37053" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/37077" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/37159" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/39327" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/39938" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://securitytracker.com/id?1023029" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2009/dsa-1941" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2010/dsa-2028" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2010/dsa-2050" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:287" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.openwall.com/lists/oss-security/2009/12/01/1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.openwall.com/lists/oss-security/2009/12/01/5" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.openwall.com/lists/oss-security/2009/12/01/6" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Patch" ], "url": "http://www.securityfocus.com/bid/36703" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/2924" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/2928" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2010/0802" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2010/1040" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2010/1220" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=526877" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53798" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11289" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7836" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://rhn.redhat.com/errata/RHSA-2009-1500.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://rhn.redhat.com/errata/RHSA-2009-1501.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://rhn.redhat.com/errata/RHSA-2009-1502.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00750.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00784.html" } ], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-189" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2008-04-18 15:05
Modified
2025-04-09 00:30
Severity ?
Summary
The CairoFont::create function in CairoFontEngine.cc in Poppler, possibly before 0.8.0, as used in Xpdf, Evince, ePDFview, KWord, and other applications, does not properly handle embedded fonts in PDF files, which allows remote attackers to execute arbitrary code via a crafted font object, related to dereferencing a function pointer associated with the type of this font object.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
poppler | poppler | * | |
poppler | poppler | 0.1 | |
poppler | poppler | 0.1.1 | |
poppler | poppler | 0.1.2 | |
poppler | poppler | 0.2.0 | |
poppler | poppler | 0.3.0 | |
poppler | poppler | 0.3.1 | |
poppler | poppler | 0.3.2 | |
poppler | poppler | 0.3.3 | |
poppler | poppler | 0.4.0 | |
poppler | poppler | 0.4.1 | |
poppler | poppler | 0.4.2 | |
poppler | poppler | 0.4.3 | |
poppler | poppler | 0.4.4 | |
poppler | poppler | 0.5.0 | |
poppler | poppler | 0.5.1 | |
poppler | poppler | 0.5.2 | |
poppler | poppler | 0.5.3 | |
poppler | poppler | 0.5.4 | |
poppler | poppler | 0.5.9 | |
poppler | poppler | 0.5.91 | |
poppler | poppler | 0.6.0 | |
poppler | poppler | 0.6.1 | |
poppler | poppler | 0.6.2 | |
poppler | poppler | 0.6.3 | |
poppler | poppler | 0.6.4 | |
poppler | poppler | 0.7.0 | |
poppler | poppler | 0.7.1 | |
poppler | poppler | 0.7.2 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:poppler:poppler:*:*:*:*:*:*:*:*", "matchCriteriaId": "310194C7-8370-4EB6-B4CF-C8EE2A8E55DF", "versionEndIncluding": "0.7.3", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.1:*:*:*:*:*:*:*", "matchCriteriaId": "E23EBF88-10DE-4EA6-9F0E-F33C88541F65", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "54F75CFD-3523-4017-992C-4FA6406D49F2", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "DB116A19-6436-40BE-B5C6-32C22D888B9A", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "8A4C1429-593B-47B6-AC84-832F2296FAB5", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "18240BA6-3390-4925-AC25-DA4C42397CF7", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "3090A142-2240-4A8D-A122-C037931A277C", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "EFD63240-4599-4212-8AF2-7C4089CA9D28", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "3C7EE965-EE3F-4B17-AF38-FA3AA0B11164", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "7BE488E5-B3D9-4723-ABBA-A8753EC2DA2D", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "1259C59E-517F-40BE-8BA6-01AB76257C9A", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "63C92F1C-3005-4EA6-B9C0-2BC2E3D611D6", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "576152B4-9ACD-4C4E-B423-4A5EF44332D0", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.4:*:*:*:*:*:*:*", "matchCriteriaId": "322F9E62-6A74-4805-8F6B-9C61739B2D4E", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "F51C453F-6A87-49FB-83F6-22316F28161F", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "75F532F0-6653-4275-A85A-BD9A9A611E96", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "4CC7300E-0CBE-47FD-A241-B4B4F0164EBB", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "255102DA-A2C0-4795-9539-B4CBD587554A", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "349B06F1-772A-4A12-A7B9-EA220ED96D2C", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.9:*:*:*:*:*:*:*", "matchCriteriaId": "B779800A-FF4B-47DD-B56F-77D10D6A335C", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.91:*:*:*:*:*:*:*", "matchCriteriaId": "0B304657-740A-4F8D-99CD-22E283FEE6F1", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "178680C2-DB1B-4250-9B6E-6ADABA60DE44", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "FCA9036F-92DA-45C2-9FBC-DE03444D34F1", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "B6855B98-DAA2-4850-A765-2F4D6D93A424", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "4743EC55-B61D-4C1A-9ED7-060268F2DB27", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.6.4:*:*:*:*:*:*:*", "matchCriteriaId": "8CD4454E-3D2B-4582-B5E5-0317A6417654", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.7.0:*:*:*:*:*:*:*", "matchCriteriaId": "96402B67-A7A8-44E3-914E-A10A69FAD735", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "66C608C8-F382-4D6B-A638-98763C1CBB66", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.7.2:*:*:*:*:*:*:*", "matchCriteriaId": "21F0F4E0-91B7-4B1F-BFA9-829101A7F90A", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "The CairoFont::create function in CairoFontEngine.cc in Poppler, possibly before 0.8.0, as used in Xpdf, Evince, ePDFview, KWord, and other applications, does not properly handle embedded fonts in PDF files, which allows remote attackers to execute arbitrary code via a crafted font object, related to dereferencing a function pointer associated with the type of this font object." }, { "lang": "es", "value": "La funci\u00f3n CairoFont::create en CairoFontEngine.cc de Poppler, posiblemente anterior a 0.8.0, como se usa en Xpdf, Evince, ePDFview, KWord y otras aplicaciones, no maneja correctamente fuentes embebidas en archivos PDF, lo que permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un objeto fuente manipulado, relacionado con referenciar un puntero de una funci\u00f3n asociado con el tipo de este objeto fuente." } ], "id": "CVE-2008-1693", "lastModified": "2025-04-09T00:30:58.490", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2008-04-18T15:05:00.000", "references": [ { "source": "security@ubuntu.com", "url": "http://lists.opensuse.org/opensuse-security-announce/2008-05/msg00000.html" }, { "source": "security@ubuntu.com", "url": "http://secunia.com/advisories/29816" }, { "source": "security@ubuntu.com", "url": "http://secunia.com/advisories/29834" }, { "source": "security@ubuntu.com", "url": "http://secunia.com/advisories/29836" }, { "source": "security@ubuntu.com", "url": "http://secunia.com/advisories/29851" }, { "source": "security@ubuntu.com", "url": "http://secunia.com/advisories/29853" }, { "source": "security@ubuntu.com", "url": "http://secunia.com/advisories/29868" }, { "source": "security@ubuntu.com", "url": "http://secunia.com/advisories/29869" }, { "source": "security@ubuntu.com", "url": "http://secunia.com/advisories/29884" }, { "source": "security@ubuntu.com", "url": "http://secunia.com/advisories/29885" }, { "source": "security@ubuntu.com", "url": "http://secunia.com/advisories/30019" }, { "source": "security@ubuntu.com", "url": "http://secunia.com/advisories/30033" }, { "source": "security@ubuntu.com", "url": "http://secunia.com/advisories/30717" }, { "source": "security@ubuntu.com", "url": "http://secunia.com/advisories/31035" }, { "source": "security@ubuntu.com", "url": "http://security.gentoo.org/glsa/glsa-200804-18.xml" }, { "source": "security@ubuntu.com", "url": "http://securitytracker.com/id?1019893" }, { "source": "security@ubuntu.com", "tags": [ "Patch" ], "url": "http://www.debian.org/security/2008/dsa-1548" }, { "source": "security@ubuntu.com", "url": "http://www.debian.org/security/2008/dsa-1606" }, { "source": "security@ubuntu.com", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:089" }, { "source": "security@ubuntu.com", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:173" }, { "source": "security@ubuntu.com", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:197" }, { "source": "security@ubuntu.com", "url": "http://www.novell.com/linux/security/advisories/2008_13_sr.html" }, { "source": "security@ubuntu.com", "url": "http://www.redhat.com/support/errata/RHSA-2008-0238.html" }, { "source": "security@ubuntu.com", "url": "http://www.redhat.com/support/errata/RHSA-2008-0239.html" }, { "source": "security@ubuntu.com", "url": "http://www.redhat.com/support/errata/RHSA-2008-0240.html" }, { "source": "security@ubuntu.com", "url": "http://www.redhat.com/support/errata/RHSA-2008-0262.html" }, { "source": "security@ubuntu.com", "url": "http://www.securityfocus.com/bid/28830" }, { "source": "security@ubuntu.com", "url": "http://www.ubuntu.com/usn/usn-603-1" }, { "source": "security@ubuntu.com", "url": "http://www.ubuntu.com/usn/usn-603-2" }, { "source": "security@ubuntu.com", "url": "http://www.vupen.com/english/advisories/2008/1265/references" }, { "source": "security@ubuntu.com", "url": "http://www.vupen.com/english/advisories/2008/1266/references" }, { "source": "security@ubuntu.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41884" }, { "source": "security@ubuntu.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11226" }, { "source": "security@ubuntu.com", "url": "https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00522.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2008-05/msg00000.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/29816" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/29834" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/29836" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/29851" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/29853" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/29868" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/29869" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/29884" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/29885" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/30019" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/30033" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/30717" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/31035" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://security.gentoo.org/glsa/glsa-200804-18.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securitytracker.com/id?1019893" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.debian.org/security/2008/dsa-1548" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2008/dsa-1606" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:089" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:173" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:197" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.novell.com/linux/security/advisories/2008_13_sr.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2008-0238.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2008-0239.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2008-0240.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2008-0262.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/28830" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ubuntu.com/usn/usn-603-1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ubuntu.com/usn/usn-603-2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2008/1265/references" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2008/1266/references" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41884" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11226" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00522.html" } ], "sourceIdentifier": "security@ubuntu.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-20" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2009-03-03 16:30
Modified
2025-04-09 00:30
Severity ?
Summary
The JBIG2Stream::readSymbolDictSeg function in Poppler before 0.10.4 allows remote attackers to cause a denial of service (crash) via a PDF file that triggers a parsing error, which is not properly handled by JBIG2SymbolDict::~JBIG2SymbolDict and triggers an invalid memory dereference.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
poppler | poppler | * | |
poppler | poppler | 0.1 | |
poppler | poppler | 0.1.1 | |
poppler | poppler | 0.1.2 | |
poppler | poppler | 0.2.0 | |
poppler | poppler | 0.3.0 | |
poppler | poppler | 0.3.1 | |
poppler | poppler | 0.3.2 | |
poppler | poppler | 0.3.3 | |
poppler | poppler | 0.4.0 | |
poppler | poppler | 0.4.1 | |
poppler | poppler | 0.4.2 | |
poppler | poppler | 0.4.3 | |
poppler | poppler | 0.4.4 | |
poppler | poppler | 0.5.0 | |
poppler | poppler | 0.5.1 | |
poppler | poppler | 0.5.2 | |
poppler | poppler | 0.5.3 | |
poppler | poppler | 0.5.4 | |
poppler | poppler | 0.5.9 | |
poppler | poppler | 0.5.90 | |
poppler | poppler | 0.5.91 | |
poppler | poppler | 0.6.0 | |
poppler | poppler | 0.6.1 | |
poppler | poppler | 0.6.2 | |
poppler | poppler | 0.6.3 | |
poppler | poppler | 0.6.4 | |
poppler | poppler | 0.7.0 | |
poppler | poppler | 0.7.1 | |
poppler | poppler | 0.7.2 | |
poppler | poppler | 0.7.3 | |
poppler | poppler | 0.8.4 | |
poppler | poppler | 0.10.1 | |
poppler | poppler | 0.10.2 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:poppler:poppler:*:*:*:*:*:*:*:*", "matchCriteriaId": "D94A745A-9BB3-4EE9-AC87-CACA64FB5C81", "versionEndIncluding": "0.10.3", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.1:*:*:*:*:*:*:*", "matchCriteriaId": "E23EBF88-10DE-4EA6-9F0E-F33C88541F65", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "54F75CFD-3523-4017-992C-4FA6406D49F2", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "DB116A19-6436-40BE-B5C6-32C22D888B9A", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "8A4C1429-593B-47B6-AC84-832F2296FAB5", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "18240BA6-3390-4925-AC25-DA4C42397CF7", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "3090A142-2240-4A8D-A122-C037931A277C", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "EFD63240-4599-4212-8AF2-7C4089CA9D28", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "3C7EE965-EE3F-4B17-AF38-FA3AA0B11164", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "7BE488E5-B3D9-4723-ABBA-A8753EC2DA2D", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "1259C59E-517F-40BE-8BA6-01AB76257C9A", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "63C92F1C-3005-4EA6-B9C0-2BC2E3D611D6", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "576152B4-9ACD-4C4E-B423-4A5EF44332D0", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.4:*:*:*:*:*:*:*", "matchCriteriaId": "322F9E62-6A74-4805-8F6B-9C61739B2D4E", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "F51C453F-6A87-49FB-83F6-22316F28161F", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "75F532F0-6653-4275-A85A-BD9A9A611E96", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "4CC7300E-0CBE-47FD-A241-B4B4F0164EBB", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "255102DA-A2C0-4795-9539-B4CBD587554A", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "349B06F1-772A-4A12-A7B9-EA220ED96D2C", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.9:*:*:*:*:*:*:*", "matchCriteriaId": "B779800A-FF4B-47DD-B56F-77D10D6A335C", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.90:*:*:*:*:*:*:*", "matchCriteriaId": "F0213390-08FA-4E04-835B-8BE0FC61B464", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.91:*:*:*:*:*:*:*", "matchCriteriaId": "0B304657-740A-4F8D-99CD-22E283FEE6F1", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "178680C2-DB1B-4250-9B6E-6ADABA60DE44", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "FCA9036F-92DA-45C2-9FBC-DE03444D34F1", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "B6855B98-DAA2-4850-A765-2F4D6D93A424", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "4743EC55-B61D-4C1A-9ED7-060268F2DB27", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.6.4:*:*:*:*:*:*:*", "matchCriteriaId": "8CD4454E-3D2B-4582-B5E5-0317A6417654", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.7.0:*:*:*:*:*:*:*", "matchCriteriaId": "96402B67-A7A8-44E3-914E-A10A69FAD735", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "66C608C8-F382-4D6B-A638-98763C1CBB66", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.7.2:*:*:*:*:*:*:*", "matchCriteriaId": "21F0F4E0-91B7-4B1F-BFA9-829101A7F90A", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.7.3:*:*:*:*:*:*:*", "matchCriteriaId": "22287102-80B1-4E1F-85E4-488B020A51E0", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.4:*:*:*:*:*:*:*", "matchCriteriaId": "2A940AF2-A7CA-408F-86E2-797C7BA8A6BD", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.1:*:*:*:*:*:*:*", "matchCriteriaId": "58A5D199-E952-44B5-B5E5-170040FA813E", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.2:*:*:*:*:*:*:*", "matchCriteriaId": "349B4B75-32E2-49FB-9606-8B057AFA2E3E", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "The JBIG2Stream::readSymbolDictSeg function in Poppler before 0.10.4 allows remote attackers to cause a denial of service (crash) via a PDF file that triggers a parsing error, which is not properly handled by JBIG2SymbolDict::~JBIG2SymbolDict and triggers an invalid memory dereference." }, { "lang": "es", "value": "La funci\u00f3n JBIG2Stream::readSymbolDictSeg en Poppler anteriores a v0.10.4 permite a atacantes remotos producir una denegaci\u00f3n de servicio (ca\u00edda) a trav\u00e9s de un fichero PDF que dispara un error de parseo, lo cual no adecuadamente manejado por JBIG2SymbolDict::~JBIG2SymbolDict y produce una desreferencia de memoria incorrecta." } ], "id": "CVE-2009-0756", "lastModified": "2025-04-09T00:30:58.490", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2009-03-03T16:30:05.267", "references": [ { "source": "cve@mitre.org", "tags": [ "Exploit" ], "url": "http://bugs.freedesktop.org/show_bug.cgi?id=19702" }, { "source": "cve@mitre.org", "tags": [ "Exploit" ], "url": "http://lists.freedesktop.org/archives/poppler/2009-January/004403.html" }, { "source": "cve@mitre.org", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/33853" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/35685" }, { "source": "cve@mitre.org", "url": "http://wiki.rpath.com/Advisories:rPSA-2009-0059" }, { "source": "cve@mitre.org", "url": "http://www.openwall.com/lists/oss-security/2009/02/13/1" }, { "source": "cve@mitre.org", "url": "http://www.openwall.com/lists/oss-security/2009/02/19/2" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/502761/100/0/threaded" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/33749" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit" ], "url": "http://bugs.freedesktop.org/show_bug.cgi?id=19702" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit" ], "url": "http://lists.freedesktop.org/archives/poppler/2009-January/004403.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/33853" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/35685" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://wiki.rpath.com/Advisories:rPSA-2009-0059" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.openwall.com/lists/oss-security/2009/02/13/1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.openwall.com/lists/oss-security/2009/02/19/2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/502761/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/33749" } ], "sourceIdentifier": "cve@mitre.org", "vendorComments": [ { "comment": "This issue is a duplicate of CVE-2009-0166, which was addressed in affected products via following updates: https://rhn.redhat.com/errata/CVE-2009-0166.html", "lastModified": "2009-07-15T00:00:00", "organization": "Red Hat" } ], "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2009-04-23 17:30
Modified
2025-04-09 00:30
Severity ?
Summary
The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers an out-of-bounds read.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:foolabs:xpdf:0.5a:*:*:*:*:*:*:*", "matchCriteriaId": "B8ABE533-8FC1-45E6-B574-A4CC7571EF7C", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.7a:*:*:*:*:*:*:*", "matchCriteriaId": "1B02805E-7BD0-4563-82C8-6FFB982D4913", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.91a:*:*:*:*:*:*:*", "matchCriteriaId": "852F526D-F388-4FF0-BDD9-DF7635DB46D8", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.91b:*:*:*:*:*:*:*", "matchCriteriaId": "478D53EA-CC8C-4ECB-8410-0910505AD819", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.91c:*:*:*:*:*:*:*", "matchCriteriaId": "8C84FB90-FF1C-4502-B2D2-390438DD422F", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.92a:*:*:*:*:*:*:*", "matchCriteriaId": "13341DAE-D16D-41A7-BF17-FEC802997B15", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.92b:*:*:*:*:*:*:*", "matchCriteriaId": "3E30BAEA-231C-4A82-B014-9EE3D1E81545", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.92c:*:*:*:*:*:*:*", "matchCriteriaId": "FE1DE5A5-6448-43F6-A612-56998D16E6B9", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.92d:*:*:*:*:*:*:*", "matchCriteriaId": "35F84699-D4CF-4FD1-A959-53E316559EBE", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.92e:*:*:*:*:*:*:*", "matchCriteriaId": "D820DFD5-0EF9-4C9A-B281-D553A4F63141", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.93a:*:*:*:*:*:*:*", "matchCriteriaId": "E2EFC7E4-E513-42DB-BDA5-8D1E497971DD", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.93b:*:*:*:*:*:*:*", "matchCriteriaId": "0AA5CDDC-BFDE-4C5E-920F-5DA1B3C51B52", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.93c:*:*:*:*:*:*:*", "matchCriteriaId": "F4CF839D-D034-4D47-977F-7E27B36EF04F", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:1.00a:*:*:*:*:*:*:*", "matchCriteriaId": "F3B3E8A4-14FE-42DA-B82E-839B092B5302", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:*:*:*:*:*:*:*:*", "matchCriteriaId": "32628280-E2DB-45E0-AB8A-CFC90419A182", "versionEndIncluding": "3.02", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.2:*:*:*:*:*:*:*", "matchCriteriaId": "DEF5EC54-9145-4B51-8241-C9343160BF80", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.3:*:*:*:*:*:*:*", "matchCriteriaId": "D33C2C1D-C1C1-4B1D-BDC8-6480CE8EC24B", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.4:*:*:*:*:*:*:*", "matchCriteriaId": "D1344DF7-9917-4DB0-9256-9E8131C55B0A", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.5:*:*:*:*:*:*:*", "matchCriteriaId": "309F0CF2-4AF7-4F46-91EA-39BA07BAF312", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.6:*:*:*:*:*:*:*", "matchCriteriaId": "36FA872B-74B8-48E4-9D5C-5ACA6FCB8026", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.7:*:*:*:*:*:*:*", "matchCriteriaId": "20311EDE-0E34-432A-AE41-F61EA68F134A", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.80:*:*:*:*:*:*:*", "matchCriteriaId": "16FEF460-3569-4294-ABA4-D7C251D67071", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.90:*:*:*:*:*:*:*", "matchCriteriaId": "BB41E8C2-BBCC-48CB-805B-23411D39E936", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.91:*:*:*:*:*:*:*", "matchCriteriaId": "16670F8A-E70B-4CDF-8C61-414D86E20C84", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.92:*:*:*:*:*:*:*", "matchCriteriaId": "69483A91-53DB-4736-908F-7B14EFB40888", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.93:*:*:*:*:*:*:*", "matchCriteriaId": "5B3E7962-0A95-4E7B-A983-683B02350B93", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:1.00:*:*:*:*:*:*:*", "matchCriteriaId": "BD1120B3-3372-417B-BCA0-FD515638FBFB", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:1.01:*:*:*:*:*:*:*", "matchCriteriaId": "F7397645-3225-4980-8465-28F93322B58B", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.00:*:*:*:*:*:*:*", "matchCriteriaId": "1672587F-ED28-4A8A-A6C1-AD1D6B5DF9F3", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.01:*:*:*:*:*:*:*", "matchCriteriaId": "D5A45EAF-B511-4360-A201-D588E7EEB39D", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.02:*:*:*:*:*:*:*", "matchCriteriaId": "D14637F7-DC99-4AC4-854C-DBA0B4C6BE54", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.03:*:*:*:*:*:*:*", "matchCriteriaId": "9EE03979-D564-4ABD-BEBD-E86E7C1BAF9D", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.00:*:*:*:*:*:*:*", "matchCriteriaId": "15D08CFD-BEE1-4DEE-926D-F4291F88224D", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.01:*:*:*:*:*:*:*", "matchCriteriaId": "D244903F-5407-4C35-AE2C-1A05D3C227D4", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:poppler:poppler:*:*:*:*:*:*:*:*", "matchCriteriaId": "E0299F4A-A027-430C-9A53-AFEF9022960C", "versionEndIncluding": "0.10.5", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.1:*:*:*:*:*:*:*", "matchCriteriaId": "E23EBF88-10DE-4EA6-9F0E-F33C88541F65", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "54F75CFD-3523-4017-992C-4FA6406D49F2", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "DB116A19-6436-40BE-B5C6-32C22D888B9A", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "8A4C1429-593B-47B6-AC84-832F2296FAB5", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "18240BA6-3390-4925-AC25-DA4C42397CF7", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "3090A142-2240-4A8D-A122-C037931A277C", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "EFD63240-4599-4212-8AF2-7C4089CA9D28", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "3C7EE965-EE3F-4B17-AF38-FA3AA0B11164", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "7BE488E5-B3D9-4723-ABBA-A8753EC2DA2D", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "1259C59E-517F-40BE-8BA6-01AB76257C9A", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "63C92F1C-3005-4EA6-B9C0-2BC2E3D611D6", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "576152B4-9ACD-4C4E-B423-4A5EF44332D0", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.4:*:*:*:*:*:*:*", "matchCriteriaId": "322F9E62-6A74-4805-8F6B-9C61739B2D4E", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "F51C453F-6A87-49FB-83F6-22316F28161F", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "75F532F0-6653-4275-A85A-BD9A9A611E96", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "4CC7300E-0CBE-47FD-A241-B4B4F0164EBB", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "255102DA-A2C0-4795-9539-B4CBD587554A", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "349B06F1-772A-4A12-A7B9-EA220ED96D2C", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.9:*:*:*:*:*:*:*", "matchCriteriaId": "B779800A-FF4B-47DD-B56F-77D10D6A335C", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.90:*:*:*:*:*:*:*", "matchCriteriaId": "F0213390-08FA-4E04-835B-8BE0FC61B464", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.91:*:*:*:*:*:*:*", "matchCriteriaId": "0B304657-740A-4F8D-99CD-22E283FEE6F1", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "178680C2-DB1B-4250-9B6E-6ADABA60DE44", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "FCA9036F-92DA-45C2-9FBC-DE03444D34F1", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "B6855B98-DAA2-4850-A765-2F4D6D93A424", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "4743EC55-B61D-4C1A-9ED7-060268F2DB27", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.6.4:*:*:*:*:*:*:*", "matchCriteriaId": "8CD4454E-3D2B-4582-B5E5-0317A6417654", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.7.0:*:*:*:*:*:*:*", "matchCriteriaId": "96402B67-A7A8-44E3-914E-A10A69FAD735", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "66C608C8-F382-4D6B-A638-98763C1CBB66", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.7.2:*:*:*:*:*:*:*", "matchCriteriaId": "21F0F4E0-91B7-4B1F-BFA9-829101A7F90A", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.7.3:*:*:*:*:*:*:*", "matchCriteriaId": "22287102-80B1-4E1F-85E4-488B020A51E0", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.0:*:*:*:*:*:*:*", "matchCriteriaId": "FF3030D6-DE07-418B-AB40-87C85FCA3C58", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.1:*:*:*:*:*:*:*", "matchCriteriaId": "D3583D56-F653-457A-B1F8-25842A15CB82", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.2:*:*:*:*:*:*:*", "matchCriteriaId": "6EEA5DBB-5A80-439E-A135-77CB40772916", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.3:*:*:*:*:*:*:*", "matchCriteriaId": "D4A5C43B-3978-4D0A-8166-A99622106781", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.4:*:*:*:*:*:*:*", "matchCriteriaId": "2A940AF2-A7CA-408F-86E2-797C7BA8A6BD", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.5:*:*:*:*:*:*:*", "matchCriteriaId": "8B2CD8A0-2DBA-4AC9-A97D-D4DAEB6C7A74", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.6:*:*:*:*:*:*:*", "matchCriteriaId": "AA56CB7C-E7B3-4F0B-8BEB-F133FAF0D6FC", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.7:*:*:*:*:*:*:*", "matchCriteriaId": "6323ED7A-6FE8-4885-B743-3E2F82ECA08B", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.9.0:*:*:*:*:*:*:*", "matchCriteriaId": "90D3345C-2D35-413C-B6F9-C308BC7C2AA6", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.9.1:*:*:*:*:*:*:*", "matchCriteriaId": "26216EEC-26B7-41C8-ADFB-64D2EA8DAA8F", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.9.2:*:*:*:*:*:*:*", "matchCriteriaId": "A9D3618D-A183-4B09-9CA2-8D622C3486DD", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.9.3:*:*:*:*:*:*:*", "matchCriteriaId": "A88294D9-563E-4AB3-9FE6-971F43B052B4", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.0:*:*:*:*:*:*:*", "matchCriteriaId": "1A39F672-B238-4B21-A48E-5121771949F3", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.1:*:*:*:*:*:*:*", "matchCriteriaId": "58A5D199-E952-44B5-B5E5-170040FA813E", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.2:*:*:*:*:*:*:*", "matchCriteriaId": "349B4B75-32E2-49FB-9606-8B057AFA2E3E", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.3:*:*:*:*:*:*:*", "matchCriteriaId": "55A8D058-224E-467E-AB61-06F90B541F24", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.4:*:*:*:*:*:*:*", "matchCriteriaId": "77C47EDD-2212-4259-8229-FF05E1A7B5AD", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:apple:cups:*:*:*:*:*:*:*:*", "matchCriteriaId": "B4E90153-8D18-4A50-9581-895C851F6489", "versionEndIncluding": "1.3.9", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "E4D89E03-94D0-4F7F-9A54-3021E3E5A321", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "298D6BE7-7683-4225-8DD6-4C0FC5EB48BC", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "230B77E7-B1AE-4470-859D-7B5F99749D74", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "F8FECBBD-B1A2-4F42-8A68-32AB8331BDC7", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "7B6070FC-4566-4314-940E-0AAE34B56E28", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.5:*:*:*:*:*:*:*", "matchCriteriaId": "BC691F07-8B38-4867-AB18-51F380CAEA46", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.5-1:*:*:*:*:*:*:*", "matchCriteriaId": "E943EFBF-39A7-408F-8AC5-677E83DFDBB4", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.5-2:*:*:*:*:*:*:*", "matchCriteriaId": "5EA7725A-4398-4C76-BEBF-10E56C7F34F4", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.6:*:*:*:*:*:*:*", "matchCriteriaId": "D7415295-0FBF-4946-8D99-8CB2EC391319", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.6-1:*:*:*:*:*:*:*", "matchCriteriaId": "7C702EE3-4B7C-42EA-92AA-8717807CF67C", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.6-2:*:*:*:*:*:*:*", "matchCriteriaId": "73F74581-D71C-4FEC-BA8C-85EF4C1991BD", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.6-3:*:*:*:*:*:*:*", "matchCriteriaId": "7ABCFB52-33D3-428C-B1D5-DCE504170A37", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.7:*:*:*:*:*:*:*", "matchCriteriaId": "45F03F2B-6AC3-4872-9032-293C2E9B837C", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.8:*:*:*:*:*:*:*", "matchCriteriaId": "7E02B6FB-C36D-45F3-95F3-566CA03B29A3", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.9:*:*:*:*:*:*:*", "matchCriteriaId": "96093309-A87D-48D0-84DA-446255ABF231", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.9-1:*:*:*:*:*:*:*", "matchCriteriaId": "CF67F149-614B-4507-A15F-E557A1B73423", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.10:*:*:*:*:*:*:*", "matchCriteriaId": "B4A14432-D8A1-4D19-9408-B9B4F2FC6B0A", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.10-1:*:*:*:*:*:*:*", "matchCriteriaId": "49862F77-B8DE-4AA7-AE17-B348B05AC00E", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.11:*:*:*:*:*:*:*", "matchCriteriaId": "78D7719F-03E0-4E66-A50A-F8E857A9B6AD", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.12:*:*:*:*:*:*:*", "matchCriteriaId": "F3139FDA-9476-4414-B349-7119E63FD268", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.13:*:*:*:*:*:*:*", "matchCriteriaId": "523FE78C-441F-4ACD-B9F2-3E5293E277AB", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.14:*:*:*:*:*:*:*", "matchCriteriaId": "F887B5B1-7528-4086-AE6C-134F54A93342", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.15:*:*:*:*:*:*:*", "matchCriteriaId": "0D6D24ED-0D73-4CF2-B746-6EF29F2EF56F", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.16:*:*:*:*:*:*:*", "matchCriteriaId": "E8C5C552-6276-4791-80CD-6B3EB425EF04", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.17:*:*:*:*:*:*:*", "matchCriteriaId": "8335D4E3-563D-4288-B708-A9635BCA595F", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.18:*:*:*:*:*:*:*", "matchCriteriaId": "5279D055-248A-4BD1-9FBB-0024BA16DF5B", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.19:*:*:*:*:*:*:*", "matchCriteriaId": "BF791C1D-9AF8-4F0F-8F4B-844BC9A55DFD", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.19:rc1:*:*:*:*:*:*", "matchCriteriaId": "16519855-FCB9-44A8-9C7E-116192327BAB", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.19:rc2:*:*:*:*:*:*", "matchCriteriaId": "B1D9330B-C51A-4C7D-A322-85103C64D86C", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.19:rc3:*:*:*:*:*:*", "matchCriteriaId": "2DA0C19F-95EB-429C-AF06-A2C1D5643662", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.19:rc4:*:*:*:*:*:*", "matchCriteriaId": "225CCE80-FF4B-4B39-B8BD-EB4710047524", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.19:rc5:*:*:*:*:*:*", "matchCriteriaId": "07925DD8-50C0-4908-95D1-7342A4617BBC", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.20:*:*:*:*:*:*:*", "matchCriteriaId": "48A519DB-6C6D-4094-814D-33BD5EF389BC", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.20:rc1:*:*:*:*:*:*", "matchCriteriaId": "B6ED7566-5092-4B08-97A9-B2B53117A224", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.20:rc2:*:*:*:*:*:*", "matchCriteriaId": "98DCAC0C-896F-4353-A665-5BCD0D8AEBA5", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.20:rc3:*:*:*:*:*:*", "matchCriteriaId": "E72614CD-8F70-4E07-AD83-8FDE8026CEC7", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.20:rc4:*:*:*:*:*:*", "matchCriteriaId": "48E62419-C165-4B42-8C23-E24821BD4BB4", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.20:rc5:*:*:*:*:*:*", "matchCriteriaId": "217D804B-CA56-49CE-B9EB-2A297EB1763C", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.20:rc6:*:*:*:*:*:*", "matchCriteriaId": "A41E8583-C837-4871-B4D2-FD41C78D538E", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.21:*:*:*:*:*:*:*", "matchCriteriaId": "D480C37B-0DA8-4096-80B0-5198FE589A4B", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.21:rc1:*:*:*:*:*:*", "matchCriteriaId": "74F5A83B-3C1A-49F3-A9D6-F7B9B897E447", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.21:rc2:*:*:*:*:*:*", "matchCriteriaId": "241D4183-879D-4974-BACB-A6987EDA2E7D", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.22:*:*:*:*:*:*:*", "matchCriteriaId": "96592A93-4967-4B91-BCF7-558DC472E7BC", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.22:rc1:*:*:*:*:*:*", "matchCriteriaId": "8758715D-B973-4960-8B7D-6F9A11E73288", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.22:rc2:*:*:*:*:*:*", "matchCriteriaId": "0370E9EB-B830-4362-B83C-912579695691", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.23:*:*:*:*:*:*:*", "matchCriteriaId": "DA3EC6EE-720D-4F27-A2E1-88AE53FC41A5", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.23:rc1:*:*:*:*:*:*", "matchCriteriaId": "D644926A-C2A5-45FE-85A3-2782CE87ED86", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "0696E675-0A13-45FC-8917-845E6FF7A311", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "78BAC98C-1FE6-42A3-8B62-E3C321914F6A", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "BCC3EF2F-0140-4185-9FB3-2B595B61CDC1", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "7C36785A-F735-45C0-986B-9624AD65F0C3", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "3C1D3916-607F-44E8-9D47-93C6C0789083", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.2.5:*:*:*:*:*:*:*", "matchCriteriaId": "174613C3-A04B-4701-849B-BAA598BF4F72", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.2.6:*:*:*:*:*:*:*", "matchCriteriaId": "81C1137C-BE3D-45F9-83C9-D212107F0E14", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.2.7:*:*:*:*:*:*:*", "matchCriteriaId": "3CBC1F81-E93A-42A7-8BC8-4B903688F2E0", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.2.8:*:*:*:*:*:*:*", "matchCriteriaId": "1FA876FF-C58A-45CF-A8E8-E2068DF79421", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.2.9:*:*:*:*:*:*:*", "matchCriteriaId": "5FD78771-BD9A-4AC2-B664-B189DD288FB2", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.2.10:*:*:*:*:*:*:*", "matchCriteriaId": "50A16424-732F-4B76-A753-1642A97BC1EA", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.2.11:*:*:*:*:*:*:*", "matchCriteriaId": "E189C976-2DD2-485C-828E-7FC3DC6A8F32", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.2.12:*:*:*:*:*:*:*", "matchCriteriaId": "A86CA90F-A944-4F3E-B75F-8147125335D2", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "9FAFABDC-E40F-4C53-AC66-94EFD077665D", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "42A2F7B3-F4A7-416E-A07F-D4C5F0768B6F", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "F96C1B80-9E20-4832-8308-BF7911569EF6", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "3F2D7DB3-F467-4BC0-83BB-4706D067A2C5", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.3.4:*:*:*:*:*:*:*", "matchCriteriaId": "ABD33C2C-7D39-4CCE-AC99-BC7B1B205A4F", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.3.5:*:*:*:*:*:*:*", "matchCriteriaId": "46C394DC-65A7-4713-B823-6F5D329A0C5C", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.3.6:*:*:*:*:*:*:*", "matchCriteriaId": "E5E9F74F-3C7D-486A-8BA1-EE2A73160B39", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.3.7:*:*:*:*:*:*:*", "matchCriteriaId": "69BD64BB-BDA7-4F82-8324-B7C7C941133C", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.3.8:*:*:*:*:*:*:*", "matchCriteriaId": "FCAEE03E-0B8A-4D10-BD4D-2DA25B7BBE16", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.3.10:*:*:*:*:*:*:*", "matchCriteriaId": "D8814509-8B08-46C6-AE50-19B7D30DCF40", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.3.11:*:*:*:*:*:*:*", "matchCriteriaId": "0718FB6B-D787-409A-B535-0318F2C63A81", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers an out-of-bounds read." }, { "lang": "es", "value": "El decodificador JBIG2 en Xpdf versi\u00f3n 3.02 PL2 y anteriores, CUPS versi\u00f3n 1.3.9 y anteriores, Poppler versi\u00f3n anterior a 0.10.6, y otros productos permite a los atacantes remotos causar una denegaci\u00f3n de servicio (bloqueo) por medio de un archivo PDF creado que desencadena una vulnerabilidad de lectura fuera de l\u00edmites." } ], "id": "CVE-2009-0799", "lastModified": "2025-04-09T00:30:58.490", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2009-04-23T17:30:01.703", "references": [ { "source": "secalert@redhat.com", "url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=495886" }, { "source": "secalert@redhat.com", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html" }, { "source": "secalert@redhat.com", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html" }, { "source": "secalert@redhat.com", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://poppler.freedesktop.org/releases.html" }, { "source": "secalert@redhat.com", "url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34291" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34481" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34746" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34755" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34756" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34852" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34959" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34963" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34991" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/35037" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/35064" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/35065" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/35618" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/35685" }, { "source": "secalert@redhat.com", "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477" }, { "source": "secalert@redhat.com", "tags": [ "Patch" ], "url": "http://www.debian.org/security/2009/dsa-1790" }, { "source": "secalert@redhat.com", "tags": [ "Patch" ], "url": "http://www.debian.org/security/2009/dsa-1793" }, { "source": "secalert@redhat.com", "tags": [ "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/196617" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175" }, { "source": "secalert@redhat.com", "tags": [ "Patch" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html" }, { "source": "secalert@redhat.com", "tags": [ "Patch" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html" }, { "source": "secalert@redhat.com", "tags": [ "Patch" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html" }, { "source": "secalert@redhat.com", "tags": [ "Patch" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html" }, { "source": "secalert@redhat.com", "tags": [ "Patch" ], "url": "http://www.securityfocus.com/bid/34568" }, { "source": "secalert@redhat.com", "url": "http://www.securitytracker.com/id?1022072" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/1065" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/1066" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/1076" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/1077" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2010/1040" }, { "source": "secalert@redhat.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10204" }, { "source": "secalert@redhat.com", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html" }, { "source": "secalert@redhat.com", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html" }, { "source": "secalert@redhat.com", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=495886" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://poppler.freedesktop.org/releases.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34291" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34481" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34746" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34755" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34756" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34852" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34959" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34963" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34991" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/35037" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/35064" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/35065" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/35618" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/35685" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.debian.org/security/2009/dsa-1790" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.debian.org/security/2009/dsa-1793" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/196617" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.securityfocus.com/bid/34568" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id?1022072" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/1065" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/1066" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/1076" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/1077" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2010/1040" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10204" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html" } ], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-119" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2009-04-23 17:30
Modified
2025-04-09 00:30
Severity ?
Summary
Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to execute arbitrary code via a crafted PDF file.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:foolabs:xpdf:0.5a:*:*:*:*:*:*:*", "matchCriteriaId": "B8ABE533-8FC1-45E6-B574-A4CC7571EF7C", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.7a:*:*:*:*:*:*:*", "matchCriteriaId": "1B02805E-7BD0-4563-82C8-6FFB982D4913", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.91a:*:*:*:*:*:*:*", "matchCriteriaId": "852F526D-F388-4FF0-BDD9-DF7635DB46D8", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.91b:*:*:*:*:*:*:*", "matchCriteriaId": "478D53EA-CC8C-4ECB-8410-0910505AD819", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.91c:*:*:*:*:*:*:*", "matchCriteriaId": "8C84FB90-FF1C-4502-B2D2-390438DD422F", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.92a:*:*:*:*:*:*:*", "matchCriteriaId": "13341DAE-D16D-41A7-BF17-FEC802997B15", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.92b:*:*:*:*:*:*:*", "matchCriteriaId": "3E30BAEA-231C-4A82-B014-9EE3D1E81545", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.92c:*:*:*:*:*:*:*", "matchCriteriaId": "FE1DE5A5-6448-43F6-A612-56998D16E6B9", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.92d:*:*:*:*:*:*:*", "matchCriteriaId": "35F84699-D4CF-4FD1-A959-53E316559EBE", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.92e:*:*:*:*:*:*:*", "matchCriteriaId": "D820DFD5-0EF9-4C9A-B281-D553A4F63141", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.93a:*:*:*:*:*:*:*", "matchCriteriaId": "E2EFC7E4-E513-42DB-BDA5-8D1E497971DD", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.93b:*:*:*:*:*:*:*", "matchCriteriaId": "0AA5CDDC-BFDE-4C5E-920F-5DA1B3C51B52", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.93c:*:*:*:*:*:*:*", "matchCriteriaId": "F4CF839D-D034-4D47-977F-7E27B36EF04F", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:1.00a:*:*:*:*:*:*:*", "matchCriteriaId": "F3B3E8A4-14FE-42DA-B82E-839B092B5302", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:*:*:*:*:*:*:*:*", "matchCriteriaId": "32628280-E2DB-45E0-AB8A-CFC90419A182", "versionEndIncluding": "3.02", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.2:*:*:*:*:*:*:*", "matchCriteriaId": "DEF5EC54-9145-4B51-8241-C9343160BF80", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.3:*:*:*:*:*:*:*", "matchCriteriaId": "D33C2C1D-C1C1-4B1D-BDC8-6480CE8EC24B", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.4:*:*:*:*:*:*:*", "matchCriteriaId": "D1344DF7-9917-4DB0-9256-9E8131C55B0A", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.5:*:*:*:*:*:*:*", "matchCriteriaId": "309F0CF2-4AF7-4F46-91EA-39BA07BAF312", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.6:*:*:*:*:*:*:*", "matchCriteriaId": "36FA872B-74B8-48E4-9D5C-5ACA6FCB8026", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.7:*:*:*:*:*:*:*", "matchCriteriaId": "20311EDE-0E34-432A-AE41-F61EA68F134A", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.80:*:*:*:*:*:*:*", "matchCriteriaId": "16FEF460-3569-4294-ABA4-D7C251D67071", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.90:*:*:*:*:*:*:*", "matchCriteriaId": "BB41E8C2-BBCC-48CB-805B-23411D39E936", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.91:*:*:*:*:*:*:*", "matchCriteriaId": "16670F8A-E70B-4CDF-8C61-414D86E20C84", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.92:*:*:*:*:*:*:*", "matchCriteriaId": "69483A91-53DB-4736-908F-7B14EFB40888", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.93:*:*:*:*:*:*:*", "matchCriteriaId": "5B3E7962-0A95-4E7B-A983-683B02350B93", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:1.00:*:*:*:*:*:*:*", "matchCriteriaId": "BD1120B3-3372-417B-BCA0-FD515638FBFB", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:1.01:*:*:*:*:*:*:*", "matchCriteriaId": "F7397645-3225-4980-8465-28F93322B58B", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.00:*:*:*:*:*:*:*", "matchCriteriaId": "1672587F-ED28-4A8A-A6C1-AD1D6B5DF9F3", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.01:*:*:*:*:*:*:*", "matchCriteriaId": "D5A45EAF-B511-4360-A201-D588E7EEB39D", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.02:*:*:*:*:*:*:*", "matchCriteriaId": "D14637F7-DC99-4AC4-854C-DBA0B4C6BE54", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.03:*:*:*:*:*:*:*", "matchCriteriaId": "9EE03979-D564-4ABD-BEBD-E86E7C1BAF9D", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.00:*:*:*:*:*:*:*", "matchCriteriaId": "15D08CFD-BEE1-4DEE-926D-F4291F88224D", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.01:*:*:*:*:*:*:*", "matchCriteriaId": "D244903F-5407-4C35-AE2C-1A05D3C227D4", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:poppler:poppler:*:*:*:*:*:*:*:*", "matchCriteriaId": "E0299F4A-A027-430C-9A53-AFEF9022960C", "versionEndIncluding": "0.10.5", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.1:*:*:*:*:*:*:*", "matchCriteriaId": "E23EBF88-10DE-4EA6-9F0E-F33C88541F65", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "54F75CFD-3523-4017-992C-4FA6406D49F2", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "DB116A19-6436-40BE-B5C6-32C22D888B9A", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "8A4C1429-593B-47B6-AC84-832F2296FAB5", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "18240BA6-3390-4925-AC25-DA4C42397CF7", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "3090A142-2240-4A8D-A122-C037931A277C", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "EFD63240-4599-4212-8AF2-7C4089CA9D28", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "3C7EE965-EE3F-4B17-AF38-FA3AA0B11164", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "7BE488E5-B3D9-4723-ABBA-A8753EC2DA2D", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "1259C59E-517F-40BE-8BA6-01AB76257C9A", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "63C92F1C-3005-4EA6-B9C0-2BC2E3D611D6", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "576152B4-9ACD-4C4E-B423-4A5EF44332D0", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.4:*:*:*:*:*:*:*", "matchCriteriaId": "322F9E62-6A74-4805-8F6B-9C61739B2D4E", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "F51C453F-6A87-49FB-83F6-22316F28161F", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "75F532F0-6653-4275-A85A-BD9A9A611E96", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "4CC7300E-0CBE-47FD-A241-B4B4F0164EBB", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "255102DA-A2C0-4795-9539-B4CBD587554A", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "349B06F1-772A-4A12-A7B9-EA220ED96D2C", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.9:*:*:*:*:*:*:*", "matchCriteriaId": "B779800A-FF4B-47DD-B56F-77D10D6A335C", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.90:*:*:*:*:*:*:*", "matchCriteriaId": "F0213390-08FA-4E04-835B-8BE0FC61B464", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.91:*:*:*:*:*:*:*", "matchCriteriaId": "0B304657-740A-4F8D-99CD-22E283FEE6F1", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "178680C2-DB1B-4250-9B6E-6ADABA60DE44", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "FCA9036F-92DA-45C2-9FBC-DE03444D34F1", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "B6855B98-DAA2-4850-A765-2F4D6D93A424", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "4743EC55-B61D-4C1A-9ED7-060268F2DB27", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.6.4:*:*:*:*:*:*:*", "matchCriteriaId": "8CD4454E-3D2B-4582-B5E5-0317A6417654", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.7.0:*:*:*:*:*:*:*", "matchCriteriaId": "96402B67-A7A8-44E3-914E-A10A69FAD735", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "66C608C8-F382-4D6B-A638-98763C1CBB66", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.7.2:*:*:*:*:*:*:*", "matchCriteriaId": "21F0F4E0-91B7-4B1F-BFA9-829101A7F90A", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.7.3:*:*:*:*:*:*:*", "matchCriteriaId": "22287102-80B1-4E1F-85E4-488B020A51E0", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.0:*:*:*:*:*:*:*", "matchCriteriaId": "FF3030D6-DE07-418B-AB40-87C85FCA3C58", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.1:*:*:*:*:*:*:*", "matchCriteriaId": "D3583D56-F653-457A-B1F8-25842A15CB82", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.2:*:*:*:*:*:*:*", "matchCriteriaId": "6EEA5DBB-5A80-439E-A135-77CB40772916", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.3:*:*:*:*:*:*:*", "matchCriteriaId": "D4A5C43B-3978-4D0A-8166-A99622106781", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.4:*:*:*:*:*:*:*", "matchCriteriaId": "2A940AF2-A7CA-408F-86E2-797C7BA8A6BD", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.5:*:*:*:*:*:*:*", "matchCriteriaId": "8B2CD8A0-2DBA-4AC9-A97D-D4DAEB6C7A74", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.6:*:*:*:*:*:*:*", "matchCriteriaId": "AA56CB7C-E7B3-4F0B-8BEB-F133FAF0D6FC", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.7:*:*:*:*:*:*:*", "matchCriteriaId": "6323ED7A-6FE8-4885-B743-3E2F82ECA08B", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.9.0:*:*:*:*:*:*:*", "matchCriteriaId": "90D3345C-2D35-413C-B6F9-C308BC7C2AA6", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.9.1:*:*:*:*:*:*:*", "matchCriteriaId": "26216EEC-26B7-41C8-ADFB-64D2EA8DAA8F", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.9.2:*:*:*:*:*:*:*", "matchCriteriaId": "A9D3618D-A183-4B09-9CA2-8D622C3486DD", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.9.3:*:*:*:*:*:*:*", "matchCriteriaId": "A88294D9-563E-4AB3-9FE6-971F43B052B4", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.0:*:*:*:*:*:*:*", "matchCriteriaId": "1A39F672-B238-4B21-A48E-5121771949F3", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.1:*:*:*:*:*:*:*", "matchCriteriaId": "58A5D199-E952-44B5-B5E5-170040FA813E", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.2:*:*:*:*:*:*:*", "matchCriteriaId": "349B4B75-32E2-49FB-9606-8B057AFA2E3E", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.3:*:*:*:*:*:*:*", "matchCriteriaId": "55A8D058-224E-467E-AB61-06F90B541F24", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.4:*:*:*:*:*:*:*", "matchCriteriaId": "77C47EDD-2212-4259-8229-FF05E1A7B5AD", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:apple:cups:*:*:*:*:*:*:*:*", "matchCriteriaId": "B4E90153-8D18-4A50-9581-895C851F6489", "versionEndIncluding": "1.3.9", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "E4D89E03-94D0-4F7F-9A54-3021E3E5A321", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "298D6BE7-7683-4225-8DD6-4C0FC5EB48BC", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "230B77E7-B1AE-4470-859D-7B5F99749D74", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "F8FECBBD-B1A2-4F42-8A68-32AB8331BDC7", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "7B6070FC-4566-4314-940E-0AAE34B56E28", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.5:*:*:*:*:*:*:*", "matchCriteriaId": "BC691F07-8B38-4867-AB18-51F380CAEA46", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.5-1:*:*:*:*:*:*:*", "matchCriteriaId": "E943EFBF-39A7-408F-8AC5-677E83DFDBB4", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.5-2:*:*:*:*:*:*:*", "matchCriteriaId": "5EA7725A-4398-4C76-BEBF-10E56C7F34F4", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.6:*:*:*:*:*:*:*", "matchCriteriaId": "D7415295-0FBF-4946-8D99-8CB2EC391319", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.6-1:*:*:*:*:*:*:*", "matchCriteriaId": "7C702EE3-4B7C-42EA-92AA-8717807CF67C", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.6-2:*:*:*:*:*:*:*", "matchCriteriaId": "73F74581-D71C-4FEC-BA8C-85EF4C1991BD", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.6-3:*:*:*:*:*:*:*", "matchCriteriaId": "7ABCFB52-33D3-428C-B1D5-DCE504170A37", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.7:*:*:*:*:*:*:*", "matchCriteriaId": "45F03F2B-6AC3-4872-9032-293C2E9B837C", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.8:*:*:*:*:*:*:*", "matchCriteriaId": "7E02B6FB-C36D-45F3-95F3-566CA03B29A3", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.9:*:*:*:*:*:*:*", "matchCriteriaId": "96093309-A87D-48D0-84DA-446255ABF231", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.9-1:*:*:*:*:*:*:*", "matchCriteriaId": "CF67F149-614B-4507-A15F-E557A1B73423", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.10:*:*:*:*:*:*:*", "matchCriteriaId": "B4A14432-D8A1-4D19-9408-B9B4F2FC6B0A", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.10-1:*:*:*:*:*:*:*", "matchCriteriaId": "49862F77-B8DE-4AA7-AE17-B348B05AC00E", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.11:*:*:*:*:*:*:*", "matchCriteriaId": "78D7719F-03E0-4E66-A50A-F8E857A9B6AD", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.12:*:*:*:*:*:*:*", "matchCriteriaId": "F3139FDA-9476-4414-B349-7119E63FD268", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.13:*:*:*:*:*:*:*", "matchCriteriaId": "523FE78C-441F-4ACD-B9F2-3E5293E277AB", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.14:*:*:*:*:*:*:*", "matchCriteriaId": "F887B5B1-7528-4086-AE6C-134F54A93342", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.15:*:*:*:*:*:*:*", "matchCriteriaId": "0D6D24ED-0D73-4CF2-B746-6EF29F2EF56F", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.16:*:*:*:*:*:*:*", "matchCriteriaId": "E8C5C552-6276-4791-80CD-6B3EB425EF04", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.17:*:*:*:*:*:*:*", "matchCriteriaId": "8335D4E3-563D-4288-B708-A9635BCA595F", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.18:*:*:*:*:*:*:*", "matchCriteriaId": "5279D055-248A-4BD1-9FBB-0024BA16DF5B", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.19:*:*:*:*:*:*:*", "matchCriteriaId": "BF791C1D-9AF8-4F0F-8F4B-844BC9A55DFD", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.19:rc1:*:*:*:*:*:*", "matchCriteriaId": "16519855-FCB9-44A8-9C7E-116192327BAB", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.19:rc2:*:*:*:*:*:*", "matchCriteriaId": "B1D9330B-C51A-4C7D-A322-85103C64D86C", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.19:rc3:*:*:*:*:*:*", "matchCriteriaId": "2DA0C19F-95EB-429C-AF06-A2C1D5643662", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.19:rc4:*:*:*:*:*:*", "matchCriteriaId": "225CCE80-FF4B-4B39-B8BD-EB4710047524", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.19:rc5:*:*:*:*:*:*", "matchCriteriaId": "07925DD8-50C0-4908-95D1-7342A4617BBC", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.20:*:*:*:*:*:*:*", "matchCriteriaId": "48A519DB-6C6D-4094-814D-33BD5EF389BC", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.20:rc1:*:*:*:*:*:*", "matchCriteriaId": "B6ED7566-5092-4B08-97A9-B2B53117A224", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.20:rc2:*:*:*:*:*:*", "matchCriteriaId": "98DCAC0C-896F-4353-A665-5BCD0D8AEBA5", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.20:rc3:*:*:*:*:*:*", "matchCriteriaId": "E72614CD-8F70-4E07-AD83-8FDE8026CEC7", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.20:rc4:*:*:*:*:*:*", "matchCriteriaId": "48E62419-C165-4B42-8C23-E24821BD4BB4", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.20:rc5:*:*:*:*:*:*", "matchCriteriaId": "217D804B-CA56-49CE-B9EB-2A297EB1763C", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.20:rc6:*:*:*:*:*:*", "matchCriteriaId": "A41E8583-C837-4871-B4D2-FD41C78D538E", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.21:*:*:*:*:*:*:*", "matchCriteriaId": "D480C37B-0DA8-4096-80B0-5198FE589A4B", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.21:rc1:*:*:*:*:*:*", "matchCriteriaId": "74F5A83B-3C1A-49F3-A9D6-F7B9B897E447", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.21:rc2:*:*:*:*:*:*", "matchCriteriaId": "241D4183-879D-4974-BACB-A6987EDA2E7D", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.22:*:*:*:*:*:*:*", "matchCriteriaId": "96592A93-4967-4B91-BCF7-558DC472E7BC", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.22:rc1:*:*:*:*:*:*", "matchCriteriaId": "8758715D-B973-4960-8B7D-6F9A11E73288", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.22:rc2:*:*:*:*:*:*", "matchCriteriaId": "0370E9EB-B830-4362-B83C-912579695691", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.23:*:*:*:*:*:*:*", "matchCriteriaId": "DA3EC6EE-720D-4F27-A2E1-88AE53FC41A5", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.23:rc1:*:*:*:*:*:*", "matchCriteriaId": "D644926A-C2A5-45FE-85A3-2782CE87ED86", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "0696E675-0A13-45FC-8917-845E6FF7A311", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "78BAC98C-1FE6-42A3-8B62-E3C321914F6A", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "BCC3EF2F-0140-4185-9FB3-2B595B61CDC1", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "7C36785A-F735-45C0-986B-9624AD65F0C3", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "3C1D3916-607F-44E8-9D47-93C6C0789083", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.2.5:*:*:*:*:*:*:*", "matchCriteriaId": "174613C3-A04B-4701-849B-BAA598BF4F72", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.2.6:*:*:*:*:*:*:*", "matchCriteriaId": "81C1137C-BE3D-45F9-83C9-D212107F0E14", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.2.7:*:*:*:*:*:*:*", "matchCriteriaId": "3CBC1F81-E93A-42A7-8BC8-4B903688F2E0", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.2.8:*:*:*:*:*:*:*", "matchCriteriaId": "1FA876FF-C58A-45CF-A8E8-E2068DF79421", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.2.9:*:*:*:*:*:*:*", "matchCriteriaId": "5FD78771-BD9A-4AC2-B664-B189DD288FB2", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.2.10:*:*:*:*:*:*:*", "matchCriteriaId": "50A16424-732F-4B76-A753-1642A97BC1EA", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.2.11:*:*:*:*:*:*:*", "matchCriteriaId": "E189C976-2DD2-485C-828E-7FC3DC6A8F32", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.2.12:*:*:*:*:*:*:*", "matchCriteriaId": "A86CA90F-A944-4F3E-B75F-8147125335D2", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "9FAFABDC-E40F-4C53-AC66-94EFD077665D", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "42A2F7B3-F4A7-416E-A07F-D4C5F0768B6F", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "F96C1B80-9E20-4832-8308-BF7911569EF6", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "3F2D7DB3-F467-4BC0-83BB-4706D067A2C5", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.3.4:*:*:*:*:*:*:*", "matchCriteriaId": "ABD33C2C-7D39-4CCE-AC99-BC7B1B205A4F", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.3.5:*:*:*:*:*:*:*", "matchCriteriaId": "46C394DC-65A7-4713-B823-6F5D329A0C5C", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.3.6:*:*:*:*:*:*:*", "matchCriteriaId": "E5E9F74F-3C7D-486A-8BA1-EE2A73160B39", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.3.7:*:*:*:*:*:*:*", "matchCriteriaId": "69BD64BB-BDA7-4F82-8324-B7C7C941133C", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.3.8:*:*:*:*:*:*:*", "matchCriteriaId": "FCAEE03E-0B8A-4D10-BD4D-2DA25B7BBE16", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.3.10:*:*:*:*:*:*:*", "matchCriteriaId": "D8814509-8B08-46C6-AE50-19B7D30DCF40", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.3.11:*:*:*:*:*:*:*", "matchCriteriaId": "0718FB6B-D787-409A-B535-0318F2C63A81", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to execute arbitrary code via a crafted PDF file." }, { "lang": "es", "value": "Desbordamiento de enteros en el decodificador JBIG2 en Xpdf versi\u00f3n 3.02 PL2 y anteriores, CUPS versi\u00f3n 1.3.9 y anteriores, Poppler versi\u00f3n anterior a 0.10.6, y otros productos permite a los atacantes remotos ejecutar c\u00f3digo arbitrario por medio de un archivo PDF creado." } ], "id": "CVE-2009-1179", "lastModified": "2025-04-09T00:30:58.490", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2009-04-23T17:30:01.750", "references": [ { "source": "secalert@redhat.com", "url": "http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html" }, { "source": "secalert@redhat.com", "url": "http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html" }, { "source": "secalert@redhat.com", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html" }, { "source": "secalert@redhat.com", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html" }, { "source": "secalert@redhat.com", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html" }, { "source": "secalert@redhat.com", "url": "http://poppler.freedesktop.org/releases.html" }, { "source": "secalert@redhat.com", "url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34291" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34481" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34746" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34755" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34756" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34852" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34959" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34963" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34991" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/35037" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/35064" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/35065" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/35379" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/35618" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/35685" }, { "source": "secalert@redhat.com", "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477" }, { "source": "secalert@redhat.com", "url": "http://support.apple.com/kb/HT3613" }, { "source": "secalert@redhat.com", "url": "http://support.apple.com/kb/HT3639" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2009/dsa-1790" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2009/dsa-1793" }, { "source": "secalert@redhat.com", "tags": [ "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/196617" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html" }, { "source": "secalert@redhat.com", "tags": [ "Patch" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/bid/34568" }, { "source": "secalert@redhat.com", "url": "http://www.securitytracker.com/id?1022073" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/1065" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/1066" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/1076" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/1077" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/1522" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/1621" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2010/1040" }, { "source": "secalert@redhat.com", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=495889" }, { "source": "secalert@redhat.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11892" }, { "source": "secalert@redhat.com", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html" }, { "source": "secalert@redhat.com", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html" }, { "source": "secalert@redhat.com", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://poppler.freedesktop.org/releases.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34291" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34481" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34746" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34755" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34756" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34852" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34959" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34963" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34991" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/35037" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/35064" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/35065" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/35379" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/35618" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/35685" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://support.apple.com/kb/HT3613" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://support.apple.com/kb/HT3639" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2009/dsa-1790" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2009/dsa-1793" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/196617" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/34568" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id?1022073" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/1065" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/1066" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/1076" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/1077" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/1522" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/1621" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2010/1040" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=495889" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11892" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html" } ], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-189" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2009-04-23 19:30
Modified
2025-04-09 00:30
Severity ?
Summary
Integer overflow in the JBIG2 decoding feature in the SplashBitmap::SplashBitmap function in SplashBitmap.cc in Xpdf 3.x before 3.02pl4 and Poppler before 0.10.6, as used in GPdf and kdegraphics KPDF, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:poppler:poppler:*:*:*:*:*:*:*:*", "matchCriteriaId": "E0299F4A-A027-430C-9A53-AFEF9022960C", "versionEndIncluding": "0.10.5", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.1:*:*:*:*:*:*:*", "matchCriteriaId": "E23EBF88-10DE-4EA6-9F0E-F33C88541F65", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "54F75CFD-3523-4017-992C-4FA6406D49F2", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "DB116A19-6436-40BE-B5C6-32C22D888B9A", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "8A4C1429-593B-47B6-AC84-832F2296FAB5", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "18240BA6-3390-4925-AC25-DA4C42397CF7", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "3090A142-2240-4A8D-A122-C037931A277C", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "EFD63240-4599-4212-8AF2-7C4089CA9D28", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "3C7EE965-EE3F-4B17-AF38-FA3AA0B11164", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "7BE488E5-B3D9-4723-ABBA-A8753EC2DA2D", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "1259C59E-517F-40BE-8BA6-01AB76257C9A", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "63C92F1C-3005-4EA6-B9C0-2BC2E3D611D6", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "576152B4-9ACD-4C4E-B423-4A5EF44332D0", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.4:*:*:*:*:*:*:*", "matchCriteriaId": "322F9E62-6A74-4805-8F6B-9C61739B2D4E", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "F51C453F-6A87-49FB-83F6-22316F28161F", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "75F532F0-6653-4275-A85A-BD9A9A611E96", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "4CC7300E-0CBE-47FD-A241-B4B4F0164EBB", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "255102DA-A2C0-4795-9539-B4CBD587554A", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "349B06F1-772A-4A12-A7B9-EA220ED96D2C", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.9:*:*:*:*:*:*:*", "matchCriteriaId": "B779800A-FF4B-47DD-B56F-77D10D6A335C", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.90:*:*:*:*:*:*:*", "matchCriteriaId": "F0213390-08FA-4E04-835B-8BE0FC61B464", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.91:*:*:*:*:*:*:*", "matchCriteriaId": "0B304657-740A-4F8D-99CD-22E283FEE6F1", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "178680C2-DB1B-4250-9B6E-6ADABA60DE44", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "FCA9036F-92DA-45C2-9FBC-DE03444D34F1", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "B6855B98-DAA2-4850-A765-2F4D6D93A424", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "4743EC55-B61D-4C1A-9ED7-060268F2DB27", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.6.4:*:*:*:*:*:*:*", "matchCriteriaId": "8CD4454E-3D2B-4582-B5E5-0317A6417654", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.7.0:*:*:*:*:*:*:*", "matchCriteriaId": "96402B67-A7A8-44E3-914E-A10A69FAD735", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "66C608C8-F382-4D6B-A638-98763C1CBB66", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.7.2:*:*:*:*:*:*:*", "matchCriteriaId": "21F0F4E0-91B7-4B1F-BFA9-829101A7F90A", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.7.3:*:*:*:*:*:*:*", "matchCriteriaId": "22287102-80B1-4E1F-85E4-488B020A51E0", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.0:*:*:*:*:*:*:*", "matchCriteriaId": "FF3030D6-DE07-418B-AB40-87C85FCA3C58", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.1:*:*:*:*:*:*:*", "matchCriteriaId": "D3583D56-F653-457A-B1F8-25842A15CB82", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.2:*:*:*:*:*:*:*", "matchCriteriaId": "6EEA5DBB-5A80-439E-A135-77CB40772916", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.3:*:*:*:*:*:*:*", "matchCriteriaId": "D4A5C43B-3978-4D0A-8166-A99622106781", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.4:*:*:*:*:*:*:*", "matchCriteriaId": "2A940AF2-A7CA-408F-86E2-797C7BA8A6BD", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.5:*:*:*:*:*:*:*", "matchCriteriaId": "8B2CD8A0-2DBA-4AC9-A97D-D4DAEB6C7A74", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.6:*:*:*:*:*:*:*", "matchCriteriaId": "AA56CB7C-E7B3-4F0B-8BEB-F133FAF0D6FC", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.7:*:*:*:*:*:*:*", "matchCriteriaId": "6323ED7A-6FE8-4885-B743-3E2F82ECA08B", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.9.0:*:*:*:*:*:*:*", "matchCriteriaId": "90D3345C-2D35-413C-B6F9-C308BC7C2AA6", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.9.1:*:*:*:*:*:*:*", "matchCriteriaId": "26216EEC-26B7-41C8-ADFB-64D2EA8DAA8F", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.9.2:*:*:*:*:*:*:*", "matchCriteriaId": "A9D3618D-A183-4B09-9CA2-8D622C3486DD", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.9.3:*:*:*:*:*:*:*", "matchCriteriaId": "A88294D9-563E-4AB3-9FE6-971F43B052B4", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.0:*:*:*:*:*:*:*", "matchCriteriaId": "1A39F672-B238-4B21-A48E-5121771949F3", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.1:*:*:*:*:*:*:*", "matchCriteriaId": "58A5D199-E952-44B5-B5E5-170040FA813E", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.2:*:*:*:*:*:*:*", "matchCriteriaId": "349B4B75-32E2-49FB-9606-8B057AFA2E3E", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.3:*:*:*:*:*:*:*", "matchCriteriaId": "55A8D058-224E-467E-AB61-06F90B541F24", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.4:*:*:*:*:*:*:*", "matchCriteriaId": "77C47EDD-2212-4259-8229-FF05E1A7B5AD", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Integer overflow in the JBIG2 decoding feature in the SplashBitmap::SplashBitmap function in SplashBitmap.cc in Xpdf 3.x before 3.02pl4 and Poppler before 0.10.6, as used in GPdf and kdegraphics KPDF, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document." }, { "lang": "es", "value": "Desbordamiento de entero en la caracter\u00edstica JBIG2 decoding en Poppler anteriores a v0.10.6 permite a atacantes remotos producir una denegaci\u00f3n de servicio (caida) y posiblemente ejecutar c\u00f3digo a trav\u00e9s de vectores relacionados con SplashBitmap (splash/SplashBitmap.cc)." } ], "id": "CVE-2009-1188", "lastModified": "2025-04-09T00:30:58.490", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2009-04-23T19:30:00.547", "references": [ { "source": "secalert@redhat.com", "tags": [ "Patch" ], "url": "http://bugs.gentoo.org/show_bug.cgi?id=263028#c16" }, { "source": "secalert@redhat.com", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035340.html" }, { "source": "secalert@redhat.com", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035399.html" }, { "source": "secalert@redhat.com", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035408.html" }, { "source": "secalert@redhat.com", "url": "http://poppler.freedesktop.org/releases.html" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/34746" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/35064" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/35618" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/37028" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/37037" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/37043" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/37053" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/37077" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/37079" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/39327" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/39938" }, { "source": "secalert@redhat.com", "url": "http://wiki.rpath.com/Advisories:rPSA-2009-0059" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2010/dsa-2028" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2010/dsa-2050" }, { "source": "secalert@redhat.com", "tags": [ "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/196617" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/502761/100/0/threaded" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/bid/34568" }, { "source": "secalert@redhat.com", "url": "http://www.vupen.com/english/advisories/2009/1076" }, { "source": "secalert@redhat.com", "url": "http://www.vupen.com/english/advisories/2009/2928" }, { "source": "secalert@redhat.com", "url": "http://www.vupen.com/english/advisories/2010/0802" }, { "source": "secalert@redhat.com", "url": "http://www.vupen.com/english/advisories/2010/1040" }, { "source": "secalert@redhat.com", "url": "http://www.vupen.com/english/advisories/2010/1220" }, { "source": "secalert@redhat.com", "url": "https://bugs.launchpad.net/ubuntu/+source/poppler/+bug/361875" }, { "source": "secalert@redhat.com", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=495907" }, { "source": "secalert@redhat.com", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=526915" }, { "source": "secalert@redhat.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50185" }, { "source": "secalert@redhat.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9957" }, { "source": "secalert@redhat.com", "url": "https://rhn.redhat.com/errata/RHSA-2009-1501.html" }, { "source": "secalert@redhat.com", "url": "https://rhn.redhat.com/errata/RHSA-2009-1502.html" }, { "source": "secalert@redhat.com", "url": "https://rhn.redhat.com/errata/RHSA-2009-1503.html" }, { "source": "secalert@redhat.com", "url": "https://rhn.redhat.com/errata/RHSA-2009-1512.html" }, { "source": "secalert@redhat.com", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html" }, { "source": "secalert@redhat.com", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html" }, { "source": "secalert@redhat.com", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://bugs.gentoo.org/show_bug.cgi?id=263028#c16" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035340.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035399.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035408.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://poppler.freedesktop.org/releases.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/34746" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/35064" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/35618" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/37028" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/37037" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/37043" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/37053" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/37077" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/37079" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/39327" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/39938" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://wiki.rpath.com/Advisories:rPSA-2009-0059" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2010/dsa-2028" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2010/dsa-2050" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/196617" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/502761/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/34568" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2009/1076" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2009/2928" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2010/0802" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2010/1040" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2010/1220" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://bugs.launchpad.net/ubuntu/+source/poppler/+bug/361875" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=495907" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=526915" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50185" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9957" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://rhn.redhat.com/errata/RHSA-2009-1501.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://rhn.redhat.com/errata/RHSA-2009-1502.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://rhn.redhat.com/errata/RHSA-2009-1503.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://rhn.redhat.com/errata/RHSA-2009-1512.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html" } ], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-189" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2009-04-23 19:30
Modified
2025-04-09 00:30
Severity ?
Summary
Integer overflow in the JBIG2 decoding feature in Poppler before 0.10.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to CairoOutputDev (CairoOutputDev.cc).
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:poppler:poppler:*:*:*:*:*:*:*:*", "matchCriteriaId": "E0299F4A-A027-430C-9A53-AFEF9022960C", "versionEndIncluding": "0.10.5", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.1:*:*:*:*:*:*:*", "matchCriteriaId": "E23EBF88-10DE-4EA6-9F0E-F33C88541F65", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "54F75CFD-3523-4017-992C-4FA6406D49F2", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "DB116A19-6436-40BE-B5C6-32C22D888B9A", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "8A4C1429-593B-47B6-AC84-832F2296FAB5", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "18240BA6-3390-4925-AC25-DA4C42397CF7", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "3090A142-2240-4A8D-A122-C037931A277C", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "EFD63240-4599-4212-8AF2-7C4089CA9D28", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "3C7EE965-EE3F-4B17-AF38-FA3AA0B11164", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "7BE488E5-B3D9-4723-ABBA-A8753EC2DA2D", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "1259C59E-517F-40BE-8BA6-01AB76257C9A", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "63C92F1C-3005-4EA6-B9C0-2BC2E3D611D6", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "576152B4-9ACD-4C4E-B423-4A5EF44332D0", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.4:*:*:*:*:*:*:*", "matchCriteriaId": "322F9E62-6A74-4805-8F6B-9C61739B2D4E", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "F51C453F-6A87-49FB-83F6-22316F28161F", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "75F532F0-6653-4275-A85A-BD9A9A611E96", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "4CC7300E-0CBE-47FD-A241-B4B4F0164EBB", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "255102DA-A2C0-4795-9539-B4CBD587554A", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "349B06F1-772A-4A12-A7B9-EA220ED96D2C", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.9:*:*:*:*:*:*:*", "matchCriteriaId": "B779800A-FF4B-47DD-B56F-77D10D6A335C", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.90:*:*:*:*:*:*:*", "matchCriteriaId": "F0213390-08FA-4E04-835B-8BE0FC61B464", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.91:*:*:*:*:*:*:*", "matchCriteriaId": "0B304657-740A-4F8D-99CD-22E283FEE6F1", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "178680C2-DB1B-4250-9B6E-6ADABA60DE44", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "FCA9036F-92DA-45C2-9FBC-DE03444D34F1", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "B6855B98-DAA2-4850-A765-2F4D6D93A424", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "4743EC55-B61D-4C1A-9ED7-060268F2DB27", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.6.4:*:*:*:*:*:*:*", "matchCriteriaId": "8CD4454E-3D2B-4582-B5E5-0317A6417654", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.7.0:*:*:*:*:*:*:*", "matchCriteriaId": "96402B67-A7A8-44E3-914E-A10A69FAD735", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "66C608C8-F382-4D6B-A638-98763C1CBB66", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.7.2:*:*:*:*:*:*:*", "matchCriteriaId": "21F0F4E0-91B7-4B1F-BFA9-829101A7F90A", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.7.3:*:*:*:*:*:*:*", "matchCriteriaId": "22287102-80B1-4E1F-85E4-488B020A51E0", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.0:*:*:*:*:*:*:*", "matchCriteriaId": "FF3030D6-DE07-418B-AB40-87C85FCA3C58", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.1:*:*:*:*:*:*:*", "matchCriteriaId": "D3583D56-F653-457A-B1F8-25842A15CB82", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.2:*:*:*:*:*:*:*", "matchCriteriaId": "6EEA5DBB-5A80-439E-A135-77CB40772916", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.3:*:*:*:*:*:*:*", "matchCriteriaId": "D4A5C43B-3978-4D0A-8166-A99622106781", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.4:*:*:*:*:*:*:*", "matchCriteriaId": "2A940AF2-A7CA-408F-86E2-797C7BA8A6BD", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.5:*:*:*:*:*:*:*", "matchCriteriaId": "8B2CD8A0-2DBA-4AC9-A97D-D4DAEB6C7A74", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.6:*:*:*:*:*:*:*", "matchCriteriaId": "AA56CB7C-E7B3-4F0B-8BEB-F133FAF0D6FC", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.7:*:*:*:*:*:*:*", "matchCriteriaId": "6323ED7A-6FE8-4885-B743-3E2F82ECA08B", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.9.0:*:*:*:*:*:*:*", "matchCriteriaId": "90D3345C-2D35-413C-B6F9-C308BC7C2AA6", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.9.1:*:*:*:*:*:*:*", "matchCriteriaId": "26216EEC-26B7-41C8-ADFB-64D2EA8DAA8F", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.9.2:*:*:*:*:*:*:*", "matchCriteriaId": "A9D3618D-A183-4B09-9CA2-8D622C3486DD", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.9.3:*:*:*:*:*:*:*", "matchCriteriaId": "A88294D9-563E-4AB3-9FE6-971F43B052B4", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.0:*:*:*:*:*:*:*", "matchCriteriaId": "1A39F672-B238-4B21-A48E-5121771949F3", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.1:*:*:*:*:*:*:*", "matchCriteriaId": "58A5D199-E952-44B5-B5E5-170040FA813E", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.2:*:*:*:*:*:*:*", "matchCriteriaId": "349B4B75-32E2-49FB-9606-8B057AFA2E3E", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.3:*:*:*:*:*:*:*", "matchCriteriaId": "55A8D058-224E-467E-AB61-06F90B541F24", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.4:*:*:*:*:*:*:*", "matchCriteriaId": "77C47EDD-2212-4259-8229-FF05E1A7B5AD", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Integer overflow in the JBIG2 decoding feature in Poppler before 0.10.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to CairoOutputDev (CairoOutputDev.cc)." }, { "lang": "es", "value": "Desbordamiento de entero en la caracter\u00edstica JBIG2 decoding en Poppler anteriores a v0.10.6 permite a atacantes remotos producir una denegaci\u00f3n de servicio (caida) y posiblemente ejecutar c\u00f3digo a trav\u00e9s de vectores relacionados con CairoOutputDev (CairoOutputDev.cc)." } ], "id": "CVE-2009-1187", "lastModified": "2025-04-09T00:30:58.490", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2009-04-23T19:30:00.530", "references": [ { "source": "secalert@redhat.com", "tags": [ "Patch" ], "url": "http://bugs.gentoo.org/show_bug.cgi?id=263028#c16" }, { "source": "secalert@redhat.com", "url": "http://poppler.freedesktop.org/releases.html" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/34746" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/35064" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/35618" }, { "source": "secalert@redhat.com", "url": "http://wiki.rpath.com/Advisories:rPSA-2009-0059" }, { "source": "secalert@redhat.com", "tags": [ "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/196617" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/502761/100/0/threaded" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/bid/34568" }, { "source": "secalert@redhat.com", "url": "http://www.vupen.com/english/advisories/2009/1076" }, { "source": "secalert@redhat.com", "url": "http://www.vupen.com/english/advisories/2010/1040" }, { "source": "secalert@redhat.com", "url": "https://bugs.launchpad.net/ubuntu/+source/poppler/+bug/361875" }, { "source": "secalert@redhat.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50184" }, { "source": "secalert@redhat.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10292" }, { "source": "secalert@redhat.com", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html" }, { "source": "secalert@redhat.com", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html" }, { "source": "secalert@redhat.com", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://bugs.gentoo.org/show_bug.cgi?id=263028#c16" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://poppler.freedesktop.org/releases.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/34746" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/35064" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/35618" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://wiki.rpath.com/Advisories:rPSA-2009-0059" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/196617" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/502761/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/34568" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2009/1076" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2010/1040" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://bugs.launchpad.net/ubuntu/+source/poppler/+bug/361875" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50184" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10292" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html" } ], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-189" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2009-04-23 17:30
Modified
2025-04-09 00:30
Severity ?
Summary
The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers a NULL pointer dereference.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:foolabs:xpdf:0.5a:*:*:*:*:*:*:*", "matchCriteriaId": "B8ABE533-8FC1-45E6-B574-A4CC7571EF7C", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.7a:*:*:*:*:*:*:*", "matchCriteriaId": "1B02805E-7BD0-4563-82C8-6FFB982D4913", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.91a:*:*:*:*:*:*:*", "matchCriteriaId": "852F526D-F388-4FF0-BDD9-DF7635DB46D8", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.91b:*:*:*:*:*:*:*", "matchCriteriaId": "478D53EA-CC8C-4ECB-8410-0910505AD819", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.91c:*:*:*:*:*:*:*", "matchCriteriaId": "8C84FB90-FF1C-4502-B2D2-390438DD422F", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.92a:*:*:*:*:*:*:*", "matchCriteriaId": "13341DAE-D16D-41A7-BF17-FEC802997B15", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.92b:*:*:*:*:*:*:*", "matchCriteriaId": "3E30BAEA-231C-4A82-B014-9EE3D1E81545", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.92c:*:*:*:*:*:*:*", "matchCriteriaId": "FE1DE5A5-6448-43F6-A612-56998D16E6B9", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.92d:*:*:*:*:*:*:*", "matchCriteriaId": "35F84699-D4CF-4FD1-A959-53E316559EBE", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.92e:*:*:*:*:*:*:*", "matchCriteriaId": "D820DFD5-0EF9-4C9A-B281-D553A4F63141", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.93a:*:*:*:*:*:*:*", "matchCriteriaId": "E2EFC7E4-E513-42DB-BDA5-8D1E497971DD", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.93b:*:*:*:*:*:*:*", "matchCriteriaId": "0AA5CDDC-BFDE-4C5E-920F-5DA1B3C51B52", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.93c:*:*:*:*:*:*:*", "matchCriteriaId": "F4CF839D-D034-4D47-977F-7E27B36EF04F", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:1.00a:*:*:*:*:*:*:*", "matchCriteriaId": "F3B3E8A4-14FE-42DA-B82E-839B092B5302", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:*:*:*:*:*:*:*:*", "matchCriteriaId": "32628280-E2DB-45E0-AB8A-CFC90419A182", "versionEndIncluding": "3.02", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.2:*:*:*:*:*:*:*", "matchCriteriaId": "DEF5EC54-9145-4B51-8241-C9343160BF80", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.3:*:*:*:*:*:*:*", "matchCriteriaId": "D33C2C1D-C1C1-4B1D-BDC8-6480CE8EC24B", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.4:*:*:*:*:*:*:*", "matchCriteriaId": "D1344DF7-9917-4DB0-9256-9E8131C55B0A", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.5:*:*:*:*:*:*:*", "matchCriteriaId": "309F0CF2-4AF7-4F46-91EA-39BA07BAF312", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.6:*:*:*:*:*:*:*", "matchCriteriaId": "36FA872B-74B8-48E4-9D5C-5ACA6FCB8026", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.7:*:*:*:*:*:*:*", "matchCriteriaId": "20311EDE-0E34-432A-AE41-F61EA68F134A", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.80:*:*:*:*:*:*:*", "matchCriteriaId": "16FEF460-3569-4294-ABA4-D7C251D67071", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.90:*:*:*:*:*:*:*", "matchCriteriaId": "BB41E8C2-BBCC-48CB-805B-23411D39E936", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.91:*:*:*:*:*:*:*", "matchCriteriaId": "16670F8A-E70B-4CDF-8C61-414D86E20C84", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.92:*:*:*:*:*:*:*", "matchCriteriaId": "69483A91-53DB-4736-908F-7B14EFB40888", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.93:*:*:*:*:*:*:*", "matchCriteriaId": "5B3E7962-0A95-4E7B-A983-683B02350B93", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:1.00:*:*:*:*:*:*:*", "matchCriteriaId": "BD1120B3-3372-417B-BCA0-FD515638FBFB", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:1.01:*:*:*:*:*:*:*", "matchCriteriaId": "F7397645-3225-4980-8465-28F93322B58B", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.00:*:*:*:*:*:*:*", "matchCriteriaId": "1672587F-ED28-4A8A-A6C1-AD1D6B5DF9F3", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.01:*:*:*:*:*:*:*", "matchCriteriaId": "D5A45EAF-B511-4360-A201-D588E7EEB39D", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.02:*:*:*:*:*:*:*", "matchCriteriaId": "D14637F7-DC99-4AC4-854C-DBA0B4C6BE54", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.03:*:*:*:*:*:*:*", "matchCriteriaId": "9EE03979-D564-4ABD-BEBD-E86E7C1BAF9D", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.00:*:*:*:*:*:*:*", "matchCriteriaId": "15D08CFD-BEE1-4DEE-926D-F4291F88224D", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.01:*:*:*:*:*:*:*", "matchCriteriaId": "D244903F-5407-4C35-AE2C-1A05D3C227D4", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:poppler:poppler:*:*:*:*:*:*:*:*", "matchCriteriaId": "E0299F4A-A027-430C-9A53-AFEF9022960C", "versionEndIncluding": "0.10.5", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.1:*:*:*:*:*:*:*", "matchCriteriaId": "E23EBF88-10DE-4EA6-9F0E-F33C88541F65", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "54F75CFD-3523-4017-992C-4FA6406D49F2", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "DB116A19-6436-40BE-B5C6-32C22D888B9A", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "8A4C1429-593B-47B6-AC84-832F2296FAB5", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "18240BA6-3390-4925-AC25-DA4C42397CF7", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "3090A142-2240-4A8D-A122-C037931A277C", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "EFD63240-4599-4212-8AF2-7C4089CA9D28", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "3C7EE965-EE3F-4B17-AF38-FA3AA0B11164", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "7BE488E5-B3D9-4723-ABBA-A8753EC2DA2D", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "1259C59E-517F-40BE-8BA6-01AB76257C9A", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "63C92F1C-3005-4EA6-B9C0-2BC2E3D611D6", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "576152B4-9ACD-4C4E-B423-4A5EF44332D0", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.4:*:*:*:*:*:*:*", "matchCriteriaId": "322F9E62-6A74-4805-8F6B-9C61739B2D4E", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "F51C453F-6A87-49FB-83F6-22316F28161F", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "75F532F0-6653-4275-A85A-BD9A9A611E96", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "4CC7300E-0CBE-47FD-A241-B4B4F0164EBB", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "255102DA-A2C0-4795-9539-B4CBD587554A", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "349B06F1-772A-4A12-A7B9-EA220ED96D2C", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.9:*:*:*:*:*:*:*", "matchCriteriaId": "B779800A-FF4B-47DD-B56F-77D10D6A335C", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.90:*:*:*:*:*:*:*", "matchCriteriaId": "F0213390-08FA-4E04-835B-8BE0FC61B464", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.91:*:*:*:*:*:*:*", "matchCriteriaId": "0B304657-740A-4F8D-99CD-22E283FEE6F1", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "178680C2-DB1B-4250-9B6E-6ADABA60DE44", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "FCA9036F-92DA-45C2-9FBC-DE03444D34F1", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "B6855B98-DAA2-4850-A765-2F4D6D93A424", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "4743EC55-B61D-4C1A-9ED7-060268F2DB27", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.6.4:*:*:*:*:*:*:*", "matchCriteriaId": "8CD4454E-3D2B-4582-B5E5-0317A6417654", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.7.0:*:*:*:*:*:*:*", "matchCriteriaId": "96402B67-A7A8-44E3-914E-A10A69FAD735", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "66C608C8-F382-4D6B-A638-98763C1CBB66", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.7.2:*:*:*:*:*:*:*", "matchCriteriaId": "21F0F4E0-91B7-4B1F-BFA9-829101A7F90A", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.7.3:*:*:*:*:*:*:*", "matchCriteriaId": "22287102-80B1-4E1F-85E4-488B020A51E0", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.0:*:*:*:*:*:*:*", "matchCriteriaId": "FF3030D6-DE07-418B-AB40-87C85FCA3C58", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.1:*:*:*:*:*:*:*", "matchCriteriaId": "D3583D56-F653-457A-B1F8-25842A15CB82", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.2:*:*:*:*:*:*:*", "matchCriteriaId": "6EEA5DBB-5A80-439E-A135-77CB40772916", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.3:*:*:*:*:*:*:*", "matchCriteriaId": "D4A5C43B-3978-4D0A-8166-A99622106781", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.4:*:*:*:*:*:*:*", "matchCriteriaId": "2A940AF2-A7CA-408F-86E2-797C7BA8A6BD", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.5:*:*:*:*:*:*:*", "matchCriteriaId": "8B2CD8A0-2DBA-4AC9-A97D-D4DAEB6C7A74", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.6:*:*:*:*:*:*:*", "matchCriteriaId": "AA56CB7C-E7B3-4F0B-8BEB-F133FAF0D6FC", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.7:*:*:*:*:*:*:*", "matchCriteriaId": "6323ED7A-6FE8-4885-B743-3E2F82ECA08B", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.9.0:*:*:*:*:*:*:*", "matchCriteriaId": "90D3345C-2D35-413C-B6F9-C308BC7C2AA6", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.9.1:*:*:*:*:*:*:*", "matchCriteriaId": "26216EEC-26B7-41C8-ADFB-64D2EA8DAA8F", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.9.2:*:*:*:*:*:*:*", "matchCriteriaId": "A9D3618D-A183-4B09-9CA2-8D622C3486DD", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.9.3:*:*:*:*:*:*:*", "matchCriteriaId": "A88294D9-563E-4AB3-9FE6-971F43B052B4", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.0:*:*:*:*:*:*:*", "matchCriteriaId": "1A39F672-B238-4B21-A48E-5121771949F3", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.1:*:*:*:*:*:*:*", "matchCriteriaId": "58A5D199-E952-44B5-B5E5-170040FA813E", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.2:*:*:*:*:*:*:*", "matchCriteriaId": "349B4B75-32E2-49FB-9606-8B057AFA2E3E", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.3:*:*:*:*:*:*:*", "matchCriteriaId": "55A8D058-224E-467E-AB61-06F90B541F24", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.4:*:*:*:*:*:*:*", "matchCriteriaId": "77C47EDD-2212-4259-8229-FF05E1A7B5AD", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:apple:cups:*:*:*:*:*:*:*:*", "matchCriteriaId": "B4E90153-8D18-4A50-9581-895C851F6489", "versionEndIncluding": "1.3.9", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "E4D89E03-94D0-4F7F-9A54-3021E3E5A321", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "298D6BE7-7683-4225-8DD6-4C0FC5EB48BC", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "230B77E7-B1AE-4470-859D-7B5F99749D74", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "F8FECBBD-B1A2-4F42-8A68-32AB8331BDC7", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "7B6070FC-4566-4314-940E-0AAE34B56E28", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.5:*:*:*:*:*:*:*", "matchCriteriaId": "BC691F07-8B38-4867-AB18-51F380CAEA46", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.5-1:*:*:*:*:*:*:*", "matchCriteriaId": "E943EFBF-39A7-408F-8AC5-677E83DFDBB4", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.5-2:*:*:*:*:*:*:*", "matchCriteriaId": "5EA7725A-4398-4C76-BEBF-10E56C7F34F4", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.6:*:*:*:*:*:*:*", "matchCriteriaId": "D7415295-0FBF-4946-8D99-8CB2EC391319", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.6-1:*:*:*:*:*:*:*", "matchCriteriaId": "7C702EE3-4B7C-42EA-92AA-8717807CF67C", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.6-2:*:*:*:*:*:*:*", "matchCriteriaId": "73F74581-D71C-4FEC-BA8C-85EF4C1991BD", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.6-3:*:*:*:*:*:*:*", "matchCriteriaId": "7ABCFB52-33D3-428C-B1D5-DCE504170A37", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.7:*:*:*:*:*:*:*", "matchCriteriaId": "45F03F2B-6AC3-4872-9032-293C2E9B837C", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.8:*:*:*:*:*:*:*", "matchCriteriaId": "7E02B6FB-C36D-45F3-95F3-566CA03B29A3", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.9:*:*:*:*:*:*:*", "matchCriteriaId": "96093309-A87D-48D0-84DA-446255ABF231", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.9-1:*:*:*:*:*:*:*", "matchCriteriaId": "CF67F149-614B-4507-A15F-E557A1B73423", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.10:*:*:*:*:*:*:*", "matchCriteriaId": "B4A14432-D8A1-4D19-9408-B9B4F2FC6B0A", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.10-1:*:*:*:*:*:*:*", "matchCriteriaId": "49862F77-B8DE-4AA7-AE17-B348B05AC00E", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.11:*:*:*:*:*:*:*", "matchCriteriaId": "78D7719F-03E0-4E66-A50A-F8E857A9B6AD", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.12:*:*:*:*:*:*:*", "matchCriteriaId": "F3139FDA-9476-4414-B349-7119E63FD268", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.13:*:*:*:*:*:*:*", "matchCriteriaId": "523FE78C-441F-4ACD-B9F2-3E5293E277AB", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.14:*:*:*:*:*:*:*", "matchCriteriaId": "F887B5B1-7528-4086-AE6C-134F54A93342", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.15:*:*:*:*:*:*:*", "matchCriteriaId": "0D6D24ED-0D73-4CF2-B746-6EF29F2EF56F", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.16:*:*:*:*:*:*:*", "matchCriteriaId": "E8C5C552-6276-4791-80CD-6B3EB425EF04", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.17:*:*:*:*:*:*:*", "matchCriteriaId": "8335D4E3-563D-4288-B708-A9635BCA595F", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.18:*:*:*:*:*:*:*", "matchCriteriaId": "5279D055-248A-4BD1-9FBB-0024BA16DF5B", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.19:*:*:*:*:*:*:*", "matchCriteriaId": "BF791C1D-9AF8-4F0F-8F4B-844BC9A55DFD", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.19:rc1:*:*:*:*:*:*", "matchCriteriaId": "16519855-FCB9-44A8-9C7E-116192327BAB", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.19:rc2:*:*:*:*:*:*", "matchCriteriaId": "B1D9330B-C51A-4C7D-A322-85103C64D86C", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.19:rc3:*:*:*:*:*:*", "matchCriteriaId": "2DA0C19F-95EB-429C-AF06-A2C1D5643662", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.19:rc4:*:*:*:*:*:*", "matchCriteriaId": "225CCE80-FF4B-4B39-B8BD-EB4710047524", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.19:rc5:*:*:*:*:*:*", "matchCriteriaId": "07925DD8-50C0-4908-95D1-7342A4617BBC", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.20:*:*:*:*:*:*:*", "matchCriteriaId": "48A519DB-6C6D-4094-814D-33BD5EF389BC", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.20:rc1:*:*:*:*:*:*", "matchCriteriaId": "B6ED7566-5092-4B08-97A9-B2B53117A224", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.20:rc2:*:*:*:*:*:*", "matchCriteriaId": "98DCAC0C-896F-4353-A665-5BCD0D8AEBA5", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.20:rc3:*:*:*:*:*:*", "matchCriteriaId": "E72614CD-8F70-4E07-AD83-8FDE8026CEC7", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.20:rc4:*:*:*:*:*:*", "matchCriteriaId": "48E62419-C165-4B42-8C23-E24821BD4BB4", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.20:rc5:*:*:*:*:*:*", "matchCriteriaId": "217D804B-CA56-49CE-B9EB-2A297EB1763C", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.20:rc6:*:*:*:*:*:*", "matchCriteriaId": "A41E8583-C837-4871-B4D2-FD41C78D538E", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.21:*:*:*:*:*:*:*", "matchCriteriaId": "D480C37B-0DA8-4096-80B0-5198FE589A4B", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.21:rc1:*:*:*:*:*:*", "matchCriteriaId": "74F5A83B-3C1A-49F3-A9D6-F7B9B897E447", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.21:rc2:*:*:*:*:*:*", "matchCriteriaId": "241D4183-879D-4974-BACB-A6987EDA2E7D", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.22:*:*:*:*:*:*:*", "matchCriteriaId": "96592A93-4967-4B91-BCF7-558DC472E7BC", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.22:rc1:*:*:*:*:*:*", "matchCriteriaId": "8758715D-B973-4960-8B7D-6F9A11E73288", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.22:rc2:*:*:*:*:*:*", "matchCriteriaId": "0370E9EB-B830-4362-B83C-912579695691", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.23:*:*:*:*:*:*:*", "matchCriteriaId": "DA3EC6EE-720D-4F27-A2E1-88AE53FC41A5", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.23:rc1:*:*:*:*:*:*", "matchCriteriaId": "D644926A-C2A5-45FE-85A3-2782CE87ED86", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "0696E675-0A13-45FC-8917-845E6FF7A311", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "78BAC98C-1FE6-42A3-8B62-E3C321914F6A", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "BCC3EF2F-0140-4185-9FB3-2B595B61CDC1", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "7C36785A-F735-45C0-986B-9624AD65F0C3", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "3C1D3916-607F-44E8-9D47-93C6C0789083", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.2.5:*:*:*:*:*:*:*", "matchCriteriaId": "174613C3-A04B-4701-849B-BAA598BF4F72", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.2.6:*:*:*:*:*:*:*", "matchCriteriaId": "81C1137C-BE3D-45F9-83C9-D212107F0E14", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.2.7:*:*:*:*:*:*:*", "matchCriteriaId": "3CBC1F81-E93A-42A7-8BC8-4B903688F2E0", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.2.8:*:*:*:*:*:*:*", "matchCriteriaId": "1FA876FF-C58A-45CF-A8E8-E2068DF79421", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.2.9:*:*:*:*:*:*:*", "matchCriteriaId": "5FD78771-BD9A-4AC2-B664-B189DD288FB2", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.2.10:*:*:*:*:*:*:*", "matchCriteriaId": "50A16424-732F-4B76-A753-1642A97BC1EA", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.2.11:*:*:*:*:*:*:*", "matchCriteriaId": "E189C976-2DD2-485C-828E-7FC3DC6A8F32", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.2.12:*:*:*:*:*:*:*", "matchCriteriaId": "A86CA90F-A944-4F3E-B75F-8147125335D2", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "9FAFABDC-E40F-4C53-AC66-94EFD077665D", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "42A2F7B3-F4A7-416E-A07F-D4C5F0768B6F", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "F96C1B80-9E20-4832-8308-BF7911569EF6", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "3F2D7DB3-F467-4BC0-83BB-4706D067A2C5", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.3.4:*:*:*:*:*:*:*", "matchCriteriaId": "ABD33C2C-7D39-4CCE-AC99-BC7B1B205A4F", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.3.5:*:*:*:*:*:*:*", "matchCriteriaId": "46C394DC-65A7-4713-B823-6F5D329A0C5C", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.3.6:*:*:*:*:*:*:*", "matchCriteriaId": "E5E9F74F-3C7D-486A-8BA1-EE2A73160B39", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.3.7:*:*:*:*:*:*:*", "matchCriteriaId": "69BD64BB-BDA7-4F82-8324-B7C7C941133C", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.3.8:*:*:*:*:*:*:*", "matchCriteriaId": "FCAEE03E-0B8A-4D10-BD4D-2DA25B7BBE16", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.3.10:*:*:*:*:*:*:*", "matchCriteriaId": "D8814509-8B08-46C6-AE50-19B7D30DCF40", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.3.11:*:*:*:*:*:*:*", "matchCriteriaId": "0718FB6B-D787-409A-B535-0318F2C63A81", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers a NULL pointer dereference." }, { "lang": "es", "value": "El decodificador JBIG2 en Xpdf versi\u00f3n 3.02 PL2 y anteriores, CUPS versi\u00f3n 1.3.9 y anteriores, Poppler versi\u00f3n anterior a 0.10.6, y otros productos, permite a los atacantes remotos causar una denegaci\u00f3n de servicio (bloqueo) por medio de un archivo PDF creado que desencadena una desreferencia de puntero NULL." } ], "id": "CVE-2009-1181", "lastModified": "2025-04-09T00:30:58.490", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2009-04-23T17:30:01.780", "references": [ { "source": "secalert@redhat.com", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html" }, { "source": "secalert@redhat.com", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html" }, { "source": "secalert@redhat.com", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://poppler.freedesktop.org/releases.html" }, { "source": "secalert@redhat.com", "url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34291" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34481" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34746" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34755" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34756" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34852" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34959" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34963" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34991" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/35037" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/35064" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/35065" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/35618" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/35685" }, { "source": "secalert@redhat.com", "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477" }, { "source": "secalert@redhat.com", "tags": [ "Patch" ], "url": "http://www.debian.org/security/2009/dsa-1790" }, { "source": "secalert@redhat.com", "tags": [ "Patch" ], "url": "http://www.debian.org/security/2009/dsa-1793" }, { "source": "secalert@redhat.com", "tags": [ "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/196617" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175" }, { "source": "secalert@redhat.com", "tags": [ "Patch" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html" }, { "source": "secalert@redhat.com", "tags": [ "Patch" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html" }, { "source": "secalert@redhat.com", "tags": [ "Patch" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html" }, { "source": "secalert@redhat.com", "tags": [ "Patch" ], "url": "http://www.securityfocus.com/bid/34568" }, { "source": "secalert@redhat.com", "url": "http://www.securitytracker.com/id?1022072" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/1065" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/1066" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/1076" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/1077" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2010/1040" }, { "source": "secalert@redhat.com", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=495894" }, { "source": "secalert@redhat.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9683" }, { "source": "secalert@redhat.com", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html" }, { "source": "secalert@redhat.com", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html" }, { "source": "secalert@redhat.com", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://poppler.freedesktop.org/releases.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34291" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34481" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34746" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34755" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34756" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34852" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34959" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34963" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34991" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/35037" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/35064" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/35065" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/35618" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/35685" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.debian.org/security/2009/dsa-1790" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.debian.org/security/2009/dsa-1793" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/196617" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.securityfocus.com/bid/34568" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id?1022072" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/1065" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/1066" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/1076" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/1077" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2010/1040" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=495894" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9683" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html" } ], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-399" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2005-12-31 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.22:*:*:*:*:*:*:*", "matchCriteriaId": "B1512A96-B8E7-4DB7-A4CB-8FD3773BFC97", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.22_rc1:*:*:*:*:*:*:*", "matchCriteriaId": "787B918D-9CCC-44FE-92AF-E8DF1E91A3C7", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.23:*:*:*:*:*:*:*", "matchCriteriaId": "C116493B-2837-4531-9291-A9FF03099A97", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.23_rc1:*:*:*:*:*:*:*", "matchCriteriaId": "525BD04B-387F-4713-BC89-472D0D0BCFD0", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:kdegraphics:3.2:*:*:*:*:*:*:*", "matchCriteriaId": "6BF92649-90CE-4E75-A938-61D0916B5A7E", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:kdegraphics:3.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "2CA505B4-0C17-49C8-9533-CA8CE3AA77D8", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:koffice:1.4:*:*:*:*:*:*:*", "matchCriteriaId": "37C08E0A-651F-458B-BCEC-A30DCD527E47", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:koffice:1.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "6000D6AF-C056-4BC0-A54C-72E23E52AB92", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:koffice:1.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "A7D036E4-FA49-417D-968B-9D73B16A09BA", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:kpdf:3.2:*:*:*:*:*:*:*", "matchCriteriaId": "EDAF6452-F3B0-4F62-893E-BCFA6AB7AE3B", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:kpdf:3.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "BC2AB9CB-DEAB-45AB-A7CA-D19E069907EC", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:kword:1.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "EAC32BAA-99B3-4B40-83A3-ED9E1B12B295", "vulnerable": true }, { "criteria": "cpe:2.3:a:libextractor:libextractor:*:*:*:*:*:*:*:*", "matchCriteriaId": "679D9520-DE8E-4D06-A227-3B1C1D05977D", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "63C92F1C-3005-4EA6-B9C0-2BC2E3D611D6", "vulnerable": true }, { "criteria": "cpe:2.3:a:sgi:propack:3.0:sp6:*:*:*:*:*:*", "matchCriteriaId": "EF8ABD90-AD2B-4FA0-A355-9D7CD6D3C486", "vulnerable": true }, { "criteria": "cpe:2.3:a:tetex:tetex:1.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "C86C7D6F-C39E-4403-86C6-F87599570E97", "vulnerable": true }, { "criteria": "cpe:2.3:a:tetex:tetex:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "236005A1-C175-44D3-8D0C-C48F943F3D66", "vulnerable": true }, { "criteria": "cpe:2.3:a:tetex:tetex:2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "0AF2AD80-5E65-4B57-933B-C395E98EF10D", "vulnerable": true }, { "criteria": "cpe:2.3:a:tetex:tetex:2.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "07C92A0E-1DDA-4F83-A904-24A35C38883A", "vulnerable": true }, { "criteria": "cpe:2.3:a:tetex:tetex:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "9178B36F-41D5-4AE7-B9C8-56BDEADE76EB", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "7B93B3ED-AF82-49A9-8C7F-E5F652F19669", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "A35FC777-A34E-4C7B-9E93-8F17F3AD5180", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "2CAE037F-111C-4A76-8FFE-716B74D65EF3", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:alpha:*:*:*:*:*", "matchCriteriaId": "A6B060E4-B5A6-4469-828E-211C52542547", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:arm:*:*:*:*:*", "matchCriteriaId": "974C3541-990C-4CD4-A05A-38FA74A84632", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:hppa:*:*:*:*:*", "matchCriteriaId": "6CBF1E0F-C7F3-4F83-9E60-6E63FA7D2775", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-32:*:*:*:*:*", "matchCriteriaId": "58792F77-B06F-4780-BA25-FE1EE6C3FDD9", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-64:*:*:*:*:*", "matchCriteriaId": "C9419322-572F-4BB6-8416-C5E96541CF33", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:m68k:*:*:*:*:*", "matchCriteriaId": "BFC50555-C084-46A3-9C9F-949C5E3BB448", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mips:*:*:*:*:*", "matchCriteriaId": "9C25D6E1-D283-4CEA-B47B-60C47A5C0797", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mipsel:*:*:*:*:*", "matchCriteriaId": "AD18A446-C634-417E-86AC-B19B6DDDC856", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ppc:*:*:*:*:*", "matchCriteriaId": "E4BB852E-61B2-4842-989F-C6C0C901A8D7", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:s-390:*:*:*:*:*", "matchCriteriaId": "24DD9D59-E2A2-4116-A887-39E8CC2004FC", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:sparc:*:*:*:*:*", "matchCriteriaId": "F28D7457-607E-4E0C-909A-413F91CFCD82", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*", "matchCriteriaId": "A2E0C1F8-31F5-4F61-9DF7-E49B43D3C873", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:alpha:*:*:*:*:*", "matchCriteriaId": "5BF84240-1881-4EFB-BB2F-F9CE8AD09C7B", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:amd64:*:*:*:*:*", "matchCriteriaId": "AF8AE8C4-810F-41AB-A251-5A2D4DD6884D", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:arm:*:*:*:*:*", "matchCriteriaId": "5EACF214-FA27-44FF-A431-927AB79377A1", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:hppa:*:*:*:*:*", "matchCriteriaId": "E2B58895-0E2A-4466-9CB2-0083349A83B2", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:ia-32:*:*:*:*:*", "matchCriteriaId": "03F8220A-9B1C-40AA-AEAB-F9A93225FBD5", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:ia-64:*:*:*:*:*", "matchCriteriaId": "2311919C-7864-469D-B0F6-9B11D8D0A1C3", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:m68k:*:*:*:*:*", "matchCriteriaId": "19876495-4C1A-487C-955A-C5AA46362A1F", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:mips:*:*:*:*:*", "matchCriteriaId": "D75286DD-50BC-4B72-8AC8-E20730124DC2", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:mipsel:*:*:*:*:*", "matchCriteriaId": "1998C972-497E-4916-B50E-FB32303EEA8E", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:ppc:*:*:*:*:*", "matchCriteriaId": "A6CD3DD9-3A8A-4716-A2D1-136A790AFF94", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:s-390:*:*:*:*:*", "matchCriteriaId": "6CE2020A-4FB2-4FCD-8561-7BD147CD95EB", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:sparc:*:*:*:*:*", "matchCriteriaId": "08E90AFA-C262-46D0-B60E-26B67C9602D5", "vulnerable": true }, { "criteria": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*", "matchCriteriaId": "647BA336-5538-4972-9271-383A0EC9378E", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*", "matchCriteriaId": "3528DABD-B821-4D23-AE12-614A9CA92C46", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:x86-64:*:*:*:*:*", "matchCriteriaId": "0315FB43-D199-4734-B724-50ED031C0020", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.2:*:*:*:*:*:*:*", "matchCriteriaId": "11D69B83-4EF3-407B-8E8C-DE623F099C17", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.2:*:x86-64:*:*:*:*:*", "matchCriteriaId": "7D221688-18A0-453D-8D13-6B68011FCA13", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2006:*:*:*:*:*:*:*", "matchCriteriaId": "597094EC-D23F-4EC4-A140-96F287679124", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2006:*:x86-64:*:*:*:*:*", "matchCriteriaId": "C4FCF0D3-A6CB-448E-B0D3-DA82BE02DEC8", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*", "matchCriteriaId": "E0F0D201-B1DC-4024-AF77-A284673618F3", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:x86_64:*:*:*:*:*", "matchCriteriaId": "052E3862-BFB7-42E7-889D-8590AFA8EF37", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "2BB0B27C-04EA-426F-9016-7406BACD91DF", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:x86_64:*:*:*:*:*", "matchCriteriaId": "BB2B1BA5-8370-4281-B5C9-3D4FE6C70FBC", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*", "matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*", "matchCriteriaId": "A4A9461E-C117-42EC-9F14-DF2A82BA7C5D", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "E0B458EA-495E-40FA-9379-C03757F7B1EE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:*", "matchCriteriaId": "409E324A-C040-494F-A026-9DCAE01C07F8", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*", "matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*", "matchCriteriaId": "6474B775-C893-491F-A074-802AFB1FEDD8", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*", "matchCriteriaId": "78B46FFA-5B09-473E-AD33-3DB18BD0DAFE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*", "matchCriteriaId": "0EFE2E73-9536-41A9-B83B-0A06B54857F4", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:advanced_server:*:*:*:*:*", "matchCriteriaId": "F9440B25-D206-4914-9557-B5F030890DEC", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "E9933557-3BCA-4D92-AD4F-27758A0D3347", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:workstation:*:*:*:*:*", "matchCriteriaId": "10A60552-15A5-4E95-B3CE-99A4B26260C1", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "7D74A418-50F0-42C0-ABBC-BBBE718FF025", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:fedora_core:core_1.0:*:*:*:*:*:*:*", "matchCriteriaId": "3C84296C-2C8A-4DCD-9751-52951F8BEA9F", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*", "matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*", "matchCriteriaId": "EC80CF67-C51D-442C-9526-CFEDE84A6304", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:fedora_core:core_4.0:*:*:*:*:*:*:*", "matchCriteriaId": "C720DACC-CF4B-4A00-818C-8303A7D7DED6", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.3:*:i386:*:*:*:*:*", "matchCriteriaId": "9B502A61-44FB-4CD4-85BE-88D4ACCCA441", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:9.0:*:i386:*:*:*:*:*", "matchCriteriaId": "F3FDE8C4-5FFD-4CC2-9F35-7C32043966D1", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*", "matchCriteriaId": "84A50ED3-FD0D-4038-B3E7-CC65D166C968", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium:*:*:*:*:*", "matchCriteriaId": "8DBD9D3C-40AB-449D-A9A8-A09DF2DEDB96", "vulnerable": true }, { "criteria": "cpe:2.3:o:sco:openserver:5.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "D9D76A8D-832B-411E-A458-186733C66010", "vulnerable": true }, { "criteria": "cpe:2.3:o:sco:openserver:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "7458BA31-812E-40C9-BB92-8688A3BCBA56", "vulnerable": true }, { "criteria": "cpe:2.3:o:slackware:slackware_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "300A6A65-05FD-401C-80F6-B5F5B1F056E0", "vulnerable": true }, { "criteria": "cpe:2.3:o:slackware:slackware_linux:9.1:*:*:*:*:*:*:*", "matchCriteriaId": "AA3D53C9-3806-45E6-8AE9-7D41280EF64C", "vulnerable": true }, { "criteria": "cpe:2.3:o:slackware:slackware_linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "D29C5A03-A7C9-4780-BB63-CF1E874D018D", "vulnerable": true }, { "criteria": "cpe:2.3:o:slackware:slackware_linux:10.1:*:*:*:*:*:*:*", "matchCriteriaId": "B85EF0EE-3E61-4CA3-9F00-610AB2E1CFCF", "vulnerable": true }, { "criteria": "cpe:2.3:o:slackware:slackware_linux:10.2:*:*:*:*:*:*:*", "matchCriteriaId": "70440F49-AEE9-41BE-8E1A-43AB657C8E09", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "02EE2D72-B1E6-4380-80B0-E40A23DDD115", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "F7446746-87B7-4BD3-AABF-1E0FAA8265AB", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:personal:*:*:*:*:*", "matchCriteriaId": "F239BA8A-6B41-4B08-8C7C-25D235812C50", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:professional:*:*:*:*:*", "matchCriteriaId": "89BA858B-9466-4640-84AE-DC5BDC65D6B8", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:s_390:*:*:*:*:*", "matchCriteriaId": "85F2D904-E830-4034-9CCB-0FF65019622C", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*", "matchCriteriaId": "56EF103F-5668-4754-A83B-D3662D0CE815", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:personal:*:*:*:*:*", "matchCriteriaId": "3EA56868-ACA1-4C65-9FFB-A68129D2428A", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:professional:*:*:*:*:*", "matchCriteriaId": "1BA2E629-58C6-4BA0-A447-F8F570B35E74", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:x86_64:*:*:*:*:*", "matchCriteriaId": "D5F98B9A-880E-45F0-8C16-12B22970F0D1", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:personal:*:*:*:*:*", "matchCriteriaId": "3BEE15E9-9194-4E37-AB3B-66ECD5AC9E11", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:professional:*:*:*:*:*", "matchCriteriaId": "C89BA3B6-370B-4911-A363-935A9C9EACF5", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:x86_64:*:*:*:*:*", "matchCriteriaId": "B905C6E9-5058-4FD7-95B6-CD6AB6B2F516", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.3:*:personal:*:*:*:*:*", "matchCriteriaId": "4F1B4D15-0562-44D6-B80B-35A8F432BD41", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.3:*:professional:*:*:*:*:*", "matchCriteriaId": "D84ABF78-0D85-4E15-907E-B5ACE86EB8C7", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.3:*:x86_64:*:*:*:*:*", "matchCriteriaId": "9C7018E7-F90C-435D-A07A-05A294EA2827", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:10.0:*:oss:*:*:*:*:*", "matchCriteriaId": "16915004-1006-41D6-9E42-D1A5041E442D", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:10.0:*:professional:*:*:*:*:*", "matchCriteriaId": "994ABCE2-3B9E-4E4E-83F7-CE2A79C70F64", "vulnerable": true }, { "criteria": "cpe:2.3:o:trustix:secure_linux:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "53AF1A2D-B0A2-4097-AD1D-DF3AF27171BA", "vulnerable": true }, { "criteria": "cpe:2.3:o:trustix:secure_linux:2.2:*:*:*:*:*:*:*", "matchCriteriaId": "5AB70F82-52BB-4D0D-9A24-9AF67278466D", "vulnerable": true }, { "criteria": "cpe:2.3:o:trustix:secure_linux:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "100A2456-BF20-4461-8DC9-C61889322B29", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux:10:*:*:*:*:*:*:*", "matchCriteriaId": "1C7D4F57-E186-497A-B390-92E5D2C7E894", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux:fuji:*:*:*:*:*:*:*", "matchCriteriaId": "CEC3F6F3-9A6E-4A98-A967-6776C872475C", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_appliance_server:1.0_hosting_edition:*:*:*:*:*:*:*", "matchCriteriaId": "FC3218DD-A565-4AB8-86FE-E7F59AC0535F", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_appliance_server:1.0_workgroup_edition:*:*:*:*:*:*:*", "matchCriteriaId": "97AEDB57-202F-4B53-8815-21836F177060", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_desktop:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "31C3FFDD-03BF-4FD4-B7A7-B62AFD5DBA19", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_home:*:*:*:*:*:*:*:*", "matchCriteriaId": "065FF0F1-7FAC-4584-92EA-EAA87DC76FA1", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_multimedia:*:*:*:*:*:*:*:*", "matchCriteriaId": "E27180A1-9767-4CD3-978C-7538155B162D", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_personal:*:*:*:*:*:*:*:*", "matchCriteriaId": "BAAA9376-A060-49AE-86A7-6B28E26ED5D9", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_server:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "E06DCF0D-3241-453A-A0E4-937FE25EC404", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_server:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "B484D091-62DE-4EF2-AC54-26896CA8B315", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_server:10.0_x86:*:*:*:*:*:*:*", "matchCriteriaId": "EC5AC26E-3F3F-4D14-BE65-82B4432AB382", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_workstation:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "9428589A-0BD2-469E-978D-38239117D972", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ia64:*:*:*:*:*", "matchCriteriaId": "6E94583A-5184-462E-9FC4-57B35DA06DA7", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ppc:*:*:*:*:*", "matchCriteriaId": "E905FAAD-37B6-4DD0-A752-2974F8336273", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:amd64:*:*:*:*:*", "matchCriteriaId": "3BD12488-1ED8-4751-ABF5-3578D54750A8", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:i386:*:*:*:*:*", "matchCriteriaId": "AE3733CF-4C88-443C-9B90-6477C9C500D0", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:powerpc:*:*:*:*:*", "matchCriteriaId": "9C500A75-D75E-45B4-B582-0F0DF27C3C04", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:amd64:*:*:*:*:*", "matchCriteriaId": "86FD134D-A5C5-4B08-962D-70CF07C74923", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:i386:*:*:*:*:*", "matchCriteriaId": "FA84692E-F99D-4207-B4F2-799A6ADB88AD", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:powerpc:*:*:*:*:*", "matchCriteriaId": "8B0F1091-4B76-44F5-B896-6D37E2F909A2", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows." } ], "id": "CVE-2005-3624", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2005-12-31T05:00:00.000", "references": [ { "source": "secalert@redhat.com", "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt" }, { "source": "secalert@redhat.com", "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U" }, { "source": "secalert@redhat.com", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U" }, { "source": "secalert@redhat.com", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U" }, { "source": "secalert@redhat.com", "tags": [ "Patch" ], "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html" }, { "source": "secalert@redhat.com", "tags": [ "Exploit", "Vendor Advisory" ], "url": "http://scary.beasts.org/security/CESA-2005-003.txt" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18147" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18303" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18312" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18313" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18329" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18332" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18334" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18338" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18349" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18373" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18375" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18380" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18385" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18387" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18389" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18398" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18407" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18414" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18416" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18423" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18425" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18428" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18436" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18448" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18463" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18517" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18534" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18554" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18582" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18642" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18644" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18674" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18675" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18679" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18908" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18913" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/19230" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/19377" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/25729" }, { "source": "secalert@redhat.com", "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683" }, { "source": "secalert@redhat.com", "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747" }, { "source": "secalert@redhat.com", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2005/dsa-931" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2005/dsa-932" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2005/dsa-937" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2005/dsa-938" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2005/dsa-940" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2006/dsa-936" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2006/dsa-950" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2006/dsa-961" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2006/dsa-962" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.kde.org/info/security/advisory-20051207-2.txt" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded" }, { "source": "secalert@redhat.com", "tags": [ "Patch" ], "url": "http://www.securityfocus.com/bid/16143" }, { "source": "secalert@redhat.com", "url": "http://www.trustix.org/errata/2006/0002/" }, { "source": "secalert@redhat.com", "url": "http://www.vupen.com/english/advisories/2006/0047" }, { "source": "secalert@redhat.com", "url": "http://www.vupen.com/english/advisories/2007/2280" }, { "source": "secalert@redhat.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24022" }, { "source": "secalert@redhat.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9437" }, { "source": "secalert@redhat.com", "url": "https://usn.ubuntu.com/236-1/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Vendor Advisory" ], "url": "http://scary.beasts.org/security/CESA-2005-003.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18147" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18303" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18312" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18313" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18329" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18332" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18334" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18338" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18349" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18373" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18375" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18380" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18385" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18387" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18389" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18398" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18407" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18414" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18416" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18423" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18425" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18428" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18436" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18448" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18463" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18517" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18534" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18554" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18582" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18642" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18644" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18674" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18675" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18679" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18908" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18913" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19230" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19377" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/25729" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2005/dsa-931" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2005/dsa-932" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2005/dsa-937" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2005/dsa-938" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2005/dsa-940" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2006/dsa-936" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2006/dsa-950" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2006/dsa-961" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2006/dsa-962" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.kde.org/info/security/advisory-20051207-2.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.securityfocus.com/bid/16143" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.trustix.org/errata/2006/0002/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2006/0047" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2007/2280" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24022" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9437" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://usn.ubuntu.com/236-1/" } ], "sourceIdentifier": "secalert@redhat.com", "vendorComments": [ { "comment": "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.", "lastModified": "2007-03-14T00:00:00", "organization": "Red Hat" } ], "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-189" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2005-12-31 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.22:*:*:*:*:*:*:*", "matchCriteriaId": "B1512A96-B8E7-4DB7-A4CB-8FD3773BFC97", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.22_rc1:*:*:*:*:*:*:*", "matchCriteriaId": "787B918D-9CCC-44FE-92AF-E8DF1E91A3C7", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.23:*:*:*:*:*:*:*", "matchCriteriaId": "C116493B-2837-4531-9291-A9FF03099A97", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.23_rc1:*:*:*:*:*:*:*", "matchCriteriaId": "525BD04B-387F-4713-BC89-472D0D0BCFD0", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:kdegraphics:3.2:*:*:*:*:*:*:*", "matchCriteriaId": "6BF92649-90CE-4E75-A938-61D0916B5A7E", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:kdegraphics:3.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "2CA505B4-0C17-49C8-9533-CA8CE3AA77D8", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:koffice:1.4:*:*:*:*:*:*:*", "matchCriteriaId": "37C08E0A-651F-458B-BCEC-A30DCD527E47", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:koffice:1.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "6000D6AF-C056-4BC0-A54C-72E23E52AB92", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:koffice:1.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "A7D036E4-FA49-417D-968B-9D73B16A09BA", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:kpdf:3.2:*:*:*:*:*:*:*", "matchCriteriaId": "EDAF6452-F3B0-4F62-893E-BCFA6AB7AE3B", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:kpdf:3.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "BC2AB9CB-DEAB-45AB-A7CA-D19E069907EC", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:kword:1.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "EAC32BAA-99B3-4B40-83A3-ED9E1B12B295", "vulnerable": true }, { "criteria": "cpe:2.3:a:libextractor:libextractor:*:*:*:*:*:*:*:*", "matchCriteriaId": "679D9520-DE8E-4D06-A227-3B1C1D05977D", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "63C92F1C-3005-4EA6-B9C0-2BC2E3D611D6", "vulnerable": true }, { "criteria": "cpe:2.3:a:sgi:propack:3.0:sp6:*:*:*:*:*:*", "matchCriteriaId": "EF8ABD90-AD2B-4FA0-A355-9D7CD6D3C486", "vulnerable": true }, { "criteria": "cpe:2.3:a:tetex:tetex:1.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "C86C7D6F-C39E-4403-86C6-F87599570E97", "vulnerable": true }, { "criteria": "cpe:2.3:a:tetex:tetex:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "236005A1-C175-44D3-8D0C-C48F943F3D66", "vulnerable": true }, { "criteria": "cpe:2.3:a:tetex:tetex:2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "0AF2AD80-5E65-4B57-933B-C395E98EF10D", "vulnerable": true }, { "criteria": "cpe:2.3:a:tetex:tetex:2.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "07C92A0E-1DDA-4F83-A904-24A35C38883A", "vulnerable": true }, { "criteria": "cpe:2.3:a:tetex:tetex:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "9178B36F-41D5-4AE7-B9C8-56BDEADE76EB", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "7B93B3ED-AF82-49A9-8C7F-E5F652F19669", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "A35FC777-A34E-4C7B-9E93-8F17F3AD5180", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "2CAE037F-111C-4A76-8FFE-716B74D65EF3", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:alpha:*:*:*:*:*", "matchCriteriaId": "A6B060E4-B5A6-4469-828E-211C52542547", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:arm:*:*:*:*:*", "matchCriteriaId": "974C3541-990C-4CD4-A05A-38FA74A84632", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:hppa:*:*:*:*:*", "matchCriteriaId": "6CBF1E0F-C7F3-4F83-9E60-6E63FA7D2775", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-32:*:*:*:*:*", "matchCriteriaId": "58792F77-B06F-4780-BA25-FE1EE6C3FDD9", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-64:*:*:*:*:*", "matchCriteriaId": "C9419322-572F-4BB6-8416-C5E96541CF33", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:m68k:*:*:*:*:*", "matchCriteriaId": "BFC50555-C084-46A3-9C9F-949C5E3BB448", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mips:*:*:*:*:*", "matchCriteriaId": "9C25D6E1-D283-4CEA-B47B-60C47A5C0797", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mipsel:*:*:*:*:*", "matchCriteriaId": "AD18A446-C634-417E-86AC-B19B6DDDC856", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ppc:*:*:*:*:*", "matchCriteriaId": "E4BB852E-61B2-4842-989F-C6C0C901A8D7", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:s-390:*:*:*:*:*", "matchCriteriaId": "24DD9D59-E2A2-4116-A887-39E8CC2004FC", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:sparc:*:*:*:*:*", "matchCriteriaId": "F28D7457-607E-4E0C-909A-413F91CFCD82", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*", "matchCriteriaId": "A2E0C1F8-31F5-4F61-9DF7-E49B43D3C873", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:alpha:*:*:*:*:*", "matchCriteriaId": "5BF84240-1881-4EFB-BB2F-F9CE8AD09C7B", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:amd64:*:*:*:*:*", "matchCriteriaId": "AF8AE8C4-810F-41AB-A251-5A2D4DD6884D", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:arm:*:*:*:*:*", "matchCriteriaId": "5EACF214-FA27-44FF-A431-927AB79377A1", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:hppa:*:*:*:*:*", "matchCriteriaId": "E2B58895-0E2A-4466-9CB2-0083349A83B2", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:ia-32:*:*:*:*:*", "matchCriteriaId": "03F8220A-9B1C-40AA-AEAB-F9A93225FBD5", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:ia-64:*:*:*:*:*", "matchCriteriaId": "2311919C-7864-469D-B0F6-9B11D8D0A1C3", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:m68k:*:*:*:*:*", "matchCriteriaId": "19876495-4C1A-487C-955A-C5AA46362A1F", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:mips:*:*:*:*:*", "matchCriteriaId": "D75286DD-50BC-4B72-8AC8-E20730124DC2", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:mipsel:*:*:*:*:*", "matchCriteriaId": "1998C972-497E-4916-B50E-FB32303EEA8E", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:ppc:*:*:*:*:*", "matchCriteriaId": "A6CD3DD9-3A8A-4716-A2D1-136A790AFF94", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:s-390:*:*:*:*:*", "matchCriteriaId": "6CE2020A-4FB2-4FCD-8561-7BD147CD95EB", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:sparc:*:*:*:*:*", "matchCriteriaId": "08E90AFA-C262-46D0-B60E-26B67C9602D5", "vulnerable": true }, { "criteria": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*", "matchCriteriaId": "647BA336-5538-4972-9271-383A0EC9378E", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*", "matchCriteriaId": "3528DABD-B821-4D23-AE12-614A9CA92C46", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:x86-64:*:*:*:*:*", "matchCriteriaId": "0315FB43-D199-4734-B724-50ED031C0020", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.2:*:*:*:*:*:*:*", "matchCriteriaId": "11D69B83-4EF3-407B-8E8C-DE623F099C17", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.2:*:x86-64:*:*:*:*:*", "matchCriteriaId": "7D221688-18A0-453D-8D13-6B68011FCA13", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2006:*:*:*:*:*:*:*", "matchCriteriaId": "597094EC-D23F-4EC4-A140-96F287679124", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2006:*:x86-64:*:*:*:*:*", "matchCriteriaId": "C4FCF0D3-A6CB-448E-B0D3-DA82BE02DEC8", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*", "matchCriteriaId": "E0F0D201-B1DC-4024-AF77-A284673618F3", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:x86_64:*:*:*:*:*", "matchCriteriaId": "052E3862-BFB7-42E7-889D-8590AFA8EF37", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "2BB0B27C-04EA-426F-9016-7406BACD91DF", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:x86_64:*:*:*:*:*", "matchCriteriaId": "BB2B1BA5-8370-4281-B5C9-3D4FE6C70FBC", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*", "matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*", "matchCriteriaId": "A4A9461E-C117-42EC-9F14-DF2A82BA7C5D", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "E0B458EA-495E-40FA-9379-C03757F7B1EE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:*", "matchCriteriaId": "409E324A-C040-494F-A026-9DCAE01C07F8", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*", "matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*", "matchCriteriaId": "6474B775-C893-491F-A074-802AFB1FEDD8", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*", "matchCriteriaId": "78B46FFA-5B09-473E-AD33-3DB18BD0DAFE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*", "matchCriteriaId": "0EFE2E73-9536-41A9-B83B-0A06B54857F4", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:advanced_server:*:*:*:*:*", "matchCriteriaId": "F9440B25-D206-4914-9557-B5F030890DEC", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "E9933557-3BCA-4D92-AD4F-27758A0D3347", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:workstation:*:*:*:*:*", "matchCriteriaId": "10A60552-15A5-4E95-B3CE-99A4B26260C1", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "7D74A418-50F0-42C0-ABBC-BBBE718FF025", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:fedora_core:core_1.0:*:*:*:*:*:*:*", "matchCriteriaId": "3C84296C-2C8A-4DCD-9751-52951F8BEA9F", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*", "matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*", "matchCriteriaId": "EC80CF67-C51D-442C-9526-CFEDE84A6304", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:fedora_core:core_4.0:*:*:*:*:*:*:*", "matchCriteriaId": "C720DACC-CF4B-4A00-818C-8303A7D7DED6", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.3:*:i386:*:*:*:*:*", "matchCriteriaId": "9B502A61-44FB-4CD4-85BE-88D4ACCCA441", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:9.0:*:i386:*:*:*:*:*", "matchCriteriaId": "F3FDE8C4-5FFD-4CC2-9F35-7C32043966D1", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*", "matchCriteriaId": "84A50ED3-FD0D-4038-B3E7-CC65D166C968", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium:*:*:*:*:*", "matchCriteriaId": "8DBD9D3C-40AB-449D-A9A8-A09DF2DEDB96", "vulnerable": true }, { "criteria": "cpe:2.3:o:sco:openserver:5.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "D9D76A8D-832B-411E-A458-186733C66010", "vulnerable": true }, { "criteria": "cpe:2.3:o:sco:openserver:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "7458BA31-812E-40C9-BB92-8688A3BCBA56", "vulnerable": true }, { "criteria": "cpe:2.3:o:slackware:slackware_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "300A6A65-05FD-401C-80F6-B5F5B1F056E0", "vulnerable": true }, { "criteria": "cpe:2.3:o:slackware:slackware_linux:9.1:*:*:*:*:*:*:*", "matchCriteriaId": "AA3D53C9-3806-45E6-8AE9-7D41280EF64C", "vulnerable": true }, { "criteria": "cpe:2.3:o:slackware:slackware_linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "D29C5A03-A7C9-4780-BB63-CF1E874D018D", "vulnerable": true }, { "criteria": "cpe:2.3:o:slackware:slackware_linux:10.1:*:*:*:*:*:*:*", "matchCriteriaId": "B85EF0EE-3E61-4CA3-9F00-610AB2E1CFCF", "vulnerable": true }, { "criteria": "cpe:2.3:o:slackware:slackware_linux:10.2:*:*:*:*:*:*:*", "matchCriteriaId": "70440F49-AEE9-41BE-8E1A-43AB657C8E09", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "02EE2D72-B1E6-4380-80B0-E40A23DDD115", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "F7446746-87B7-4BD3-AABF-1E0FAA8265AB", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:personal:*:*:*:*:*", "matchCriteriaId": "F239BA8A-6B41-4B08-8C7C-25D235812C50", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:professional:*:*:*:*:*", "matchCriteriaId": "89BA858B-9466-4640-84AE-DC5BDC65D6B8", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:s_390:*:*:*:*:*", "matchCriteriaId": "85F2D904-E830-4034-9CCB-0FF65019622C", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*", "matchCriteriaId": "56EF103F-5668-4754-A83B-D3662D0CE815", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:personal:*:*:*:*:*", "matchCriteriaId": "3EA56868-ACA1-4C65-9FFB-A68129D2428A", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:professional:*:*:*:*:*", "matchCriteriaId": "1BA2E629-58C6-4BA0-A447-F8F570B35E74", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:x86_64:*:*:*:*:*", "matchCriteriaId": "D5F98B9A-880E-45F0-8C16-12B22970F0D1", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:personal:*:*:*:*:*", "matchCriteriaId": "3BEE15E9-9194-4E37-AB3B-66ECD5AC9E11", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:professional:*:*:*:*:*", "matchCriteriaId": "C89BA3B6-370B-4911-A363-935A9C9EACF5", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:x86_64:*:*:*:*:*", "matchCriteriaId": "B905C6E9-5058-4FD7-95B6-CD6AB6B2F516", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.3:*:personal:*:*:*:*:*", "matchCriteriaId": "4F1B4D15-0562-44D6-B80B-35A8F432BD41", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.3:*:professional:*:*:*:*:*", "matchCriteriaId": "D84ABF78-0D85-4E15-907E-B5ACE86EB8C7", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.3:*:x86_64:*:*:*:*:*", "matchCriteriaId": "9C7018E7-F90C-435D-A07A-05A294EA2827", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:10.0:*:oss:*:*:*:*:*", "matchCriteriaId": "16915004-1006-41D6-9E42-D1A5041E442D", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:10.0:*:professional:*:*:*:*:*", "matchCriteriaId": "994ABCE2-3B9E-4E4E-83F7-CE2A79C70F64", "vulnerable": true }, { "criteria": "cpe:2.3:o:trustix:secure_linux:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "53AF1A2D-B0A2-4097-AD1D-DF3AF27171BA", "vulnerable": true }, { "criteria": "cpe:2.3:o:trustix:secure_linux:2.2:*:*:*:*:*:*:*", "matchCriteriaId": "5AB70F82-52BB-4D0D-9A24-9AF67278466D", "vulnerable": true }, { "criteria": "cpe:2.3:o:trustix:secure_linux:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "100A2456-BF20-4461-8DC9-C61889322B29", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux:10:*:*:*:*:*:*:*", "matchCriteriaId": "1C7D4F57-E186-497A-B390-92E5D2C7E894", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux:fuji:*:*:*:*:*:*:*", "matchCriteriaId": "CEC3F6F3-9A6E-4A98-A967-6776C872475C", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_appliance_server:1.0_hosting_edition:*:*:*:*:*:*:*", "matchCriteriaId": "FC3218DD-A565-4AB8-86FE-E7F59AC0535F", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_appliance_server:1.0_workgroup_edition:*:*:*:*:*:*:*", "matchCriteriaId": "97AEDB57-202F-4B53-8815-21836F177060", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_desktop:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "31C3FFDD-03BF-4FD4-B7A7-B62AFD5DBA19", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_home:*:*:*:*:*:*:*:*", "matchCriteriaId": "065FF0F1-7FAC-4584-92EA-EAA87DC76FA1", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_multimedia:*:*:*:*:*:*:*:*", "matchCriteriaId": "E27180A1-9767-4CD3-978C-7538155B162D", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_personal:*:*:*:*:*:*:*:*", "matchCriteriaId": "BAAA9376-A060-49AE-86A7-6B28E26ED5D9", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_server:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "E06DCF0D-3241-453A-A0E4-937FE25EC404", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_server:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "B484D091-62DE-4EF2-AC54-26896CA8B315", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_server:10.0_x86:*:*:*:*:*:*:*", "matchCriteriaId": "EC5AC26E-3F3F-4D14-BE65-82B4432AB382", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_workstation:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "9428589A-0BD2-469E-978D-38239117D972", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ia64:*:*:*:*:*", "matchCriteriaId": "6E94583A-5184-462E-9FC4-57B35DA06DA7", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ppc:*:*:*:*:*", "matchCriteriaId": "E905FAAD-37B6-4DD0-A752-2974F8336273", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:amd64:*:*:*:*:*", "matchCriteriaId": "3BD12488-1ED8-4751-ABF5-3578D54750A8", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:i386:*:*:*:*:*", "matchCriteriaId": "AE3733CF-4C88-443C-9B90-6477C9C500D0", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:powerpc:*:*:*:*:*", "matchCriteriaId": "9C500A75-D75E-45B4-B582-0F0DF27C3C04", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:amd64:*:*:*:*:*", "matchCriteriaId": "86FD134D-A5C5-4B08-962D-70CF07C74923", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:i386:*:*:*:*:*", "matchCriteriaId": "FA84692E-F99D-4207-B4F2-799A6ADB88AD", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:powerpc:*:*:*:*:*", "matchCriteriaId": "8B0F1091-4B76-44F5-B896-6D37E2F909A2", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference." } ], "id": "CVE-2005-3626", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2005-12-31T05:00:00.000", "references": [ { "source": "secalert@redhat.com", "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt" }, { "source": "secalert@redhat.com", "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U" }, { "source": "secalert@redhat.com", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U" }, { "source": "secalert@redhat.com", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html" }, { "source": "secalert@redhat.com", "tags": [ "Exploit" ], "url": "http://scary.beasts.org/security/CESA-2005-003.txt" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18147" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18303" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18312" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18313" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18329" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18332" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18334" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18335" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18338" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18349" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18373" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18375" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18380" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18385" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18387" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18389" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18398" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18407" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18414" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18416" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18423" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18425" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18428" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18436" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18448" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18463" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18517" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18534" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18554" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18582" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18642" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18644" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18674" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18675" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18679" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18908" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18913" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/19230" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/19377" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/25729" }, { "source": "secalert@redhat.com", "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683" }, { "source": "secalert@redhat.com", "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747" }, { "source": "secalert@redhat.com", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2005/dsa-931" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2005/dsa-932" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2005/dsa-937" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2005/dsa-938" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2005/dsa-940" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2006/dsa-936" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2006/dsa-950" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2006/dsa-961" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2006/dsa-962" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml" }, { "source": "secalert@redhat.com", "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.kde.org/info/security/advisory-20051207-2.txt" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012" }, { "source": "secalert@redhat.com", "tags": [ "Patch" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.html" }, { "source": "secalert@redhat.com", "tags": [ "Patch" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.html" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded" }, { "source": "secalert@redhat.com", "tags": [ "Patch" ], "url": "http://www.securityfocus.com/bid/16143" }, { "source": "secalert@redhat.com", "url": "http://www.trustix.org/errata/2006/0002/" }, { "source": "secalert@redhat.com", "url": "http://www.vupen.com/english/advisories/2006/0047" }, { "source": "secalert@redhat.com", "url": "http://www.vupen.com/english/advisories/2007/2280" }, { "source": "secalert@redhat.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24026" }, { "source": "secalert@redhat.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9992" }, { "source": "secalert@redhat.com", "url": "https://usn.ubuntu.com/236-1/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit" ], "url": "http://scary.beasts.org/security/CESA-2005-003.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18147" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18303" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18312" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18313" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18329" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18332" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18334" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18335" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18338" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18349" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18373" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18375" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18380" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18385" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18387" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18389" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18398" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18407" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18414" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18416" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18423" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18425" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18428" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18436" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18448" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18463" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18517" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18534" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18554" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18582" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18642" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18644" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18674" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18675" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18679" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18908" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18913" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19230" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19377" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/25729" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2005/dsa-931" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2005/dsa-932" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2005/dsa-937" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2005/dsa-938" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2005/dsa-940" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2006/dsa-936" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2006/dsa-950" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2006/dsa-961" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2006/dsa-962" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.kde.org/info/security/advisory-20051207-2.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.securityfocus.com/bid/16143" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.trustix.org/errata/2006/0002/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2006/0047" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2007/2280" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24026" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9992" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://usn.ubuntu.com/236-1/" } ], "sourceIdentifier": "secalert@redhat.com", "vendorComments": [ { "comment": "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.", "lastModified": "2007-03-14T00:00:00", "organization": "Red Hat" } ], "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-399" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2010-11-05 18:00
Modified
2025-04-11 00:51
Severity ?
Summary
The PostScriptFunction::PostScriptFunction function in poppler/Function.cc in the PDF parser in poppler 0.8.7 and possibly other versions up to 0.15.1, and possibly other products, allows context-dependent attackers to cause a denial of service (crash) via a PDF file that triggers an uninitialized pointer dereference.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
poppler | poppler | 0.8.7 | |
poppler | poppler | 0.9.0 | |
poppler | poppler | 0.9.1 | |
poppler | poppler | 0.9.2 | |
poppler | poppler | 0.9.3 | |
poppler | poppler | 0.10.0 | |
poppler | poppler | 0.10.1 | |
poppler | poppler | 0.10.2 | |
poppler | poppler | 0.10.3 | |
poppler | poppler | 0.10.4 | |
poppler | poppler | 0.10.5 | |
poppler | poppler | 0.10.6 | |
poppler | poppler | 0.10.7 | |
poppler | poppler | 0.11.0 | |
poppler | poppler | 0.11.1 | |
poppler | poppler | 0.11.2 | |
poppler | poppler | 0.11.3 | |
poppler | poppler | 0.12.0 | |
poppler | poppler | 0.12.1 | |
poppler | poppler | 0.12.2 | |
poppler | poppler | 0.12.3 | |
poppler | poppler | 0.12.4 | |
poppler | poppler | 0.13.0 | |
poppler | poppler | 0.13.1 | |
poppler | poppler | 0.13.2 | |
poppler | poppler | 0.13.3 | |
poppler | poppler | 0.13.4 | |
poppler | poppler | 0.14.0 | |
poppler | poppler | 0.14.1 | |
poppler | poppler | 0.14.2 | |
poppler | poppler | 0.14.3 | |
poppler | poppler | 0.14.4 | |
poppler | poppler | 0.14.5 | |
poppler | poppler | 0.15.0 | |
poppler | poppler | 0.15.1 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:poppler:poppler:0.8.7:*:*:*:*:*:*:*", "matchCriteriaId": "6323ED7A-6FE8-4885-B743-3E2F82ECA08B", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.9.0:*:*:*:*:*:*:*", "matchCriteriaId": "90D3345C-2D35-413C-B6F9-C308BC7C2AA6", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.9.1:*:*:*:*:*:*:*", "matchCriteriaId": "26216EEC-26B7-41C8-ADFB-64D2EA8DAA8F", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.9.2:*:*:*:*:*:*:*", "matchCriteriaId": "A9D3618D-A183-4B09-9CA2-8D622C3486DD", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.9.3:*:*:*:*:*:*:*", "matchCriteriaId": "A88294D9-563E-4AB3-9FE6-971F43B052B4", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.0:*:*:*:*:*:*:*", "matchCriteriaId": "1A39F672-B238-4B21-A48E-5121771949F3", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.1:*:*:*:*:*:*:*", "matchCriteriaId": "58A5D199-E952-44B5-B5E5-170040FA813E", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.2:*:*:*:*:*:*:*", "matchCriteriaId": "349B4B75-32E2-49FB-9606-8B057AFA2E3E", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.3:*:*:*:*:*:*:*", "matchCriteriaId": "55A8D058-224E-467E-AB61-06F90B541F24", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.4:*:*:*:*:*:*:*", "matchCriteriaId": "77C47EDD-2212-4259-8229-FF05E1A7B5AD", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.5:*:*:*:*:*:*:*", "matchCriteriaId": "C52995D0-0986-427F-B37D-2F6726EA330D", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.6:*:*:*:*:*:*:*", "matchCriteriaId": "7E4427C5-DBF0-4EF9-8B7A-61D56C14E3FB", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.7:*:*:*:*:*:*:*", "matchCriteriaId": "B91206CA-7EBE-4E64-9A49-D7EC0D051012", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.11.0:*:*:*:*:*:*:*", "matchCriteriaId": "BFD43644-7F02-42AF-8EC3-C326A13E2F89", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.11.1:*:*:*:*:*:*:*", "matchCriteriaId": "81FE2E6F-44B2-42D5-B986-D1FE2B510968", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.11.2:*:*:*:*:*:*:*", "matchCriteriaId": "0A605079-3705-4E2C-8F6D-C21B4D875817", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.11.3:*:*:*:*:*:*:*", "matchCriteriaId": "3ABBD590-8092-4920-BBC7-F3ACB9CCC900", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.12.0:*:*:*:*:*:*:*", "matchCriteriaId": "14D812D5-BC8B-4907-AA70-F8D7F982A8DD", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.12.1:*:*:*:*:*:*:*", "matchCriteriaId": "8E25003C-04CE-401F-B012-F2E13DC8E8C0", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.12.2:*:*:*:*:*:*:*", "matchCriteriaId": "189FE6D1-C001-4D43-BFD2-B8421C6FAB06", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.12.3:*:*:*:*:*:*:*", "matchCriteriaId": "CAF3866C-09D2-4564-A7AE-2C49A5E8480C", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.12.4:*:*:*:*:*:*:*", "matchCriteriaId": "A43C280F-A571-4EF9-B301-244B05750933", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.13.0:*:*:*:*:*:*:*", "matchCriteriaId": "D37AC0D5-6811-4FE2-83BB-FEF44B228645", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.13.1:*:*:*:*:*:*:*", "matchCriteriaId": "D2B24274-2F2F-4F3A-8978-390BF69EF0AD", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.13.2:*:*:*:*:*:*:*", "matchCriteriaId": "14959178-17D0-4794-867F-AB62501EEF24", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.13.3:*:*:*:*:*:*:*", "matchCriteriaId": "C1129356-C0B0-4130-A1EF-888B02783317", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.13.4:*:*:*:*:*:*:*", "matchCriteriaId": "2CD0FA23-F797-4FB5-85AD-29AED926E02D", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.14.0:*:*:*:*:*:*:*", "matchCriteriaId": "77B06D79-50AD-49D0-B372-25CA226EEA80", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.14.1:*:*:*:*:*:*:*", "matchCriteriaId": "A34735C6-2738-4CCC-9322-8F7584AB616D", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.14.2:*:*:*:*:*:*:*", "matchCriteriaId": "339A5BC3-7AED-4912-B6D3-BBD5FBF4AA02", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.14.3:*:*:*:*:*:*:*", "matchCriteriaId": "325750AA-5E10-457E-88E8-439DFB81FE1E", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.14.4:*:*:*:*:*:*:*", "matchCriteriaId": "235861C5-B126-4A27-A51F-94568DBA5FBB", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.14.5:*:*:*:*:*:*:*", "matchCriteriaId": "0EE3D5F0-DA69-453A-9729-03FD1151D94E", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.15.0:*:*:*:*:*:*:*", "matchCriteriaId": "83E52568-A112-4533-9CFA-55D35F40AA9A", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.15.1:*:*:*:*:*:*:*", "matchCriteriaId": "38A9C7A2-DAC5-4334-9A88-CF9085A34186", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "The PostScriptFunction::PostScriptFunction function in poppler/Function.cc in the PDF parser in poppler 0.8.7 and possibly other versions up to 0.15.1, and possibly other products, allows context-dependent attackers to cause a denial of service (crash) via a PDF file that triggers an uninitialized pointer dereference." }, { "lang": "es", "value": "La funci\u00f3n PostScriptFunction::PostScriptFunction en poppler/Function.cc en el analizador de PDF de poppler v0.8.7 y posiblemente otras versiones hasta v0.15.1, y posiblemente otros, permite provocar una denegaci\u00f3n de servicio (por ca\u00edda de la aplicaci\u00f3n) a atacantes dependientes de contexto a trav\u00e9s de un archivo PDF que desencadena una desreferencia a un puntero no inicializado." } ], "id": "CVE-2010-3703", "lastModified": "2025-04-11T00:51:21.963", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2010-11-05T18:00:25.877", "references": [ { "source": "secalert@redhat.com", "url": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=bf2055088a3a2d3bb3d3c37d464954ec1a25771f" }, { "source": "secalert@redhat.com", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049392.html" }, { "source": "secalert@redhat.com", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049523.html" }, { "source": "secalert@redhat.com", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049545.html" }, { "source": "secalert@redhat.com", "url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/42357" }, { "source": "secalert@redhat.com", "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2010\u0026m=slackware-security.571720" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:231" }, { "source": "secalert@redhat.com", "url": "http://www.openwall.com/lists/oss-security/2010/10/04/6" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/support/errata/RHSA-2010-0859.html" }, { "source": "secalert@redhat.com", "url": "http://www.ubuntu.com/usn/USN-1005-1" }, { "source": "secalert@redhat.com", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=639356" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=bf2055088a3a2d3bb3d3c37d464954ec1a25771f" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049392.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049523.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049545.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/42357" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2010\u0026m=slackware-security.571720" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:231" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.openwall.com/lists/oss-security/2010/10/04/6" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2010-0859.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ubuntu.com/usn/USN-1005-1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=639356" } ], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-20" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2009-04-23 17:30
Modified
2025-04-09 00:30
Severity ?
Summary
The JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service (infinite loop and hang) via a crafted PDF file.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:foolabs:xpdf:0.5a:*:*:*:*:*:*:*", "matchCriteriaId": "B8ABE533-8FC1-45E6-B574-A4CC7571EF7C", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.7a:*:*:*:*:*:*:*", "matchCriteriaId": "1B02805E-7BD0-4563-82C8-6FFB982D4913", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.91a:*:*:*:*:*:*:*", "matchCriteriaId": "852F526D-F388-4FF0-BDD9-DF7635DB46D8", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.91b:*:*:*:*:*:*:*", "matchCriteriaId": "478D53EA-CC8C-4ECB-8410-0910505AD819", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.91c:*:*:*:*:*:*:*", "matchCriteriaId": "8C84FB90-FF1C-4502-B2D2-390438DD422F", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.92a:*:*:*:*:*:*:*", "matchCriteriaId": "13341DAE-D16D-41A7-BF17-FEC802997B15", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.92b:*:*:*:*:*:*:*", "matchCriteriaId": "3E30BAEA-231C-4A82-B014-9EE3D1E81545", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.92c:*:*:*:*:*:*:*", "matchCriteriaId": "FE1DE5A5-6448-43F6-A612-56998D16E6B9", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.92d:*:*:*:*:*:*:*", "matchCriteriaId": "35F84699-D4CF-4FD1-A959-53E316559EBE", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.92e:*:*:*:*:*:*:*", "matchCriteriaId": "D820DFD5-0EF9-4C9A-B281-D553A4F63141", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.93a:*:*:*:*:*:*:*", "matchCriteriaId": "E2EFC7E4-E513-42DB-BDA5-8D1E497971DD", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.93b:*:*:*:*:*:*:*", "matchCriteriaId": "0AA5CDDC-BFDE-4C5E-920F-5DA1B3C51B52", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.93c:*:*:*:*:*:*:*", "matchCriteriaId": "F4CF839D-D034-4D47-977F-7E27B36EF04F", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:1.00a:*:*:*:*:*:*:*", "matchCriteriaId": "F3B3E8A4-14FE-42DA-B82E-839B092B5302", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:*:*:*:*:*:*:*:*", "matchCriteriaId": "32628280-E2DB-45E0-AB8A-CFC90419A182", "versionEndIncluding": "3.02", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.2:*:*:*:*:*:*:*", "matchCriteriaId": "DEF5EC54-9145-4B51-8241-C9343160BF80", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.3:*:*:*:*:*:*:*", "matchCriteriaId": "D33C2C1D-C1C1-4B1D-BDC8-6480CE8EC24B", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.4:*:*:*:*:*:*:*", "matchCriteriaId": "D1344DF7-9917-4DB0-9256-9E8131C55B0A", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.5:*:*:*:*:*:*:*", "matchCriteriaId": "309F0CF2-4AF7-4F46-91EA-39BA07BAF312", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.6:*:*:*:*:*:*:*", "matchCriteriaId": "36FA872B-74B8-48E4-9D5C-5ACA6FCB8026", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.7:*:*:*:*:*:*:*", "matchCriteriaId": "20311EDE-0E34-432A-AE41-F61EA68F134A", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.80:*:*:*:*:*:*:*", "matchCriteriaId": "16FEF460-3569-4294-ABA4-D7C251D67071", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.90:*:*:*:*:*:*:*", "matchCriteriaId": "BB41E8C2-BBCC-48CB-805B-23411D39E936", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.91:*:*:*:*:*:*:*", "matchCriteriaId": "16670F8A-E70B-4CDF-8C61-414D86E20C84", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.92:*:*:*:*:*:*:*", "matchCriteriaId": "69483A91-53DB-4736-908F-7B14EFB40888", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.93:*:*:*:*:*:*:*", "matchCriteriaId": "5B3E7962-0A95-4E7B-A983-683B02350B93", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:1.00:*:*:*:*:*:*:*", "matchCriteriaId": "BD1120B3-3372-417B-BCA0-FD515638FBFB", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:1.01:*:*:*:*:*:*:*", "matchCriteriaId": "F7397645-3225-4980-8465-28F93322B58B", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.00:*:*:*:*:*:*:*", "matchCriteriaId": "1672587F-ED28-4A8A-A6C1-AD1D6B5DF9F3", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.01:*:*:*:*:*:*:*", "matchCriteriaId": "D5A45EAF-B511-4360-A201-D588E7EEB39D", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.02:*:*:*:*:*:*:*", "matchCriteriaId": "D14637F7-DC99-4AC4-854C-DBA0B4C6BE54", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.03:*:*:*:*:*:*:*", "matchCriteriaId": "9EE03979-D564-4ABD-BEBD-E86E7C1BAF9D", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.00:*:*:*:*:*:*:*", "matchCriteriaId": "15D08CFD-BEE1-4DEE-926D-F4291F88224D", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.01:*:*:*:*:*:*:*", "matchCriteriaId": "D244903F-5407-4C35-AE2C-1A05D3C227D4", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:poppler:poppler:*:*:*:*:*:*:*:*", "matchCriteriaId": "E0299F4A-A027-430C-9A53-AFEF9022960C", "versionEndIncluding": "0.10.5", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.1:*:*:*:*:*:*:*", "matchCriteriaId": "E23EBF88-10DE-4EA6-9F0E-F33C88541F65", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "54F75CFD-3523-4017-992C-4FA6406D49F2", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "DB116A19-6436-40BE-B5C6-32C22D888B9A", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "8A4C1429-593B-47B6-AC84-832F2296FAB5", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "18240BA6-3390-4925-AC25-DA4C42397CF7", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "3090A142-2240-4A8D-A122-C037931A277C", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "EFD63240-4599-4212-8AF2-7C4089CA9D28", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "3C7EE965-EE3F-4B17-AF38-FA3AA0B11164", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "7BE488E5-B3D9-4723-ABBA-A8753EC2DA2D", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "1259C59E-517F-40BE-8BA6-01AB76257C9A", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "63C92F1C-3005-4EA6-B9C0-2BC2E3D611D6", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "576152B4-9ACD-4C4E-B423-4A5EF44332D0", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.4:*:*:*:*:*:*:*", "matchCriteriaId": "322F9E62-6A74-4805-8F6B-9C61739B2D4E", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "F51C453F-6A87-49FB-83F6-22316F28161F", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "75F532F0-6653-4275-A85A-BD9A9A611E96", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "4CC7300E-0CBE-47FD-A241-B4B4F0164EBB", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "255102DA-A2C0-4795-9539-B4CBD587554A", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "349B06F1-772A-4A12-A7B9-EA220ED96D2C", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.9:*:*:*:*:*:*:*", "matchCriteriaId": "B779800A-FF4B-47DD-B56F-77D10D6A335C", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.90:*:*:*:*:*:*:*", "matchCriteriaId": "F0213390-08FA-4E04-835B-8BE0FC61B464", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.91:*:*:*:*:*:*:*", "matchCriteriaId": "0B304657-740A-4F8D-99CD-22E283FEE6F1", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "178680C2-DB1B-4250-9B6E-6ADABA60DE44", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "FCA9036F-92DA-45C2-9FBC-DE03444D34F1", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "B6855B98-DAA2-4850-A765-2F4D6D93A424", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "4743EC55-B61D-4C1A-9ED7-060268F2DB27", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.6.4:*:*:*:*:*:*:*", "matchCriteriaId": "8CD4454E-3D2B-4582-B5E5-0317A6417654", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.7.0:*:*:*:*:*:*:*", "matchCriteriaId": "96402B67-A7A8-44E3-914E-A10A69FAD735", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "66C608C8-F382-4D6B-A638-98763C1CBB66", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.7.2:*:*:*:*:*:*:*", "matchCriteriaId": "21F0F4E0-91B7-4B1F-BFA9-829101A7F90A", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.7.3:*:*:*:*:*:*:*", "matchCriteriaId": "22287102-80B1-4E1F-85E4-488B020A51E0", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.0:*:*:*:*:*:*:*", "matchCriteriaId": "FF3030D6-DE07-418B-AB40-87C85FCA3C58", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.1:*:*:*:*:*:*:*", "matchCriteriaId": "D3583D56-F653-457A-B1F8-25842A15CB82", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.2:*:*:*:*:*:*:*", "matchCriteriaId": "6EEA5DBB-5A80-439E-A135-77CB40772916", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.3:*:*:*:*:*:*:*", "matchCriteriaId": "D4A5C43B-3978-4D0A-8166-A99622106781", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.4:*:*:*:*:*:*:*", "matchCriteriaId": "2A940AF2-A7CA-408F-86E2-797C7BA8A6BD", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.5:*:*:*:*:*:*:*", "matchCriteriaId": "8B2CD8A0-2DBA-4AC9-A97D-D4DAEB6C7A74", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.6:*:*:*:*:*:*:*", "matchCriteriaId": "AA56CB7C-E7B3-4F0B-8BEB-F133FAF0D6FC", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.7:*:*:*:*:*:*:*", "matchCriteriaId": "6323ED7A-6FE8-4885-B743-3E2F82ECA08B", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.9.0:*:*:*:*:*:*:*", "matchCriteriaId": "90D3345C-2D35-413C-B6F9-C308BC7C2AA6", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.9.1:*:*:*:*:*:*:*", "matchCriteriaId": "26216EEC-26B7-41C8-ADFB-64D2EA8DAA8F", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.9.2:*:*:*:*:*:*:*", "matchCriteriaId": "A9D3618D-A183-4B09-9CA2-8D622C3486DD", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.9.3:*:*:*:*:*:*:*", "matchCriteriaId": "A88294D9-563E-4AB3-9FE6-971F43B052B4", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.0:*:*:*:*:*:*:*", "matchCriteriaId": "1A39F672-B238-4B21-A48E-5121771949F3", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.1:*:*:*:*:*:*:*", "matchCriteriaId": "58A5D199-E952-44B5-B5E5-170040FA813E", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.2:*:*:*:*:*:*:*", "matchCriteriaId": "349B4B75-32E2-49FB-9606-8B057AFA2E3E", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.3:*:*:*:*:*:*:*", "matchCriteriaId": "55A8D058-224E-467E-AB61-06F90B541F24", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.4:*:*:*:*:*:*:*", "matchCriteriaId": "77C47EDD-2212-4259-8229-FF05E1A7B5AD", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:apple:cups:*:*:*:*:*:*:*:*", "matchCriteriaId": "B4E90153-8D18-4A50-9581-895C851F6489", "versionEndIncluding": "1.3.9", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "E4D89E03-94D0-4F7F-9A54-3021E3E5A321", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "298D6BE7-7683-4225-8DD6-4C0FC5EB48BC", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "230B77E7-B1AE-4470-859D-7B5F99749D74", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "F8FECBBD-B1A2-4F42-8A68-32AB8331BDC7", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "7B6070FC-4566-4314-940E-0AAE34B56E28", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.5:*:*:*:*:*:*:*", "matchCriteriaId": "BC691F07-8B38-4867-AB18-51F380CAEA46", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.5-1:*:*:*:*:*:*:*", "matchCriteriaId": "E943EFBF-39A7-408F-8AC5-677E83DFDBB4", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.5-2:*:*:*:*:*:*:*", "matchCriteriaId": "5EA7725A-4398-4C76-BEBF-10E56C7F34F4", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.6:*:*:*:*:*:*:*", "matchCriteriaId": "D7415295-0FBF-4946-8D99-8CB2EC391319", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.6-1:*:*:*:*:*:*:*", "matchCriteriaId": "7C702EE3-4B7C-42EA-92AA-8717807CF67C", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.6-2:*:*:*:*:*:*:*", "matchCriteriaId": "73F74581-D71C-4FEC-BA8C-85EF4C1991BD", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.6-3:*:*:*:*:*:*:*", "matchCriteriaId": "7ABCFB52-33D3-428C-B1D5-DCE504170A37", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.7:*:*:*:*:*:*:*", "matchCriteriaId": "45F03F2B-6AC3-4872-9032-293C2E9B837C", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.8:*:*:*:*:*:*:*", "matchCriteriaId": "7E02B6FB-C36D-45F3-95F3-566CA03B29A3", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.9:*:*:*:*:*:*:*", "matchCriteriaId": "96093309-A87D-48D0-84DA-446255ABF231", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.9-1:*:*:*:*:*:*:*", "matchCriteriaId": "CF67F149-614B-4507-A15F-E557A1B73423", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.10:*:*:*:*:*:*:*", "matchCriteriaId": "B4A14432-D8A1-4D19-9408-B9B4F2FC6B0A", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.10-1:*:*:*:*:*:*:*", "matchCriteriaId": "49862F77-B8DE-4AA7-AE17-B348B05AC00E", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.11:*:*:*:*:*:*:*", "matchCriteriaId": "78D7719F-03E0-4E66-A50A-F8E857A9B6AD", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.12:*:*:*:*:*:*:*", "matchCriteriaId": "F3139FDA-9476-4414-B349-7119E63FD268", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.13:*:*:*:*:*:*:*", "matchCriteriaId": "523FE78C-441F-4ACD-B9F2-3E5293E277AB", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.14:*:*:*:*:*:*:*", "matchCriteriaId": "F887B5B1-7528-4086-AE6C-134F54A93342", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.15:*:*:*:*:*:*:*", "matchCriteriaId": "0D6D24ED-0D73-4CF2-B746-6EF29F2EF56F", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.16:*:*:*:*:*:*:*", "matchCriteriaId": "E8C5C552-6276-4791-80CD-6B3EB425EF04", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.17:*:*:*:*:*:*:*", "matchCriteriaId": "8335D4E3-563D-4288-B708-A9635BCA595F", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.18:*:*:*:*:*:*:*", "matchCriteriaId": "5279D055-248A-4BD1-9FBB-0024BA16DF5B", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.19:*:*:*:*:*:*:*", "matchCriteriaId": "BF791C1D-9AF8-4F0F-8F4B-844BC9A55DFD", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.19:rc1:*:*:*:*:*:*", "matchCriteriaId": "16519855-FCB9-44A8-9C7E-116192327BAB", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.19:rc2:*:*:*:*:*:*", "matchCriteriaId": "B1D9330B-C51A-4C7D-A322-85103C64D86C", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.19:rc3:*:*:*:*:*:*", "matchCriteriaId": "2DA0C19F-95EB-429C-AF06-A2C1D5643662", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.19:rc4:*:*:*:*:*:*", "matchCriteriaId": "225CCE80-FF4B-4B39-B8BD-EB4710047524", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.19:rc5:*:*:*:*:*:*", "matchCriteriaId": "07925DD8-50C0-4908-95D1-7342A4617BBC", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.20:*:*:*:*:*:*:*", "matchCriteriaId": "48A519DB-6C6D-4094-814D-33BD5EF389BC", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.20:rc1:*:*:*:*:*:*", "matchCriteriaId": "B6ED7566-5092-4B08-97A9-B2B53117A224", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.20:rc2:*:*:*:*:*:*", "matchCriteriaId": "98DCAC0C-896F-4353-A665-5BCD0D8AEBA5", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.20:rc3:*:*:*:*:*:*", "matchCriteriaId": "E72614CD-8F70-4E07-AD83-8FDE8026CEC7", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.20:rc4:*:*:*:*:*:*", "matchCriteriaId": "48E62419-C165-4B42-8C23-E24821BD4BB4", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.20:rc5:*:*:*:*:*:*", "matchCriteriaId": "217D804B-CA56-49CE-B9EB-2A297EB1763C", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.20:rc6:*:*:*:*:*:*", "matchCriteriaId": "A41E8583-C837-4871-B4D2-FD41C78D538E", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.21:*:*:*:*:*:*:*", "matchCriteriaId": "D480C37B-0DA8-4096-80B0-5198FE589A4B", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.21:rc1:*:*:*:*:*:*", "matchCriteriaId": "74F5A83B-3C1A-49F3-A9D6-F7B9B897E447", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.21:rc2:*:*:*:*:*:*", "matchCriteriaId": "241D4183-879D-4974-BACB-A6987EDA2E7D", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.22:*:*:*:*:*:*:*", "matchCriteriaId": "96592A93-4967-4B91-BCF7-558DC472E7BC", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.22:rc1:*:*:*:*:*:*", "matchCriteriaId": "8758715D-B973-4960-8B7D-6F9A11E73288", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.22:rc2:*:*:*:*:*:*", "matchCriteriaId": "0370E9EB-B830-4362-B83C-912579695691", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.23:*:*:*:*:*:*:*", "matchCriteriaId": "DA3EC6EE-720D-4F27-A2E1-88AE53FC41A5", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.23:rc1:*:*:*:*:*:*", "matchCriteriaId": "D644926A-C2A5-45FE-85A3-2782CE87ED86", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "0696E675-0A13-45FC-8917-845E6FF7A311", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "78BAC98C-1FE6-42A3-8B62-E3C321914F6A", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "BCC3EF2F-0140-4185-9FB3-2B595B61CDC1", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "7C36785A-F735-45C0-986B-9624AD65F0C3", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "3C1D3916-607F-44E8-9D47-93C6C0789083", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.2.5:*:*:*:*:*:*:*", "matchCriteriaId": "174613C3-A04B-4701-849B-BAA598BF4F72", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.2.6:*:*:*:*:*:*:*", "matchCriteriaId": "81C1137C-BE3D-45F9-83C9-D212107F0E14", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.2.7:*:*:*:*:*:*:*", "matchCriteriaId": "3CBC1F81-E93A-42A7-8BC8-4B903688F2E0", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.2.8:*:*:*:*:*:*:*", "matchCriteriaId": "1FA876FF-C58A-45CF-A8E8-E2068DF79421", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.2.9:*:*:*:*:*:*:*", "matchCriteriaId": "5FD78771-BD9A-4AC2-B664-B189DD288FB2", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.2.10:*:*:*:*:*:*:*", "matchCriteriaId": "50A16424-732F-4B76-A753-1642A97BC1EA", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.2.11:*:*:*:*:*:*:*", "matchCriteriaId": "E189C976-2DD2-485C-828E-7FC3DC6A8F32", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.2.12:*:*:*:*:*:*:*", "matchCriteriaId": "A86CA90F-A944-4F3E-B75F-8147125335D2", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "9FAFABDC-E40F-4C53-AC66-94EFD077665D", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "42A2F7B3-F4A7-416E-A07F-D4C5F0768B6F", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "F96C1B80-9E20-4832-8308-BF7911569EF6", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "3F2D7DB3-F467-4BC0-83BB-4706D067A2C5", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.3.4:*:*:*:*:*:*:*", "matchCriteriaId": "ABD33C2C-7D39-4CCE-AC99-BC7B1B205A4F", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.3.5:*:*:*:*:*:*:*", "matchCriteriaId": "46C394DC-65A7-4713-B823-6F5D329A0C5C", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.3.6:*:*:*:*:*:*:*", "matchCriteriaId": "E5E9F74F-3C7D-486A-8BA1-EE2A73160B39", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.3.7:*:*:*:*:*:*:*", "matchCriteriaId": "69BD64BB-BDA7-4F82-8324-B7C7C941133C", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.3.8:*:*:*:*:*:*:*", "matchCriteriaId": "FCAEE03E-0B8A-4D10-BD4D-2DA25B7BBE16", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.3.10:*:*:*:*:*:*:*", "matchCriteriaId": "D8814509-8B08-46C6-AE50-19B7D30DCF40", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.3.11:*:*:*:*:*:*:*", "matchCriteriaId": "0718FB6B-D787-409A-B535-0318F2C63A81", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "The JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service (infinite loop and hang) via a crafted PDF file." }, { "lang": "es", "value": "El decodificador JBIG2 MMR en Xpdf versi\u00f3n 3.02 PL2 y anteriores, CUPS versi\u00f3n 1.3.9 y anteriores, Poppler versi\u00f3n anterior a 0.10.6, y otros productos permite a los atacantes remotos causar una denegaci\u00f3n de servicio (bucle infinito y colgar) por medio de un archivo PDF creado." } ], "id": "CVE-2009-1183", "lastModified": "2025-04-09T00:30:58.490", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2009-04-23T17:30:01.827", "references": [ { "source": "secalert@redhat.com", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html" }, { "source": "secalert@redhat.com", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html" }, { "source": "secalert@redhat.com", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://poppler.freedesktop.org/releases.html" }, { "source": "secalert@redhat.com", "tags": [ "Patch" ], "url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34291" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34481" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34746" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34755" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34756" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34852" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34959" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34963" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34991" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/35037" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/35064" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/35065" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/35618" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/35685" }, { "source": "secalert@redhat.com", "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477" }, { "source": "secalert@redhat.com", "tags": [ "Patch" ], "url": "http://www.debian.org/security/2009/dsa-1790" }, { "source": "secalert@redhat.com", "tags": [ "Patch" ], "url": "http://www.debian.org/security/2009/dsa-1793" }, { "source": "secalert@redhat.com", "tags": [ "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/196617" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175" }, { "source": "secalert@redhat.com", "tags": [ "Patch" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html" }, { "source": "secalert@redhat.com", "tags": [ "Patch" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html" }, { "source": "secalert@redhat.com", "tags": [ "Patch" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html" }, { "source": "secalert@redhat.com", "tags": [ "Patch" ], "url": "http://www.securityfocus.com/bid/34568" }, { "source": "secalert@redhat.com", "url": "http://www.securitytracker.com/id?1022072" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/1065" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/1066" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/1076" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/1077" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2010/1040" }, { "source": "secalert@redhat.com", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=495899" }, { "source": "secalert@redhat.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10769" }, { "source": "secalert@redhat.com", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html" }, { "source": "secalert@redhat.com", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html" }, { "source": "secalert@redhat.com", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://poppler.freedesktop.org/releases.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34291" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34481" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34746" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34755" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34756" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34852" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34959" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34963" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34991" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/35037" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/35064" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/35065" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/35618" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/35685" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.debian.org/security/2009/dsa-1790" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.debian.org/security/2009/dsa-1793" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/196617" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.securityfocus.com/bid/34568" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id?1022072" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/1065" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/1066" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/1076" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/1077" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2010/1040" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=495899" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10769" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html" } ], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-399" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2009-11-02 15:30
Modified
2025-04-09 00:30
Severity ?
Summary
Multiple integer overflows in Poppler 0.10.5 and earlier allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF file, related to (1) glib/poppler-page.cc; (2) ArthurOutputDev.cc, (3) CairoOutputDev.cc, (4) GfxState.cc, (5) JBIG2Stream.cc, (6) PSOutputDev.cc, and (7) SplashOutputDev.cc in poppler/; and (8) SplashBitmap.cc, (9) Splash.cc, and (10) SplashFTFont.cc in splash/. NOTE: this may overlap CVE-2009-0791.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:poppler:poppler:*:*:*:*:*:*:*:*", "matchCriteriaId": "E0299F4A-A027-430C-9A53-AFEF9022960C", "versionEndIncluding": "0.10.5", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.1:*:*:*:*:*:*:*", "matchCriteriaId": "E23EBF88-10DE-4EA6-9F0E-F33C88541F65", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "54F75CFD-3523-4017-992C-4FA6406D49F2", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "DB116A19-6436-40BE-B5C6-32C22D888B9A", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "8A4C1429-593B-47B6-AC84-832F2296FAB5", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "18240BA6-3390-4925-AC25-DA4C42397CF7", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "3090A142-2240-4A8D-A122-C037931A277C", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "EFD63240-4599-4212-8AF2-7C4089CA9D28", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "3C7EE965-EE3F-4B17-AF38-FA3AA0B11164", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "7BE488E5-B3D9-4723-ABBA-A8753EC2DA2D", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "1259C59E-517F-40BE-8BA6-01AB76257C9A", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "63C92F1C-3005-4EA6-B9C0-2BC2E3D611D6", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "576152B4-9ACD-4C4E-B423-4A5EF44332D0", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.4:*:*:*:*:*:*:*", "matchCriteriaId": "322F9E62-6A74-4805-8F6B-9C61739B2D4E", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "F51C453F-6A87-49FB-83F6-22316F28161F", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "75F532F0-6653-4275-A85A-BD9A9A611E96", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "4CC7300E-0CBE-47FD-A241-B4B4F0164EBB", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "255102DA-A2C0-4795-9539-B4CBD587554A", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "349B06F1-772A-4A12-A7B9-EA220ED96D2C", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.9:*:*:*:*:*:*:*", "matchCriteriaId": "B779800A-FF4B-47DD-B56F-77D10D6A335C", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.90:*:*:*:*:*:*:*", "matchCriteriaId": "F0213390-08FA-4E04-835B-8BE0FC61B464", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.91:*:*:*:*:*:*:*", "matchCriteriaId": "0B304657-740A-4F8D-99CD-22E283FEE6F1", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "178680C2-DB1B-4250-9B6E-6ADABA60DE44", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "FCA9036F-92DA-45C2-9FBC-DE03444D34F1", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "B6855B98-DAA2-4850-A765-2F4D6D93A424", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "4743EC55-B61D-4C1A-9ED7-060268F2DB27", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.6.4:*:*:*:*:*:*:*", "matchCriteriaId": "8CD4454E-3D2B-4582-B5E5-0317A6417654", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.7.0:*:*:*:*:*:*:*", "matchCriteriaId": "96402B67-A7A8-44E3-914E-A10A69FAD735", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "66C608C8-F382-4D6B-A638-98763C1CBB66", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.7.2:*:*:*:*:*:*:*", "matchCriteriaId": "21F0F4E0-91B7-4B1F-BFA9-829101A7F90A", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.7.3:*:*:*:*:*:*:*", "matchCriteriaId": "22287102-80B1-4E1F-85E4-488B020A51E0", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.0:*:*:*:*:*:*:*", "matchCriteriaId": "FF3030D6-DE07-418B-AB40-87C85FCA3C58", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.1:*:*:*:*:*:*:*", "matchCriteriaId": "D3583D56-F653-457A-B1F8-25842A15CB82", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.2:*:*:*:*:*:*:*", "matchCriteriaId": "6EEA5DBB-5A80-439E-A135-77CB40772916", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.3:*:*:*:*:*:*:*", "matchCriteriaId": "D4A5C43B-3978-4D0A-8166-A99622106781", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.4:*:*:*:*:*:*:*", "matchCriteriaId": "2A940AF2-A7CA-408F-86E2-797C7BA8A6BD", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.5:*:*:*:*:*:*:*", "matchCriteriaId": "8B2CD8A0-2DBA-4AC9-A97D-D4DAEB6C7A74", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.6:*:*:*:*:*:*:*", "matchCriteriaId": "AA56CB7C-E7B3-4F0B-8BEB-F133FAF0D6FC", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.7:*:*:*:*:*:*:*", "matchCriteriaId": "6323ED7A-6FE8-4885-B743-3E2F82ECA08B", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.9.0:*:*:*:*:*:*:*", "matchCriteriaId": "90D3345C-2D35-413C-B6F9-C308BC7C2AA6", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.9.1:*:*:*:*:*:*:*", "matchCriteriaId": "26216EEC-26B7-41C8-ADFB-64D2EA8DAA8F", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.9.2:*:*:*:*:*:*:*", "matchCriteriaId": "A9D3618D-A183-4B09-9CA2-8D622C3486DD", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.9.3:*:*:*:*:*:*:*", "matchCriteriaId": "A88294D9-563E-4AB3-9FE6-971F43B052B4", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.0:*:*:*:*:*:*:*", "matchCriteriaId": "1A39F672-B238-4B21-A48E-5121771949F3", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.1:*:*:*:*:*:*:*", "matchCriteriaId": "58A5D199-E952-44B5-B5E5-170040FA813E", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.2:*:*:*:*:*:*:*", "matchCriteriaId": "349B4B75-32E2-49FB-9606-8B057AFA2E3E", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.3:*:*:*:*:*:*:*", "matchCriteriaId": "55A8D058-224E-467E-AB61-06F90B541F24", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.4:*:*:*:*:*:*:*", "matchCriteriaId": "77C47EDD-2212-4259-8229-FF05E1A7B5AD", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Multiple integer overflows in Poppler 0.10.5 and earlier allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF file, related to (1) glib/poppler-page.cc; (2) ArthurOutputDev.cc, (3) CairoOutputDev.cc, (4) GfxState.cc, (5) JBIG2Stream.cc, (6) PSOutputDev.cc, and (7) SplashOutputDev.cc in poppler/; and (8) SplashBitmap.cc, (9) Splash.cc, and (10) SplashFTFont.cc in splash/. NOTE: this may overlap CVE-2009-0791." }, { "lang": "es", "value": "M\u00faltiples desbordamientos de entero en Poppler v0.10.5 y anteriores permiten a usuarios remotos provocar una denegaci\u00f3n de servicio (caida de la aplicaci\u00f3n) o probablemente ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un fichero PDF modificado. Relacionado con (1) glib/poppler-page.cc; (2) ArthurOutputDev.cc, (3) CairoOutputDev.cc, (4) GfxState.cc, (5) JBIG2Stream.cc, (6) PSOutputDev.cc y (7) SplashOutputDev.cc en poppler/; y (8) SplashBitmap.cc, (9) Splash.cc y (10) SplashFTFont.cc en splash/. NOTA: esta vulnerabilidad se puede sobrelapar con CVE-2009-0791." } ], "id": "CVE-2009-3605", "lastModified": "2025-04-09T00:30:58.490", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2009-11-02T15:30:00.483", "references": [ { "source": "secalert@redhat.com", "url": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=284a92899602daa4a7f429e61849e794569310b5" }, { "source": "secalert@redhat.com", "url": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=7b2d314a61fd0e12f47c62996cb49ec0d1ba747a" }, { "source": "secalert@redhat.com", "url": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=9cf2325fb22f812b31858e519411f57747d39bd8" }, { "source": "secalert@redhat.com", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/37114" }, { "source": "secalert@redhat.com", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1" }, { "source": "secalert@redhat.com", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:334" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175" }, { "source": "secalert@redhat.com", "url": "http://www.ubuntu.com/usn/USN-850-1" }, { "source": "secalert@redhat.com", "url": "https://bugs.launchpad.net/bugs/cve/2009-3605" }, { "source": "secalert@redhat.com", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=491840" }, { "source": "secalert@redhat.com", "url": "https://launchpad.net/ubuntu/+archive/primary/+files/poppler_0.10.5-1ubuntu2.4.diff.gz" }, { "source": "secalert@redhat.com", "url": "https://launchpad.net/ubuntu/+archive/primary/+files/poppler_0.8.7-1ubuntu0.4.diff.gz" }, { "source": "secalert@redhat.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7731" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=284a92899602daa4a7f429e61849e794569310b5" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=7b2d314a61fd0e12f47c62996cb49ec0d1ba747a" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=9cf2325fb22f812b31858e519411f57747d39bd8" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/37114" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:334" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ubuntu.com/usn/USN-850-1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://bugs.launchpad.net/bugs/cve/2009-3605" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=491840" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://launchpad.net/ubuntu/+archive/primary/+files/poppler_0.10.5-1ubuntu2.4.diff.gz" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://launchpad.net/ubuntu/+archive/primary/+files/poppler_0.8.7-1ubuntu0.4.diff.gz" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7731" } ], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-189" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2009-10-21 17:30
Modified
2025-04-09 00:30
Severity ?
Summary
Integer overflow in the ObjectStream::ObjectStream function in XRef.cc in Xpdf 3.x before 3.02pl4 and Poppler before 0.12.1, as used in GPdf, kdegraphics KPDF, CUPS pdftops, and teTeX, might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:foolabs:xpdf:3.02pl1:*:*:*:*:*:*:*", "matchCriteriaId": "0BC500DA-7B3F-4CD5-BB0E-B244000CD19D", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:3.02pl2:*:*:*:*:*:*:*", "matchCriteriaId": "9D5D9CEA-0707-46FC-AEC3-9EC540B22BC3", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:3.02pl3:*:*:*:*:*:*:*", "matchCriteriaId": "BD38AC59-7518-40FB-BC29-EC64142DE682", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.00:*:*:*:*:*:*:*", "matchCriteriaId": "15D08CFD-BEE1-4DEE-926D-F4291F88224D", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.01:*:*:*:*:*:*:*", "matchCriteriaId": "D244903F-5407-4C35-AE2C-1A05D3C227D4", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.02:*:*:*:*:*:*:*", "matchCriteriaId": "F7D4E256-FF91-47BA-B1D4-940FB2D970AF", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:*:*:*:*:*:*:*:*", "matchCriteriaId": "C16CA37E-F28E-47E6-B77B-4CB0A859F831", "versionEndIncluding": "0.12.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.1:*:*:*:*:*:*:*", "matchCriteriaId": "E23EBF88-10DE-4EA6-9F0E-F33C88541F65", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "54F75CFD-3523-4017-992C-4FA6406D49F2", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "DB116A19-6436-40BE-B5C6-32C22D888B9A", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "8A4C1429-593B-47B6-AC84-832F2296FAB5", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "18240BA6-3390-4925-AC25-DA4C42397CF7", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "3090A142-2240-4A8D-A122-C037931A277C", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "EFD63240-4599-4212-8AF2-7C4089CA9D28", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "3C7EE965-EE3F-4B17-AF38-FA3AA0B11164", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "7BE488E5-B3D9-4723-ABBA-A8753EC2DA2D", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "1259C59E-517F-40BE-8BA6-01AB76257C9A", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "63C92F1C-3005-4EA6-B9C0-2BC2E3D611D6", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "576152B4-9ACD-4C4E-B423-4A5EF44332D0", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.4:*:*:*:*:*:*:*", "matchCriteriaId": "322F9E62-6A74-4805-8F6B-9C61739B2D4E", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "F51C453F-6A87-49FB-83F6-22316F28161F", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "75F532F0-6653-4275-A85A-BD9A9A611E96", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "4CC7300E-0CBE-47FD-A241-B4B4F0164EBB", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "255102DA-A2C0-4795-9539-B4CBD587554A", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "349B06F1-772A-4A12-A7B9-EA220ED96D2C", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.9:*:*:*:*:*:*:*", "matchCriteriaId": "B779800A-FF4B-47DD-B56F-77D10D6A335C", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "178680C2-DB1B-4250-9B6E-6ADABA60DE44", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "FCA9036F-92DA-45C2-9FBC-DE03444D34F1", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "B6855B98-DAA2-4850-A765-2F4D6D93A424", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "4743EC55-B61D-4C1A-9ED7-060268F2DB27", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.6.4:*:*:*:*:*:*:*", "matchCriteriaId": "8CD4454E-3D2B-4582-B5E5-0317A6417654", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.7.0:*:*:*:*:*:*:*", "matchCriteriaId": "96402B67-A7A8-44E3-914E-A10A69FAD735", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "66C608C8-F382-4D6B-A638-98763C1CBB66", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.7.2:*:*:*:*:*:*:*", "matchCriteriaId": "21F0F4E0-91B7-4B1F-BFA9-829101A7F90A", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.7.3:*:*:*:*:*:*:*", "matchCriteriaId": "22287102-80B1-4E1F-85E4-488B020A51E0", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.0:*:*:*:*:*:*:*", "matchCriteriaId": "FF3030D6-DE07-418B-AB40-87C85FCA3C58", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.1:*:*:*:*:*:*:*", "matchCriteriaId": "D3583D56-F653-457A-B1F8-25842A15CB82", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.2:*:*:*:*:*:*:*", "matchCriteriaId": "6EEA5DBB-5A80-439E-A135-77CB40772916", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.3:*:*:*:*:*:*:*", "matchCriteriaId": "D4A5C43B-3978-4D0A-8166-A99622106781", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.4:*:*:*:*:*:*:*", "matchCriteriaId": "2A940AF2-A7CA-408F-86E2-797C7BA8A6BD", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.6:*:*:*:*:*:*:*", "matchCriteriaId": "AA56CB7C-E7B3-4F0B-8BEB-F133FAF0D6FC", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.7:*:*:*:*:*:*:*", "matchCriteriaId": "6323ED7A-6FE8-4885-B743-3E2F82ECA08B", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.9.0:*:*:*:*:*:*:*", "matchCriteriaId": "90D3345C-2D35-413C-B6F9-C308BC7C2AA6", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.9.1:*:*:*:*:*:*:*", "matchCriteriaId": "26216EEC-26B7-41C8-ADFB-64D2EA8DAA8F", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.9.2:*:*:*:*:*:*:*", "matchCriteriaId": "A9D3618D-A183-4B09-9CA2-8D622C3486DD", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.9.3:*:*:*:*:*:*:*", "matchCriteriaId": "A88294D9-563E-4AB3-9FE6-971F43B052B4", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.0:*:*:*:*:*:*:*", "matchCriteriaId": "1A39F672-B238-4B21-A48E-5121771949F3", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.1:*:*:*:*:*:*:*", "matchCriteriaId": "58A5D199-E952-44B5-B5E5-170040FA813E", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.2:*:*:*:*:*:*:*", "matchCriteriaId": "349B4B75-32E2-49FB-9606-8B057AFA2E3E", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.3:*:*:*:*:*:*:*", "matchCriteriaId": "55A8D058-224E-467E-AB61-06F90B541F24", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.4:*:*:*:*:*:*:*", "matchCriteriaId": "77C47EDD-2212-4259-8229-FF05E1A7B5AD", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.5:*:*:*:*:*:*:*", "matchCriteriaId": "C52995D0-0986-427F-B37D-2F6726EA330D", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.6:*:*:*:*:*:*:*", "matchCriteriaId": "7E4427C5-DBF0-4EF9-8B7A-61D56C14E3FB", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.7:*:*:*:*:*:*:*", "matchCriteriaId": "B91206CA-7EBE-4E64-9A49-D7EC0D051012", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.11.0:*:*:*:*:*:*:*", "matchCriteriaId": "BFD43644-7F02-42AF-8EC3-C326A13E2F89", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.11.1:*:*:*:*:*:*:*", "matchCriteriaId": "81FE2E6F-44B2-42D5-B986-D1FE2B510968", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.11.2:*:*:*:*:*:*:*", "matchCriteriaId": "0A605079-3705-4E2C-8F6D-C21B4D875817", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.11.3:*:*:*:*:*:*:*", "matchCriteriaId": "3ABBD590-8092-4920-BBC7-F3ACB9CCC900", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:glyph_and_cog:pdftops:*:*:*:*:*:*:*:*", "matchCriteriaId": "1833267E-3B18-4CF8-B996-6226D5439F5F", "vulnerable": false }, { "criteria": "cpe:2.3:a:gnome:gpdf:*:*:*:*:*:*:*:*", "matchCriteriaId": "E4A9A98B-5E37-4938-9506-927E0C8FACB8", "vulnerable": false }, { "criteria": "cpe:2.3:a:kde:kpdf:*:*:*:*:*:*:*:*", "matchCriteriaId": "41EF2714-DEC9-407F-9D1B-EF2A4D8B4DC3", "vulnerable": false }, { "criteria": "cpe:2.3:a:tetex:tetex:*:*:*:*:*:*:*:*", "matchCriteriaId": "87CCAA71-B817-48A0-81C0-9E4DC4953C9C", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Integer overflow in the ObjectStream::ObjectStream function in XRef.cc in Xpdf 3.x before 3.02pl4 and Poppler before 0.12.1, as used in GPdf, kdegraphics KPDF, CUPS pdftops, and teTeX, might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow." }, { "lang": "es", "value": "Desbordamiento de entero en la funci\u00f3n ObjectStream::ObjectStream en XRef.cc en Xpdf y Poppler, usado en GPdf, kdegraphics KPDF, y CUPS pdftopf y teTeX, podr\u00eda permitir a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un documento PDF manipulado que provoca un desbordamiento de b\u00fafer basado en memoria din\u00e1mica (heap)." } ], "id": "CVE-2009-3608", "lastModified": "2025-04-09T00:30:58.490", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2009-10-21T17:30:00.407", "references": [ { "source": "secalert@redhat.com", "tags": [ "Patch" ], "url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl4.patch" }, { "source": "secalert@redhat.com", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035340.html" }, { "source": "secalert@redhat.com", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035399.html" }, { "source": "secalert@redhat.com", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035408.html" }, { "source": "secalert@redhat.com", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://poppler.freedesktop.org/" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/37028" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/37034" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/37037" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/37043" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/37051" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/37053" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/37054" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/37061" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/37077" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/37079" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/37114" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/37159" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/39327" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/39938" }, { "source": "secalert@redhat.com", "tags": [ "Patch" ], "url": "http://securitytracker.com/id?1023029" }, { "source": "secalert@redhat.com", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1" }, { "source": "secalert@redhat.com", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2009/dsa-1941" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2010/dsa-2028" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2010/dsa-2050" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:287" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:334" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175" }, { "source": "secalert@redhat.com", "url": "http://www.ocert.org/advisories/ocert-2009-016.html" }, { "source": "secalert@redhat.com", "url": "http://www.openwall.com/lists/oss-security/2009/12/01/1" }, { "source": "secalert@redhat.com", "url": "http://www.openwall.com/lists/oss-security/2009/12/01/5" }, { "source": "secalert@redhat.com", "url": "http://www.openwall.com/lists/oss-security/2009/12/01/6" }, { "source": "secalert@redhat.com", "tags": [ "Exploit", "Patch" ], "url": "http://www.securityfocus.com/bid/36703" }, { "source": "secalert@redhat.com", "url": "http://www.ubuntu.com/usn/USN-850-1" }, { "source": "secalert@redhat.com", "url": "http://www.ubuntu.com/usn/USN-850-3" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/2924" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/2925" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/2926" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/2928" }, { "source": "secalert@redhat.com", "url": "http://www.vupen.com/english/advisories/2010/0802" }, { "source": "secalert@redhat.com", "url": "http://www.vupen.com/english/advisories/2010/1220" }, { "source": "secalert@redhat.com", "tags": [ "Patch" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=526637" }, { "source": "secalert@redhat.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53794" }, { "source": "secalert@redhat.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9536" }, { "source": "secalert@redhat.com", "url": "https://rhn.redhat.com/errata/RHSA-2009-1501.html" }, { "source": "secalert@redhat.com", "url": "https://rhn.redhat.com/errata/RHSA-2009-1502.html" }, { "source": "secalert@redhat.com", "url": "https://rhn.redhat.com/errata/RHSA-2009-1503.html" }, { "source": "secalert@redhat.com", "url": "https://rhn.redhat.com/errata/RHSA-2009-1504.html" }, { "source": "secalert@redhat.com", "url": "https://rhn.redhat.com/errata/RHSA-2009-1512.html" }, { "source": "secalert@redhat.com", "url": "https://rhn.redhat.com/errata/RHSA-2009-1513.html" }, { "source": "secalert@redhat.com", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00750.html" }, { "source": "secalert@redhat.com", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00784.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl4.patch" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035340.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035399.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035408.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://poppler.freedesktop.org/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/37028" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/37034" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/37037" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/37043" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/37051" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/37053" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/37054" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/37061" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/37077" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/37079" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/37114" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/37159" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/39327" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/39938" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://securitytracker.com/id?1023029" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2009/dsa-1941" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2010/dsa-2028" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2010/dsa-2050" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:287" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:334" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ocert.org/advisories/ocert-2009-016.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.openwall.com/lists/oss-security/2009/12/01/1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.openwall.com/lists/oss-security/2009/12/01/5" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.openwall.com/lists/oss-security/2009/12/01/6" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Patch" ], "url": "http://www.securityfocus.com/bid/36703" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ubuntu.com/usn/USN-850-1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ubuntu.com/usn/USN-850-3" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/2924" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/2925" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/2926" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/2928" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2010/0802" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2010/1220" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=526637" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53794" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9536" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://rhn.redhat.com/errata/RHSA-2009-1501.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://rhn.redhat.com/errata/RHSA-2009-1502.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://rhn.redhat.com/errata/RHSA-2009-1503.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://rhn.redhat.com/errata/RHSA-2009-1504.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://rhn.redhat.com/errata/RHSA-2009-1512.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://rhn.redhat.com/errata/RHSA-2009-1513.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00750.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00784.html" } ], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-189" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2009-04-23 17:30
Modified
2025-04-09 00:30
Severity ?
Summary
Multiple buffer overflows in the JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allow remote attackers to execute arbitrary code via a crafted PDF file.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:foolabs:xpdf:0.5a:*:*:*:*:*:*:*", "matchCriteriaId": "B8ABE533-8FC1-45E6-B574-A4CC7571EF7C", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.7a:*:*:*:*:*:*:*", "matchCriteriaId": "1B02805E-7BD0-4563-82C8-6FFB982D4913", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.91a:*:*:*:*:*:*:*", "matchCriteriaId": "852F526D-F388-4FF0-BDD9-DF7635DB46D8", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.91b:*:*:*:*:*:*:*", "matchCriteriaId": "478D53EA-CC8C-4ECB-8410-0910505AD819", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.91c:*:*:*:*:*:*:*", "matchCriteriaId": "8C84FB90-FF1C-4502-B2D2-390438DD422F", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.92a:*:*:*:*:*:*:*", "matchCriteriaId": "13341DAE-D16D-41A7-BF17-FEC802997B15", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.92b:*:*:*:*:*:*:*", "matchCriteriaId": "3E30BAEA-231C-4A82-B014-9EE3D1E81545", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.92c:*:*:*:*:*:*:*", "matchCriteriaId": "FE1DE5A5-6448-43F6-A612-56998D16E6B9", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.92d:*:*:*:*:*:*:*", "matchCriteriaId": "35F84699-D4CF-4FD1-A959-53E316559EBE", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.92e:*:*:*:*:*:*:*", "matchCriteriaId": "D820DFD5-0EF9-4C9A-B281-D553A4F63141", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.93a:*:*:*:*:*:*:*", "matchCriteriaId": "E2EFC7E4-E513-42DB-BDA5-8D1E497971DD", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.93b:*:*:*:*:*:*:*", "matchCriteriaId": "0AA5CDDC-BFDE-4C5E-920F-5DA1B3C51B52", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.93c:*:*:*:*:*:*:*", "matchCriteriaId": "F4CF839D-D034-4D47-977F-7E27B36EF04F", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:1.00a:*:*:*:*:*:*:*", "matchCriteriaId": "F3B3E8A4-14FE-42DA-B82E-839B092B5302", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:*:*:*:*:*:*:*:*", "matchCriteriaId": "32628280-E2DB-45E0-AB8A-CFC90419A182", "versionEndIncluding": "3.02", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.2:*:*:*:*:*:*:*", "matchCriteriaId": "DEF5EC54-9145-4B51-8241-C9343160BF80", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.3:*:*:*:*:*:*:*", "matchCriteriaId": "D33C2C1D-C1C1-4B1D-BDC8-6480CE8EC24B", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.4:*:*:*:*:*:*:*", "matchCriteriaId": "D1344DF7-9917-4DB0-9256-9E8131C55B0A", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.5:*:*:*:*:*:*:*", "matchCriteriaId": "309F0CF2-4AF7-4F46-91EA-39BA07BAF312", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.6:*:*:*:*:*:*:*", "matchCriteriaId": "36FA872B-74B8-48E4-9D5C-5ACA6FCB8026", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.7:*:*:*:*:*:*:*", "matchCriteriaId": "20311EDE-0E34-432A-AE41-F61EA68F134A", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.80:*:*:*:*:*:*:*", "matchCriteriaId": "16FEF460-3569-4294-ABA4-D7C251D67071", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.90:*:*:*:*:*:*:*", "matchCriteriaId": "BB41E8C2-BBCC-48CB-805B-23411D39E936", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.91:*:*:*:*:*:*:*", "matchCriteriaId": "16670F8A-E70B-4CDF-8C61-414D86E20C84", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.92:*:*:*:*:*:*:*", "matchCriteriaId": "69483A91-53DB-4736-908F-7B14EFB40888", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.93:*:*:*:*:*:*:*", "matchCriteriaId": "5B3E7962-0A95-4E7B-A983-683B02350B93", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:1.00:*:*:*:*:*:*:*", "matchCriteriaId": "BD1120B3-3372-417B-BCA0-FD515638FBFB", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:1.01:*:*:*:*:*:*:*", "matchCriteriaId": "F7397645-3225-4980-8465-28F93322B58B", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.00:*:*:*:*:*:*:*", "matchCriteriaId": "1672587F-ED28-4A8A-A6C1-AD1D6B5DF9F3", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.01:*:*:*:*:*:*:*", "matchCriteriaId": "D5A45EAF-B511-4360-A201-D588E7EEB39D", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.02:*:*:*:*:*:*:*", "matchCriteriaId": "D14637F7-DC99-4AC4-854C-DBA0B4C6BE54", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.03:*:*:*:*:*:*:*", "matchCriteriaId": "9EE03979-D564-4ABD-BEBD-E86E7C1BAF9D", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.00:*:*:*:*:*:*:*", "matchCriteriaId": "15D08CFD-BEE1-4DEE-926D-F4291F88224D", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.01:*:*:*:*:*:*:*", "matchCriteriaId": "D244903F-5407-4C35-AE2C-1A05D3C227D4", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:poppler:poppler:*:*:*:*:*:*:*:*", "matchCriteriaId": "E0299F4A-A027-430C-9A53-AFEF9022960C", "versionEndIncluding": "0.10.5", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.1:*:*:*:*:*:*:*", "matchCriteriaId": "E23EBF88-10DE-4EA6-9F0E-F33C88541F65", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "54F75CFD-3523-4017-992C-4FA6406D49F2", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "DB116A19-6436-40BE-B5C6-32C22D888B9A", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "8A4C1429-593B-47B6-AC84-832F2296FAB5", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "18240BA6-3390-4925-AC25-DA4C42397CF7", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "3090A142-2240-4A8D-A122-C037931A277C", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "EFD63240-4599-4212-8AF2-7C4089CA9D28", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "3C7EE965-EE3F-4B17-AF38-FA3AA0B11164", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "7BE488E5-B3D9-4723-ABBA-A8753EC2DA2D", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "1259C59E-517F-40BE-8BA6-01AB76257C9A", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "63C92F1C-3005-4EA6-B9C0-2BC2E3D611D6", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "576152B4-9ACD-4C4E-B423-4A5EF44332D0", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.4:*:*:*:*:*:*:*", "matchCriteriaId": "322F9E62-6A74-4805-8F6B-9C61739B2D4E", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "F51C453F-6A87-49FB-83F6-22316F28161F", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "75F532F0-6653-4275-A85A-BD9A9A611E96", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "4CC7300E-0CBE-47FD-A241-B4B4F0164EBB", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "255102DA-A2C0-4795-9539-B4CBD587554A", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "349B06F1-772A-4A12-A7B9-EA220ED96D2C", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.9:*:*:*:*:*:*:*", "matchCriteriaId": "B779800A-FF4B-47DD-B56F-77D10D6A335C", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.90:*:*:*:*:*:*:*", "matchCriteriaId": "F0213390-08FA-4E04-835B-8BE0FC61B464", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.91:*:*:*:*:*:*:*", "matchCriteriaId": "0B304657-740A-4F8D-99CD-22E283FEE6F1", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "178680C2-DB1B-4250-9B6E-6ADABA60DE44", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "FCA9036F-92DA-45C2-9FBC-DE03444D34F1", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "B6855B98-DAA2-4850-A765-2F4D6D93A424", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "4743EC55-B61D-4C1A-9ED7-060268F2DB27", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.6.4:*:*:*:*:*:*:*", "matchCriteriaId": "8CD4454E-3D2B-4582-B5E5-0317A6417654", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.7.0:*:*:*:*:*:*:*", "matchCriteriaId": "96402B67-A7A8-44E3-914E-A10A69FAD735", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "66C608C8-F382-4D6B-A638-98763C1CBB66", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.7.2:*:*:*:*:*:*:*", "matchCriteriaId": "21F0F4E0-91B7-4B1F-BFA9-829101A7F90A", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.7.3:*:*:*:*:*:*:*", "matchCriteriaId": "22287102-80B1-4E1F-85E4-488B020A51E0", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.0:*:*:*:*:*:*:*", "matchCriteriaId": "FF3030D6-DE07-418B-AB40-87C85FCA3C58", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.1:*:*:*:*:*:*:*", "matchCriteriaId": "D3583D56-F653-457A-B1F8-25842A15CB82", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.2:*:*:*:*:*:*:*", "matchCriteriaId": "6EEA5DBB-5A80-439E-A135-77CB40772916", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.3:*:*:*:*:*:*:*", "matchCriteriaId": "D4A5C43B-3978-4D0A-8166-A99622106781", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.4:*:*:*:*:*:*:*", "matchCriteriaId": "2A940AF2-A7CA-408F-86E2-797C7BA8A6BD", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.5:*:*:*:*:*:*:*", "matchCriteriaId": "8B2CD8A0-2DBA-4AC9-A97D-D4DAEB6C7A74", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.6:*:*:*:*:*:*:*", "matchCriteriaId": "AA56CB7C-E7B3-4F0B-8BEB-F133FAF0D6FC", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.7:*:*:*:*:*:*:*", "matchCriteriaId": "6323ED7A-6FE8-4885-B743-3E2F82ECA08B", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.9.0:*:*:*:*:*:*:*", "matchCriteriaId": "90D3345C-2D35-413C-B6F9-C308BC7C2AA6", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.9.1:*:*:*:*:*:*:*", "matchCriteriaId": "26216EEC-26B7-41C8-ADFB-64D2EA8DAA8F", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.9.2:*:*:*:*:*:*:*", "matchCriteriaId": "A9D3618D-A183-4B09-9CA2-8D622C3486DD", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.9.3:*:*:*:*:*:*:*", "matchCriteriaId": "A88294D9-563E-4AB3-9FE6-971F43B052B4", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.0:*:*:*:*:*:*:*", "matchCriteriaId": "1A39F672-B238-4B21-A48E-5121771949F3", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.1:*:*:*:*:*:*:*", "matchCriteriaId": "58A5D199-E952-44B5-B5E5-170040FA813E", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.2:*:*:*:*:*:*:*", "matchCriteriaId": "349B4B75-32E2-49FB-9606-8B057AFA2E3E", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.3:*:*:*:*:*:*:*", "matchCriteriaId": "55A8D058-224E-467E-AB61-06F90B541F24", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.4:*:*:*:*:*:*:*", "matchCriteriaId": "77C47EDD-2212-4259-8229-FF05E1A7B5AD", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:apple:cups:*:*:*:*:*:*:*:*", "matchCriteriaId": "B4E90153-8D18-4A50-9581-895C851F6489", "versionEndIncluding": "1.3.9", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "E4D89E03-94D0-4F7F-9A54-3021E3E5A321", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "298D6BE7-7683-4225-8DD6-4C0FC5EB48BC", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "230B77E7-B1AE-4470-859D-7B5F99749D74", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "F8FECBBD-B1A2-4F42-8A68-32AB8331BDC7", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "7B6070FC-4566-4314-940E-0AAE34B56E28", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.5:*:*:*:*:*:*:*", "matchCriteriaId": "BC691F07-8B38-4867-AB18-51F380CAEA46", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.5-1:*:*:*:*:*:*:*", "matchCriteriaId": "E943EFBF-39A7-408F-8AC5-677E83DFDBB4", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.5-2:*:*:*:*:*:*:*", "matchCriteriaId": "5EA7725A-4398-4C76-BEBF-10E56C7F34F4", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.6:*:*:*:*:*:*:*", "matchCriteriaId": "D7415295-0FBF-4946-8D99-8CB2EC391319", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.6-1:*:*:*:*:*:*:*", "matchCriteriaId": "7C702EE3-4B7C-42EA-92AA-8717807CF67C", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.6-2:*:*:*:*:*:*:*", "matchCriteriaId": "73F74581-D71C-4FEC-BA8C-85EF4C1991BD", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.6-3:*:*:*:*:*:*:*", "matchCriteriaId": "7ABCFB52-33D3-428C-B1D5-DCE504170A37", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.7:*:*:*:*:*:*:*", "matchCriteriaId": "45F03F2B-6AC3-4872-9032-293C2E9B837C", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.8:*:*:*:*:*:*:*", "matchCriteriaId": "7E02B6FB-C36D-45F3-95F3-566CA03B29A3", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.9:*:*:*:*:*:*:*", "matchCriteriaId": "96093309-A87D-48D0-84DA-446255ABF231", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.9-1:*:*:*:*:*:*:*", "matchCriteriaId": "CF67F149-614B-4507-A15F-E557A1B73423", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.10:*:*:*:*:*:*:*", "matchCriteriaId": "B4A14432-D8A1-4D19-9408-B9B4F2FC6B0A", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.10-1:*:*:*:*:*:*:*", "matchCriteriaId": "49862F77-B8DE-4AA7-AE17-B348B05AC00E", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.11:*:*:*:*:*:*:*", "matchCriteriaId": "78D7719F-03E0-4E66-A50A-F8E857A9B6AD", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.12:*:*:*:*:*:*:*", "matchCriteriaId": "F3139FDA-9476-4414-B349-7119E63FD268", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.13:*:*:*:*:*:*:*", "matchCriteriaId": "523FE78C-441F-4ACD-B9F2-3E5293E277AB", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.14:*:*:*:*:*:*:*", "matchCriteriaId": "F887B5B1-7528-4086-AE6C-134F54A93342", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.15:*:*:*:*:*:*:*", "matchCriteriaId": "0D6D24ED-0D73-4CF2-B746-6EF29F2EF56F", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.16:*:*:*:*:*:*:*", "matchCriteriaId": "E8C5C552-6276-4791-80CD-6B3EB425EF04", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.17:*:*:*:*:*:*:*", "matchCriteriaId": "8335D4E3-563D-4288-B708-A9635BCA595F", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.18:*:*:*:*:*:*:*", "matchCriteriaId": "5279D055-248A-4BD1-9FBB-0024BA16DF5B", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.19:*:*:*:*:*:*:*", "matchCriteriaId": "BF791C1D-9AF8-4F0F-8F4B-844BC9A55DFD", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.19:rc1:*:*:*:*:*:*", "matchCriteriaId": "16519855-FCB9-44A8-9C7E-116192327BAB", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.19:rc2:*:*:*:*:*:*", "matchCriteriaId": "B1D9330B-C51A-4C7D-A322-85103C64D86C", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.19:rc3:*:*:*:*:*:*", "matchCriteriaId": "2DA0C19F-95EB-429C-AF06-A2C1D5643662", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.19:rc4:*:*:*:*:*:*", "matchCriteriaId": "225CCE80-FF4B-4B39-B8BD-EB4710047524", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.19:rc5:*:*:*:*:*:*", "matchCriteriaId": "07925DD8-50C0-4908-95D1-7342A4617BBC", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.20:*:*:*:*:*:*:*", "matchCriteriaId": "48A519DB-6C6D-4094-814D-33BD5EF389BC", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.20:rc1:*:*:*:*:*:*", "matchCriteriaId": "B6ED7566-5092-4B08-97A9-B2B53117A224", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.20:rc2:*:*:*:*:*:*", "matchCriteriaId": "98DCAC0C-896F-4353-A665-5BCD0D8AEBA5", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.20:rc3:*:*:*:*:*:*", "matchCriteriaId": "E72614CD-8F70-4E07-AD83-8FDE8026CEC7", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.20:rc4:*:*:*:*:*:*", "matchCriteriaId": "48E62419-C165-4B42-8C23-E24821BD4BB4", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.20:rc5:*:*:*:*:*:*", "matchCriteriaId": "217D804B-CA56-49CE-B9EB-2A297EB1763C", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.20:rc6:*:*:*:*:*:*", "matchCriteriaId": "A41E8583-C837-4871-B4D2-FD41C78D538E", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.21:*:*:*:*:*:*:*", "matchCriteriaId": "D480C37B-0DA8-4096-80B0-5198FE589A4B", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.21:rc1:*:*:*:*:*:*", "matchCriteriaId": "74F5A83B-3C1A-49F3-A9D6-F7B9B897E447", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.21:rc2:*:*:*:*:*:*", "matchCriteriaId": "241D4183-879D-4974-BACB-A6987EDA2E7D", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.22:*:*:*:*:*:*:*", "matchCriteriaId": "96592A93-4967-4B91-BCF7-558DC472E7BC", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.22:rc1:*:*:*:*:*:*", "matchCriteriaId": "8758715D-B973-4960-8B7D-6F9A11E73288", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.22:rc2:*:*:*:*:*:*", "matchCriteriaId": "0370E9EB-B830-4362-B83C-912579695691", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.23:*:*:*:*:*:*:*", "matchCriteriaId": "DA3EC6EE-720D-4F27-A2E1-88AE53FC41A5", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.23:rc1:*:*:*:*:*:*", "matchCriteriaId": "D644926A-C2A5-45FE-85A3-2782CE87ED86", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "0696E675-0A13-45FC-8917-845E6FF7A311", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "78BAC98C-1FE6-42A3-8B62-E3C321914F6A", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "BCC3EF2F-0140-4185-9FB3-2B595B61CDC1", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "7C36785A-F735-45C0-986B-9624AD65F0C3", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "3C1D3916-607F-44E8-9D47-93C6C0789083", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.2.5:*:*:*:*:*:*:*", "matchCriteriaId": "174613C3-A04B-4701-849B-BAA598BF4F72", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.2.6:*:*:*:*:*:*:*", "matchCriteriaId": "81C1137C-BE3D-45F9-83C9-D212107F0E14", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.2.7:*:*:*:*:*:*:*", "matchCriteriaId": "3CBC1F81-E93A-42A7-8BC8-4B903688F2E0", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.2.8:*:*:*:*:*:*:*", "matchCriteriaId": "1FA876FF-C58A-45CF-A8E8-E2068DF79421", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.2.9:*:*:*:*:*:*:*", "matchCriteriaId": "5FD78771-BD9A-4AC2-B664-B189DD288FB2", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.2.10:*:*:*:*:*:*:*", "matchCriteriaId": "50A16424-732F-4B76-A753-1642A97BC1EA", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.2.11:*:*:*:*:*:*:*", "matchCriteriaId": "E189C976-2DD2-485C-828E-7FC3DC6A8F32", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.2.12:*:*:*:*:*:*:*", "matchCriteriaId": "A86CA90F-A944-4F3E-B75F-8147125335D2", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "9FAFABDC-E40F-4C53-AC66-94EFD077665D", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "42A2F7B3-F4A7-416E-A07F-D4C5F0768B6F", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "F96C1B80-9E20-4832-8308-BF7911569EF6", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "3F2D7DB3-F467-4BC0-83BB-4706D067A2C5", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.3.4:*:*:*:*:*:*:*", "matchCriteriaId": "ABD33C2C-7D39-4CCE-AC99-BC7B1B205A4F", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.3.5:*:*:*:*:*:*:*", "matchCriteriaId": "46C394DC-65A7-4713-B823-6F5D329A0C5C", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.3.6:*:*:*:*:*:*:*", "matchCriteriaId": "E5E9F74F-3C7D-486A-8BA1-EE2A73160B39", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.3.7:*:*:*:*:*:*:*", "matchCriteriaId": "69BD64BB-BDA7-4F82-8324-B7C7C941133C", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.3.8:*:*:*:*:*:*:*", "matchCriteriaId": "FCAEE03E-0B8A-4D10-BD4D-2DA25B7BBE16", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.3.10:*:*:*:*:*:*:*", "matchCriteriaId": "D8814509-8B08-46C6-AE50-19B7D30DCF40", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.3.11:*:*:*:*:*:*:*", "matchCriteriaId": "0718FB6B-D787-409A-B535-0318F2C63A81", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Multiple buffer overflows in the JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allow remote attackers to execute arbitrary code via a crafted PDF file." }, { "lang": "es", "value": "M\u00faltiples desbordamientos del b\u00fafer en el decodificador JBIG2 MMR en Xpdf versi\u00f3n 3.02 PL2 y anteriores, CUPS versi\u00f3n 1.3.9 y anteriores, Poppler versi\u00f3n anterior a 0.10.6, y otros productos, permiten a los atacantes remotos ejecutar c\u00f3digo arbitrario por medio de un archivo PDF creado." } ], "id": "CVE-2009-1182", "lastModified": "2025-04-09T00:30:58.490", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2009-04-23T17:30:01.813", "references": [ { "source": "secalert@redhat.com", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html" }, { "source": "secalert@redhat.com", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html" }, { "source": "secalert@redhat.com", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html" }, { "source": "secalert@redhat.com", "url": "http://poppler.freedesktop.org/releases.html" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34291" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34481" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34746" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34755" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34756" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34852" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34959" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34963" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34991" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/35037" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/35064" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/35065" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/35618" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/35685" }, { "source": "secalert@redhat.com", "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2009/dsa-1790" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2009/dsa-1793" }, { "source": "secalert@redhat.com", "tags": [ "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/196617" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/bid/34568" }, { "source": "secalert@redhat.com", "url": "http://www.securitytracker.com/id?1022073" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/1065" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/1066" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/1076" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/1077" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2010/1040" }, { "source": "secalert@redhat.com", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=495896" }, { "source": "secalert@redhat.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10735" }, { "source": "secalert@redhat.com", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html" }, { "source": "secalert@redhat.com", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html" }, { "source": "secalert@redhat.com", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://poppler.freedesktop.org/releases.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34291" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34481" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34746" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34755" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34756" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34852" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34959" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34963" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34991" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/35037" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/35064" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/35065" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/35618" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/35685" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2009/dsa-1790" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2009/dsa-1793" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/196617" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/34568" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id?1022073" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/1065" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/1066" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/1076" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/1077" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2010/1040" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=495896" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10735" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html" } ], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-119" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2009-11-13 16:30
Modified
2025-04-09 00:30
Severity ?
Summary
Buffer overflow in the ABWOutputDev::endWord function in poppler/ABWOutputDev.cc in Poppler (aka libpoppler) 0.10.6, 0.12.0, and possibly other versions, as used by the Abiword pdftoabw utility, allows user-assisted remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted PDF file.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:poppler:poppler:0.10.6:*:*:*:*:*:*:*", "matchCriteriaId": "7E4427C5-DBF0-4EF9-8B7A-61D56C14E3FB", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.12.0:*:*:*:*:*:*:*", "matchCriteriaId": "14D812D5-BC8B-4907-AA70-F8D7F982A8DD", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Buffer overflow in the ABWOutputDev::endWord function in poppler/ABWOutputDev.cc in Poppler (aka libpoppler) 0.10.6, 0.12.0, and possibly other versions, as used by the Abiword pdftoabw utility, allows user-assisted remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted PDF file." }, { "lang": "es", "value": "Desbordamiento de b\u00fafer en la funci\u00f3n ABWOutputDev::endWord en poppler/ABWOutputDev.cc en Poppler (alias libpoppler) 0.10.6, 0.12.0 y posiblemente otras versiones, tal como se usa en la utilidad Abiword pdftoabw, permite a atacantes remotos asistidos por el usuario provocar una denegaci\u00f3n de servicio y posiblemente ejecutar c\u00f3digo de su elecci\u00f3n mediante un fichero PDF manipulado." } ], "id": "CVE-2009-3938", "lastModified": "2025-04-09T00:30:58.490", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2009-11-13T16:30:00.297", "references": [ { "source": "cve@mitre.org", "tags": [ "Exploit" ], "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=534680" }, { "source": "cve@mitre.org", "tags": [ "Patch" ], "url": "http://bugs.freedesktop.org/attachment.cgi?id=30599\u0026action=edit" }, { "source": "cve@mitre.org", "tags": [ "Exploit" ], "url": "http://bugs.freedesktop.org/show_bug.cgi?id=23074" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/37333" }, { "source": "cve@mitre.org", "url": "http://www.debian.org/security/2009/dsa-1941" }, { "source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/36976" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/3227" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54215" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit" ], "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=534680" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://bugs.freedesktop.org/attachment.cgi?id=30599\u0026action=edit" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit" ], "url": "http://bugs.freedesktop.org/show_bug.cgi?id=23074" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/37333" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2009/dsa-1941" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/36976" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/3227" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54215" } ], "sourceIdentifier": "cve@mitre.org", "vendorComments": [ { "comment": "Not vulnerable. This issue did not affect the versions of poppler as shipped with Red Hat Enterprise Linux 5.\n", "lastModified": "2009-11-23T00:00:00", "organization": "Red Hat" } ], "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-119" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2009-04-23 19:30
Modified
2025-04-09 00:30
Severity ?
Summary
Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, as used in Poppler and other products, when running on Mac OS X, has unspecified impact, related to "g*allocn."
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
foolabs | xpdf | 0.5a | |
foolabs | xpdf | 0.7a | |
foolabs | xpdf | 0.91a | |
foolabs | xpdf | 0.91b | |
foolabs | xpdf | 0.91c | |
foolabs | xpdf | 0.92a | |
foolabs | xpdf | 0.92b | |
foolabs | xpdf | 0.92c | |
foolabs | xpdf | 0.92d | |
foolabs | xpdf | 0.92e | |
foolabs | xpdf | 0.93a | |
foolabs | xpdf | 0.93b | |
foolabs | xpdf | 0.93c | |
foolabs | xpdf | 1.00a | |
foolabs | xpdf | 3.0.1 | |
glyphandcog | xpdfreader | * | |
glyphandcog | xpdfreader | 0.2 | |
glyphandcog | xpdfreader | 0.3 | |
glyphandcog | xpdfreader | 0.4 | |
glyphandcog | xpdfreader | 0.5 | |
glyphandcog | xpdfreader | 0.6 | |
glyphandcog | xpdfreader | 0.7 | |
glyphandcog | xpdfreader | 0.80 | |
glyphandcog | xpdfreader | 0.90 | |
glyphandcog | xpdfreader | 0.91 | |
glyphandcog | xpdfreader | 0.92 | |
glyphandcog | xpdfreader | 0.93 | |
glyphandcog | xpdfreader | 1.00 | |
glyphandcog | xpdfreader | 1.01 | |
glyphandcog | xpdfreader | 2.00 | |
glyphandcog | xpdfreader | 2.01 | |
glyphandcog | xpdfreader | 2.02 | |
glyphandcog | xpdfreader | 2.03 | |
glyphandcog | xpdfreader | 3.00 | |
glyphandcog | xpdfreader | 3.01 | |
poppler | poppler | * |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:foolabs:xpdf:0.5a:*:*:*:*:*:*:*", "matchCriteriaId": "B8ABE533-8FC1-45E6-B574-A4CC7571EF7C", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.7a:*:*:*:*:*:*:*", "matchCriteriaId": "1B02805E-7BD0-4563-82C8-6FFB982D4913", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.91a:*:*:*:*:*:*:*", "matchCriteriaId": "852F526D-F388-4FF0-BDD9-DF7635DB46D8", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.91b:*:*:*:*:*:*:*", "matchCriteriaId": "478D53EA-CC8C-4ECB-8410-0910505AD819", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.91c:*:*:*:*:*:*:*", "matchCriteriaId": "8C84FB90-FF1C-4502-B2D2-390438DD422F", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.92a:*:*:*:*:*:*:*", "matchCriteriaId": "13341DAE-D16D-41A7-BF17-FEC802997B15", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.92b:*:*:*:*:*:*:*", "matchCriteriaId": "3E30BAEA-231C-4A82-B014-9EE3D1E81545", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.92c:*:*:*:*:*:*:*", "matchCriteriaId": "FE1DE5A5-6448-43F6-A612-56998D16E6B9", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.92d:*:*:*:*:*:*:*", "matchCriteriaId": "35F84699-D4CF-4FD1-A959-53E316559EBE", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.92e:*:*:*:*:*:*:*", "matchCriteriaId": "D820DFD5-0EF9-4C9A-B281-D553A4F63141", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.93a:*:*:*:*:*:*:*", "matchCriteriaId": "E2EFC7E4-E513-42DB-BDA5-8D1E497971DD", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.93b:*:*:*:*:*:*:*", "matchCriteriaId": "0AA5CDDC-BFDE-4C5E-920F-5DA1B3C51B52", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.93c:*:*:*:*:*:*:*", "matchCriteriaId": "F4CF839D-D034-4D47-977F-7E27B36EF04F", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:1.00a:*:*:*:*:*:*:*", "matchCriteriaId": "F3B3E8A4-14FE-42DA-B82E-839B092B5302", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:3.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "52D79ABD-202F-464F-B6C3-B225FD37DD3F", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:*:*:*:*:*:*:*:*", "matchCriteriaId": "32628280-E2DB-45E0-AB8A-CFC90419A182", "versionEndIncluding": "3.02", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.2:*:*:*:*:*:*:*", "matchCriteriaId": "DEF5EC54-9145-4B51-8241-C9343160BF80", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.3:*:*:*:*:*:*:*", "matchCriteriaId": "D33C2C1D-C1C1-4B1D-BDC8-6480CE8EC24B", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.4:*:*:*:*:*:*:*", "matchCriteriaId": "D1344DF7-9917-4DB0-9256-9E8131C55B0A", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.5:*:*:*:*:*:*:*", "matchCriteriaId": "309F0CF2-4AF7-4F46-91EA-39BA07BAF312", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.6:*:*:*:*:*:*:*", "matchCriteriaId": "36FA872B-74B8-48E4-9D5C-5ACA6FCB8026", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.7:*:*:*:*:*:*:*", "matchCriteriaId": "20311EDE-0E34-432A-AE41-F61EA68F134A", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.80:*:*:*:*:*:*:*", "matchCriteriaId": "16FEF460-3569-4294-ABA4-D7C251D67071", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.90:*:*:*:*:*:*:*", "matchCriteriaId": "BB41E8C2-BBCC-48CB-805B-23411D39E936", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.91:*:*:*:*:*:*:*", "matchCriteriaId": "16670F8A-E70B-4CDF-8C61-414D86E20C84", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.92:*:*:*:*:*:*:*", "matchCriteriaId": "69483A91-53DB-4736-908F-7B14EFB40888", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.93:*:*:*:*:*:*:*", "matchCriteriaId": "5B3E7962-0A95-4E7B-A983-683B02350B93", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:1.00:*:*:*:*:*:*:*", "matchCriteriaId": "BD1120B3-3372-417B-BCA0-FD515638FBFB", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:1.01:*:*:*:*:*:*:*", "matchCriteriaId": "F7397645-3225-4980-8465-28F93322B58B", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.00:*:*:*:*:*:*:*", "matchCriteriaId": "1672587F-ED28-4A8A-A6C1-AD1D6B5DF9F3", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.01:*:*:*:*:*:*:*", "matchCriteriaId": "D5A45EAF-B511-4360-A201-D588E7EEB39D", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.02:*:*:*:*:*:*:*", "matchCriteriaId": "D14637F7-DC99-4AC4-854C-DBA0B4C6BE54", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.03:*:*:*:*:*:*:*", "matchCriteriaId": "9EE03979-D564-4ABD-BEBD-E86E7C1BAF9D", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.00:*:*:*:*:*:*:*", "matchCriteriaId": "15D08CFD-BEE1-4DEE-926D-F4291F88224D", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.01:*:*:*:*:*:*:*", "matchCriteriaId": "D244903F-5407-4C35-AE2C-1A05D3C227D4", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:poppler:poppler:*:*:*:*:*:*:*:*", "matchCriteriaId": "9A63FAB9-7E4D-4D2D-808B-F96F2015BF63", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, as used in Poppler and other products, when running on Mac OS X, has unspecified impact, related to \"g*allocn.\"" }, { "lang": "es", "value": "Desbordamiento de entero en el decodificador JBIG2 en Xpdf v3.02p12 y anteriores, como se utiliza en Poppler y otros productos, cuando corre en Mac OS X, tiene un impacto desconocido, relacionado con \"g*allocn.\"" } ], "id": "CVE-2009-0165", "lastModified": "2025-04-09T00:30:58.490", "metrics": { "cvssMetricV2": [ { "acInsufInfo": true, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2009-04-23T19:30:00.500", "references": [ { "source": "cve@mitre.org", "tags": [ "Patch" ], "url": "http://bugs.gentoo.org/show_bug.cgi?id=263028" }, { "source": "cve@mitre.org", "url": "http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html" }, { "source": "cve@mitre.org", "url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html" }, { "source": "cve@mitre.org", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html" }, { "source": "cve@mitre.org", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html" }, { "source": "cve@mitre.org", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/34852" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/34959" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/34991" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/35037" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/35065" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/35074" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/35685" }, { "source": "cve@mitre.org", "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477" }, { "source": "cve@mitre.org", "url": "http://support.apple.com/kb/HT3549" }, { "source": "cve@mitre.org", "url": "http://support.apple.com/kb/HT3639" }, { "source": "cve@mitre.org", "url": "http://www.debian.org/security/2009/dsa-1790" }, { "source": "cve@mitre.org", "url": "http://www.debian.org/security/2009/dsa-1793" }, { "source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/34568" }, { "source": "cve@mitre.org", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html" }, { "source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2009/1297" }, { "source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2009/1621" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50377" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://bugs.gentoo.org/show_bug.cgi?id=263028" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/34852" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/34959" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/34991" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/35037" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/35065" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/35074" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/35685" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://support.apple.com/kb/HT3549" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://support.apple.com/kb/HT3639" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2009/dsa-1790" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2009/dsa-1793" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/34568" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2009/1297" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2009/1621" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50377" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-189" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2010-11-05 18:00
Modified
2025-04-11 00:51
Severity ?
Summary
The FoFiType1::parse function in fofi/FoFiType1.cc in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, kdegraphics, and possibly other products allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a PDF file with a crafted PostScript Type1 font that contains a negative array index, which bypasses input validation and triggers memory corruption.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:poppler:poppler:0.8.7:*:*:*:*:*:*:*", "matchCriteriaId": "6323ED7A-6FE8-4885-B743-3E2F82ECA08B", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.9.0:*:*:*:*:*:*:*", "matchCriteriaId": "90D3345C-2D35-413C-B6F9-C308BC7C2AA6", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.9.1:*:*:*:*:*:*:*", "matchCriteriaId": "26216EEC-26B7-41C8-ADFB-64D2EA8DAA8F", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.9.2:*:*:*:*:*:*:*", "matchCriteriaId": "A9D3618D-A183-4B09-9CA2-8D622C3486DD", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.9.3:*:*:*:*:*:*:*", "matchCriteriaId": "A88294D9-563E-4AB3-9FE6-971F43B052B4", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.0:*:*:*:*:*:*:*", "matchCriteriaId": "1A39F672-B238-4B21-A48E-5121771949F3", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.1:*:*:*:*:*:*:*", "matchCriteriaId": "58A5D199-E952-44B5-B5E5-170040FA813E", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.2:*:*:*:*:*:*:*", "matchCriteriaId": "349B4B75-32E2-49FB-9606-8B057AFA2E3E", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.3:*:*:*:*:*:*:*", "matchCriteriaId": "55A8D058-224E-467E-AB61-06F90B541F24", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.4:*:*:*:*:*:*:*", "matchCriteriaId": "77C47EDD-2212-4259-8229-FF05E1A7B5AD", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.5:*:*:*:*:*:*:*", "matchCriteriaId": "C52995D0-0986-427F-B37D-2F6726EA330D", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.6:*:*:*:*:*:*:*", "matchCriteriaId": "7E4427C5-DBF0-4EF9-8B7A-61D56C14E3FB", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.7:*:*:*:*:*:*:*", "matchCriteriaId": "B91206CA-7EBE-4E64-9A49-D7EC0D051012", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.11.0:*:*:*:*:*:*:*", "matchCriteriaId": "BFD43644-7F02-42AF-8EC3-C326A13E2F89", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.11.1:*:*:*:*:*:*:*", "matchCriteriaId": "81FE2E6F-44B2-42D5-B986-D1FE2B510968", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.11.2:*:*:*:*:*:*:*", "matchCriteriaId": "0A605079-3705-4E2C-8F6D-C21B4D875817", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.11.3:*:*:*:*:*:*:*", "matchCriteriaId": "3ABBD590-8092-4920-BBC7-F3ACB9CCC900", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.12.0:*:*:*:*:*:*:*", "matchCriteriaId": "14D812D5-BC8B-4907-AA70-F8D7F982A8DD", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.12.1:*:*:*:*:*:*:*", "matchCriteriaId": "8E25003C-04CE-401F-B012-F2E13DC8E8C0", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.12.2:*:*:*:*:*:*:*", "matchCriteriaId": "189FE6D1-C001-4D43-BFD2-B8421C6FAB06", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.12.3:*:*:*:*:*:*:*", "matchCriteriaId": "CAF3866C-09D2-4564-A7AE-2C49A5E8480C", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.12.4:*:*:*:*:*:*:*", "matchCriteriaId": "A43C280F-A571-4EF9-B301-244B05750933", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.13.0:*:*:*:*:*:*:*", "matchCriteriaId": "D37AC0D5-6811-4FE2-83BB-FEF44B228645", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.13.1:*:*:*:*:*:*:*", "matchCriteriaId": "D2B24274-2F2F-4F3A-8978-390BF69EF0AD", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.13.2:*:*:*:*:*:*:*", "matchCriteriaId": "14959178-17D0-4794-867F-AB62501EEF24", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.13.3:*:*:*:*:*:*:*", "matchCriteriaId": "C1129356-C0B0-4130-A1EF-888B02783317", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.13.4:*:*:*:*:*:*:*", "matchCriteriaId": "2CD0FA23-F797-4FB5-85AD-29AED926E02D", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.14.0:*:*:*:*:*:*:*", "matchCriteriaId": "77B06D79-50AD-49D0-B372-25CA226EEA80", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.14.1:*:*:*:*:*:*:*", "matchCriteriaId": "A34735C6-2738-4CCC-9322-8F7584AB616D", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.14.2:*:*:*:*:*:*:*", "matchCriteriaId": "339A5BC3-7AED-4912-B6D3-BBD5FBF4AA02", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.14.3:*:*:*:*:*:*:*", "matchCriteriaId": "325750AA-5E10-457E-88E8-439DFB81FE1E", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.14.4:*:*:*:*:*:*:*", "matchCriteriaId": "235861C5-B126-4A27-A51F-94568DBA5FBB", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.14.5:*:*:*:*:*:*:*", "matchCriteriaId": "0EE3D5F0-DA69-453A-9729-03FD1151D94E", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.15.0:*:*:*:*:*:*:*", "matchCriteriaId": "83E52568-A112-4533-9CFA-55D35F40AA9A", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.15.1:*:*:*:*:*:*:*", "matchCriteriaId": "38A9C7A2-DAC5-4334-9A88-CF9085A34186", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:foolabs:xpdf:0.5a:*:*:*:*:*:*:*", "matchCriteriaId": "B8ABE533-8FC1-45E6-B574-A4CC7571EF7C", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.7a:*:*:*:*:*:*:*", "matchCriteriaId": "1B02805E-7BD0-4563-82C8-6FFB982D4913", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.91a:*:*:*:*:*:*:*", "matchCriteriaId": "852F526D-F388-4FF0-BDD9-DF7635DB46D8", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.91b:*:*:*:*:*:*:*", "matchCriteriaId": "478D53EA-CC8C-4ECB-8410-0910505AD819", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.91c:*:*:*:*:*:*:*", "matchCriteriaId": "8C84FB90-FF1C-4502-B2D2-390438DD422F", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.92a:*:*:*:*:*:*:*", "matchCriteriaId": "13341DAE-D16D-41A7-BF17-FEC802997B15", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.92b:*:*:*:*:*:*:*", "matchCriteriaId": "3E30BAEA-231C-4A82-B014-9EE3D1E81545", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.92c:*:*:*:*:*:*:*", "matchCriteriaId": "FE1DE5A5-6448-43F6-A612-56998D16E6B9", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.92d:*:*:*:*:*:*:*", "matchCriteriaId": "35F84699-D4CF-4FD1-A959-53E316559EBE", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.92e:*:*:*:*:*:*:*", "matchCriteriaId": "D820DFD5-0EF9-4C9A-B281-D553A4F63141", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.93a:*:*:*:*:*:*:*", "matchCriteriaId": "E2EFC7E4-E513-42DB-BDA5-8D1E497971DD", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.93b:*:*:*:*:*:*:*", "matchCriteriaId": "0AA5CDDC-BFDE-4C5E-920F-5DA1B3C51B52", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.93c:*:*:*:*:*:*:*", "matchCriteriaId": "F4CF839D-D034-4D47-977F-7E27B36EF04F", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:1.00a:*:*:*:*:*:*:*", "matchCriteriaId": "F3B3E8A4-14FE-42DA-B82E-839B092B5302", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:3.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "52D79ABD-202F-464F-B6C3-B225FD37DD3F", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:3.02pl1:*:*:*:*:*:*:*", "matchCriteriaId": "0BC500DA-7B3F-4CD5-BB0E-B244000CD19D", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:3.02pl2:*:*:*:*:*:*:*", "matchCriteriaId": "9D5D9CEA-0707-46FC-AEC3-9EC540B22BC3", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:3.02pl3:*:*:*:*:*:*:*", "matchCriteriaId": "BD38AC59-7518-40FB-BC29-EC64142DE682", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:*:*:*:*:*:*:*:*", "matchCriteriaId": "32628280-E2DB-45E0-AB8A-CFC90419A182", "versionEndIncluding": "3.02", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.2:*:*:*:*:*:*:*", "matchCriteriaId": "DEF5EC54-9145-4B51-8241-C9343160BF80", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.3:*:*:*:*:*:*:*", "matchCriteriaId": "D33C2C1D-C1C1-4B1D-BDC8-6480CE8EC24B", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.4:*:*:*:*:*:*:*", "matchCriteriaId": "D1344DF7-9917-4DB0-9256-9E8131C55B0A", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.5:*:*:*:*:*:*:*", "matchCriteriaId": "309F0CF2-4AF7-4F46-91EA-39BA07BAF312", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.6:*:*:*:*:*:*:*", "matchCriteriaId": "36FA872B-74B8-48E4-9D5C-5ACA6FCB8026", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.7:*:*:*:*:*:*:*", "matchCriteriaId": "20311EDE-0E34-432A-AE41-F61EA68F134A", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.80:*:*:*:*:*:*:*", "matchCriteriaId": "16FEF460-3569-4294-ABA4-D7C251D67071", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.90:*:*:*:*:*:*:*", "matchCriteriaId": "BB41E8C2-BBCC-48CB-805B-23411D39E936", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.91:*:*:*:*:*:*:*", "matchCriteriaId": "16670F8A-E70B-4CDF-8C61-414D86E20C84", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.92:*:*:*:*:*:*:*", "matchCriteriaId": "69483A91-53DB-4736-908F-7B14EFB40888", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.93:*:*:*:*:*:*:*", "matchCriteriaId": "5B3E7962-0A95-4E7B-A983-683B02350B93", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:1.00:*:*:*:*:*:*:*", "matchCriteriaId": "BD1120B3-3372-417B-BCA0-FD515638FBFB", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:1.01:*:*:*:*:*:*:*", "matchCriteriaId": "F7397645-3225-4980-8465-28F93322B58B", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.00:*:*:*:*:*:*:*", "matchCriteriaId": "1672587F-ED28-4A8A-A6C1-AD1D6B5DF9F3", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.01:*:*:*:*:*:*:*", "matchCriteriaId": "D5A45EAF-B511-4360-A201-D588E7EEB39D", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.02:*:*:*:*:*:*:*", "matchCriteriaId": "D14637F7-DC99-4AC4-854C-DBA0B4C6BE54", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.03:*:*:*:*:*:*:*", "matchCriteriaId": "9EE03979-D564-4ABD-BEBD-E86E7C1BAF9D", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.00:*:*:*:*:*:*:*", "matchCriteriaId": "15D08CFD-BEE1-4DEE-926D-F4291F88224D", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.01:*:*:*:*:*:*:*", "matchCriteriaId": "D244903F-5407-4C35-AE2C-1A05D3C227D4", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.02:*:*:*:*:*:*:*", "matchCriteriaId": "F7D4E256-FF91-47BA-B1D4-940FB2D970AF", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:kdegraphics:*:*:*:*:*:*:*:*", "matchCriteriaId": "3A0E0FC3-B53F-462D-8562-D2464BB111E2", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "The FoFiType1::parse function in fofi/FoFiType1.cc in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, kdegraphics, and possibly other products allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a PDF file with a crafted PostScript Type1 font that contains a negative array index, which bypasses input validation and triggers memory corruption." }, { "lang": "es", "value": "La funci\u00f3n FoFiType1::parse en fofi/FoFiType1.cc del parseador de PDF de xpdf antes de v3.02pl5, poppler v0.8.7 y posiblemente otras versiones hasta v0.15.1, kdegraphics, y posiblemente otros productos, permite a atacantes dependientes del contexto provocar una denegaci\u00f3n de servicio (ca\u00edda de la aplicaci\u00f3n) y posiblemente ejecutar c\u00f3digo arbitrario mediante un archivo PDF con una fuente Type1 modificada que contiene un \u00edndice de matriz negativo, el cual se salta la validaci\u00f3n de entrada y que provoca una corrupci\u00f3n de memoria." } ], "id": "CVE-2010-3704", "lastModified": "2025-04-11T00:51:21.963", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2010-11-05T18:00:25.983", "references": [ { "source": "secalert@redhat.com", "tags": [ "Patch" ], "url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl5.patch" }, { "source": "secalert@redhat.com", "tags": [ "Patch" ], "url": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=39d140bfc0b8239bdd96d6a55842034ae5c05473" }, { "source": "secalert@redhat.com", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050268.html" }, { "source": "secalert@redhat.com", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050285.html" }, { "source": "secalert@redhat.com", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050390.html" }, { "source": "secalert@redhat.com", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049392.html" }, { "source": "secalert@redhat.com", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049523.html" }, { "source": "secalert@redhat.com", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049545.html" }, { "source": "secalert@redhat.com", "url": "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00006.html" }, { "source": "secalert@redhat.com", "url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html" }, { "source": "secalert@redhat.com", "url": "http://rhn.redhat.com/errata/RHSA-2012-1201.html" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/42141" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/42357" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/42397" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/42691" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/43079" }, { "source": "secalert@redhat.com", "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2010\u0026m=slackware-security.571720" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2010/dsa-2119" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2010/dsa-2135" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:228" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:229" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:230" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:231" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:144" }, { "source": "secalert@redhat.com", "url": "http://www.openoffice.org/security/cves/CVE-2010-3702_CVE-2010-3704.html" }, { "source": "secalert@redhat.com", "url": "http://www.openwall.com/lists/oss-security/2010/10/04/6" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/support/errata/RHSA-2010-0749.html" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/support/errata/RHSA-2010-0751.html" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/support/errata/RHSA-2010-0752.html" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/support/errata/RHSA-2010-0753.html" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/support/errata/RHSA-2010-0859.html" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/bid/43841" }, { "source": "secalert@redhat.com", "url": "http://www.ubuntu.com/usn/USN-1005-1" }, { "source": "secalert@redhat.com", "url": "http://www.vupen.com/english/advisories/2010/2897" }, { "source": "secalert@redhat.com", "url": "http://www.vupen.com/english/advisories/2010/3097" }, { "source": "secalert@redhat.com", "url": "http://www.vupen.com/english/advisories/2011/0230" }, { "source": "secalert@redhat.com", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=638960" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl5.patch" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=39d140bfc0b8239bdd96d6a55842034ae5c05473" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050268.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050285.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050390.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049392.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049523.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049545.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00006.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://rhn.redhat.com/errata/RHSA-2012-1201.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/42141" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/42357" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/42397" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/42691" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/43079" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2010\u0026m=slackware-security.571720" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2010/dsa-2119" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2010/dsa-2135" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:228" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:229" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:230" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:231" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:144" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.openoffice.org/security/cves/CVE-2010-3702_CVE-2010-3704.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.openwall.com/lists/oss-security/2010/10/04/6" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2010-0749.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2010-0751.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2010-0752.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2010-0753.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2010-0859.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/43841" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ubuntu.com/usn/USN-1005-1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2010/2897" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2010/3097" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2011/0230" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=638960" } ], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-20" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2009-04-23 17:30
Modified
2025-04-09 00:30
Severity ?
Summary
Multiple "input validation flaws" in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allow remote attackers to execute arbitrary code via a crafted PDF file.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:foolabs:xpdf:0.5a:*:*:*:*:*:*:*", "matchCriteriaId": "B8ABE533-8FC1-45E6-B574-A4CC7571EF7C", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.7a:*:*:*:*:*:*:*", "matchCriteriaId": "1B02805E-7BD0-4563-82C8-6FFB982D4913", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.91a:*:*:*:*:*:*:*", "matchCriteriaId": "852F526D-F388-4FF0-BDD9-DF7635DB46D8", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.91b:*:*:*:*:*:*:*", "matchCriteriaId": "478D53EA-CC8C-4ECB-8410-0910505AD819", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.91c:*:*:*:*:*:*:*", "matchCriteriaId": "8C84FB90-FF1C-4502-B2D2-390438DD422F", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.92a:*:*:*:*:*:*:*", "matchCriteriaId": "13341DAE-D16D-41A7-BF17-FEC802997B15", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.92b:*:*:*:*:*:*:*", "matchCriteriaId": "3E30BAEA-231C-4A82-B014-9EE3D1E81545", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.92c:*:*:*:*:*:*:*", "matchCriteriaId": "FE1DE5A5-6448-43F6-A612-56998D16E6B9", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.92d:*:*:*:*:*:*:*", "matchCriteriaId": "35F84699-D4CF-4FD1-A959-53E316559EBE", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.92e:*:*:*:*:*:*:*", "matchCriteriaId": "D820DFD5-0EF9-4C9A-B281-D553A4F63141", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.93a:*:*:*:*:*:*:*", "matchCriteriaId": "E2EFC7E4-E513-42DB-BDA5-8D1E497971DD", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.93b:*:*:*:*:*:*:*", "matchCriteriaId": "0AA5CDDC-BFDE-4C5E-920F-5DA1B3C51B52", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:0.93c:*:*:*:*:*:*:*", "matchCriteriaId": "F4CF839D-D034-4D47-977F-7E27B36EF04F", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:1.00a:*:*:*:*:*:*:*", "matchCriteriaId": "F3B3E8A4-14FE-42DA-B82E-839B092B5302", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:*:*:*:*:*:*:*:*", "matchCriteriaId": "32628280-E2DB-45E0-AB8A-CFC90419A182", "versionEndIncluding": "3.02", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.2:*:*:*:*:*:*:*", "matchCriteriaId": "DEF5EC54-9145-4B51-8241-C9343160BF80", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.3:*:*:*:*:*:*:*", "matchCriteriaId": "D33C2C1D-C1C1-4B1D-BDC8-6480CE8EC24B", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.4:*:*:*:*:*:*:*", "matchCriteriaId": "D1344DF7-9917-4DB0-9256-9E8131C55B0A", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.5:*:*:*:*:*:*:*", "matchCriteriaId": "309F0CF2-4AF7-4F46-91EA-39BA07BAF312", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.6:*:*:*:*:*:*:*", "matchCriteriaId": "36FA872B-74B8-48E4-9D5C-5ACA6FCB8026", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.7:*:*:*:*:*:*:*", "matchCriteriaId": "20311EDE-0E34-432A-AE41-F61EA68F134A", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.80:*:*:*:*:*:*:*", "matchCriteriaId": "16FEF460-3569-4294-ABA4-D7C251D67071", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.90:*:*:*:*:*:*:*", "matchCriteriaId": "BB41E8C2-BBCC-48CB-805B-23411D39E936", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.91:*:*:*:*:*:*:*", "matchCriteriaId": "16670F8A-E70B-4CDF-8C61-414D86E20C84", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.92:*:*:*:*:*:*:*", "matchCriteriaId": "69483A91-53DB-4736-908F-7B14EFB40888", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.93:*:*:*:*:*:*:*", "matchCriteriaId": "5B3E7962-0A95-4E7B-A983-683B02350B93", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:1.00:*:*:*:*:*:*:*", "matchCriteriaId": "BD1120B3-3372-417B-BCA0-FD515638FBFB", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:1.01:*:*:*:*:*:*:*", "matchCriteriaId": "F7397645-3225-4980-8465-28F93322B58B", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.00:*:*:*:*:*:*:*", "matchCriteriaId": "1672587F-ED28-4A8A-A6C1-AD1D6B5DF9F3", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.01:*:*:*:*:*:*:*", "matchCriteriaId": "D5A45EAF-B511-4360-A201-D588E7EEB39D", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.02:*:*:*:*:*:*:*", "matchCriteriaId": "D14637F7-DC99-4AC4-854C-DBA0B4C6BE54", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.03:*:*:*:*:*:*:*", "matchCriteriaId": "9EE03979-D564-4ABD-BEBD-E86E7C1BAF9D", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.00:*:*:*:*:*:*:*", "matchCriteriaId": "15D08CFD-BEE1-4DEE-926D-F4291F88224D", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.01:*:*:*:*:*:*:*", "matchCriteriaId": "D244903F-5407-4C35-AE2C-1A05D3C227D4", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:poppler:poppler:*:*:*:*:*:*:*:*", "matchCriteriaId": "E0299F4A-A027-430C-9A53-AFEF9022960C", "versionEndIncluding": "0.10.5", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.1:*:*:*:*:*:*:*", "matchCriteriaId": "E23EBF88-10DE-4EA6-9F0E-F33C88541F65", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "54F75CFD-3523-4017-992C-4FA6406D49F2", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "DB116A19-6436-40BE-B5C6-32C22D888B9A", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "8A4C1429-593B-47B6-AC84-832F2296FAB5", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "18240BA6-3390-4925-AC25-DA4C42397CF7", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "3090A142-2240-4A8D-A122-C037931A277C", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "EFD63240-4599-4212-8AF2-7C4089CA9D28", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "3C7EE965-EE3F-4B17-AF38-FA3AA0B11164", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "7BE488E5-B3D9-4723-ABBA-A8753EC2DA2D", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "1259C59E-517F-40BE-8BA6-01AB76257C9A", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "63C92F1C-3005-4EA6-B9C0-2BC2E3D611D6", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "576152B4-9ACD-4C4E-B423-4A5EF44332D0", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.4:*:*:*:*:*:*:*", "matchCriteriaId": "322F9E62-6A74-4805-8F6B-9C61739B2D4E", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "F51C453F-6A87-49FB-83F6-22316F28161F", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "75F532F0-6653-4275-A85A-BD9A9A611E96", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "4CC7300E-0CBE-47FD-A241-B4B4F0164EBB", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "255102DA-A2C0-4795-9539-B4CBD587554A", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "349B06F1-772A-4A12-A7B9-EA220ED96D2C", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.9:*:*:*:*:*:*:*", "matchCriteriaId": "B779800A-FF4B-47DD-B56F-77D10D6A335C", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.90:*:*:*:*:*:*:*", "matchCriteriaId": "F0213390-08FA-4E04-835B-8BE0FC61B464", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.91:*:*:*:*:*:*:*", "matchCriteriaId": "0B304657-740A-4F8D-99CD-22E283FEE6F1", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "178680C2-DB1B-4250-9B6E-6ADABA60DE44", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "FCA9036F-92DA-45C2-9FBC-DE03444D34F1", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "B6855B98-DAA2-4850-A765-2F4D6D93A424", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "4743EC55-B61D-4C1A-9ED7-060268F2DB27", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.6.4:*:*:*:*:*:*:*", "matchCriteriaId": "8CD4454E-3D2B-4582-B5E5-0317A6417654", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.7.0:*:*:*:*:*:*:*", "matchCriteriaId": "96402B67-A7A8-44E3-914E-A10A69FAD735", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "66C608C8-F382-4D6B-A638-98763C1CBB66", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.7.2:*:*:*:*:*:*:*", "matchCriteriaId": "21F0F4E0-91B7-4B1F-BFA9-829101A7F90A", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.7.3:*:*:*:*:*:*:*", "matchCriteriaId": "22287102-80B1-4E1F-85E4-488B020A51E0", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.0:*:*:*:*:*:*:*", "matchCriteriaId": "FF3030D6-DE07-418B-AB40-87C85FCA3C58", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.1:*:*:*:*:*:*:*", "matchCriteriaId": "D3583D56-F653-457A-B1F8-25842A15CB82", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.2:*:*:*:*:*:*:*", "matchCriteriaId": "6EEA5DBB-5A80-439E-A135-77CB40772916", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.3:*:*:*:*:*:*:*", "matchCriteriaId": "D4A5C43B-3978-4D0A-8166-A99622106781", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.4:*:*:*:*:*:*:*", "matchCriteriaId": "2A940AF2-A7CA-408F-86E2-797C7BA8A6BD", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.5:*:*:*:*:*:*:*", "matchCriteriaId": "8B2CD8A0-2DBA-4AC9-A97D-D4DAEB6C7A74", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.6:*:*:*:*:*:*:*", "matchCriteriaId": "AA56CB7C-E7B3-4F0B-8BEB-F133FAF0D6FC", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.7:*:*:*:*:*:*:*", "matchCriteriaId": "6323ED7A-6FE8-4885-B743-3E2F82ECA08B", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.9.0:*:*:*:*:*:*:*", "matchCriteriaId": "90D3345C-2D35-413C-B6F9-C308BC7C2AA6", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.9.1:*:*:*:*:*:*:*", "matchCriteriaId": "26216EEC-26B7-41C8-ADFB-64D2EA8DAA8F", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.9.2:*:*:*:*:*:*:*", "matchCriteriaId": "A9D3618D-A183-4B09-9CA2-8D622C3486DD", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.9.3:*:*:*:*:*:*:*", "matchCriteriaId": "A88294D9-563E-4AB3-9FE6-971F43B052B4", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.0:*:*:*:*:*:*:*", "matchCriteriaId": "1A39F672-B238-4B21-A48E-5121771949F3", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.1:*:*:*:*:*:*:*", "matchCriteriaId": "58A5D199-E952-44B5-B5E5-170040FA813E", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.2:*:*:*:*:*:*:*", "matchCriteriaId": "349B4B75-32E2-49FB-9606-8B057AFA2E3E", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.3:*:*:*:*:*:*:*", "matchCriteriaId": "55A8D058-224E-467E-AB61-06F90B541F24", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.4:*:*:*:*:*:*:*", "matchCriteriaId": "77C47EDD-2212-4259-8229-FF05E1A7B5AD", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:apple:cups:*:*:*:*:*:*:*:*", "matchCriteriaId": "B4E90153-8D18-4A50-9581-895C851F6489", "versionEndIncluding": "1.3.9", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "E4D89E03-94D0-4F7F-9A54-3021E3E5A321", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "298D6BE7-7683-4225-8DD6-4C0FC5EB48BC", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "230B77E7-B1AE-4470-859D-7B5F99749D74", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "F8FECBBD-B1A2-4F42-8A68-32AB8331BDC7", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "7B6070FC-4566-4314-940E-0AAE34B56E28", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.5:*:*:*:*:*:*:*", "matchCriteriaId": "BC691F07-8B38-4867-AB18-51F380CAEA46", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.5-1:*:*:*:*:*:*:*", "matchCriteriaId": "E943EFBF-39A7-408F-8AC5-677E83DFDBB4", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.5-2:*:*:*:*:*:*:*", "matchCriteriaId": "5EA7725A-4398-4C76-BEBF-10E56C7F34F4", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.6:*:*:*:*:*:*:*", "matchCriteriaId": "D7415295-0FBF-4946-8D99-8CB2EC391319", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.6-1:*:*:*:*:*:*:*", "matchCriteriaId": "7C702EE3-4B7C-42EA-92AA-8717807CF67C", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.6-2:*:*:*:*:*:*:*", "matchCriteriaId": "73F74581-D71C-4FEC-BA8C-85EF4C1991BD", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.6-3:*:*:*:*:*:*:*", "matchCriteriaId": "7ABCFB52-33D3-428C-B1D5-DCE504170A37", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.7:*:*:*:*:*:*:*", "matchCriteriaId": "45F03F2B-6AC3-4872-9032-293C2E9B837C", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.8:*:*:*:*:*:*:*", "matchCriteriaId": "7E02B6FB-C36D-45F3-95F3-566CA03B29A3", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.9:*:*:*:*:*:*:*", "matchCriteriaId": "96093309-A87D-48D0-84DA-446255ABF231", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.9-1:*:*:*:*:*:*:*", "matchCriteriaId": "CF67F149-614B-4507-A15F-E557A1B73423", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.10:*:*:*:*:*:*:*", "matchCriteriaId": "B4A14432-D8A1-4D19-9408-B9B4F2FC6B0A", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.10-1:*:*:*:*:*:*:*", "matchCriteriaId": "49862F77-B8DE-4AA7-AE17-B348B05AC00E", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.11:*:*:*:*:*:*:*", "matchCriteriaId": "78D7719F-03E0-4E66-A50A-F8E857A9B6AD", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.12:*:*:*:*:*:*:*", "matchCriteriaId": "F3139FDA-9476-4414-B349-7119E63FD268", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.13:*:*:*:*:*:*:*", "matchCriteriaId": "523FE78C-441F-4ACD-B9F2-3E5293E277AB", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.14:*:*:*:*:*:*:*", "matchCriteriaId": "F887B5B1-7528-4086-AE6C-134F54A93342", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.15:*:*:*:*:*:*:*", "matchCriteriaId": "0D6D24ED-0D73-4CF2-B746-6EF29F2EF56F", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.16:*:*:*:*:*:*:*", "matchCriteriaId": "E8C5C552-6276-4791-80CD-6B3EB425EF04", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.17:*:*:*:*:*:*:*", "matchCriteriaId": "8335D4E3-563D-4288-B708-A9635BCA595F", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.18:*:*:*:*:*:*:*", "matchCriteriaId": "5279D055-248A-4BD1-9FBB-0024BA16DF5B", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.19:*:*:*:*:*:*:*", "matchCriteriaId": "BF791C1D-9AF8-4F0F-8F4B-844BC9A55DFD", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.19:rc1:*:*:*:*:*:*", "matchCriteriaId": "16519855-FCB9-44A8-9C7E-116192327BAB", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.19:rc2:*:*:*:*:*:*", "matchCriteriaId": "B1D9330B-C51A-4C7D-A322-85103C64D86C", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.19:rc3:*:*:*:*:*:*", "matchCriteriaId": "2DA0C19F-95EB-429C-AF06-A2C1D5643662", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.19:rc4:*:*:*:*:*:*", "matchCriteriaId": "225CCE80-FF4B-4B39-B8BD-EB4710047524", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.19:rc5:*:*:*:*:*:*", "matchCriteriaId": "07925DD8-50C0-4908-95D1-7342A4617BBC", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.20:*:*:*:*:*:*:*", "matchCriteriaId": "48A519DB-6C6D-4094-814D-33BD5EF389BC", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.20:rc1:*:*:*:*:*:*", "matchCriteriaId": "B6ED7566-5092-4B08-97A9-B2B53117A224", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.20:rc2:*:*:*:*:*:*", "matchCriteriaId": "98DCAC0C-896F-4353-A665-5BCD0D8AEBA5", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.20:rc3:*:*:*:*:*:*", "matchCriteriaId": "E72614CD-8F70-4E07-AD83-8FDE8026CEC7", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.20:rc4:*:*:*:*:*:*", "matchCriteriaId": "48E62419-C165-4B42-8C23-E24821BD4BB4", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.20:rc5:*:*:*:*:*:*", "matchCriteriaId": "217D804B-CA56-49CE-B9EB-2A297EB1763C", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.20:rc6:*:*:*:*:*:*", "matchCriteriaId": "A41E8583-C837-4871-B4D2-FD41C78D538E", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.21:*:*:*:*:*:*:*", "matchCriteriaId": "D480C37B-0DA8-4096-80B0-5198FE589A4B", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.21:rc1:*:*:*:*:*:*", "matchCriteriaId": "74F5A83B-3C1A-49F3-A9D6-F7B9B897E447", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.21:rc2:*:*:*:*:*:*", "matchCriteriaId": "241D4183-879D-4974-BACB-A6987EDA2E7D", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.22:*:*:*:*:*:*:*", "matchCriteriaId": "96592A93-4967-4B91-BCF7-558DC472E7BC", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.22:rc1:*:*:*:*:*:*", "matchCriteriaId": "8758715D-B973-4960-8B7D-6F9A11E73288", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.22:rc2:*:*:*:*:*:*", "matchCriteriaId": "0370E9EB-B830-4362-B83C-912579695691", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.23:*:*:*:*:*:*:*", "matchCriteriaId": "DA3EC6EE-720D-4F27-A2E1-88AE53FC41A5", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.1.23:rc1:*:*:*:*:*:*", "matchCriteriaId": "D644926A-C2A5-45FE-85A3-2782CE87ED86", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "0696E675-0A13-45FC-8917-845E6FF7A311", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "78BAC98C-1FE6-42A3-8B62-E3C321914F6A", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "BCC3EF2F-0140-4185-9FB3-2B595B61CDC1", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "7C36785A-F735-45C0-986B-9624AD65F0C3", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "3C1D3916-607F-44E8-9D47-93C6C0789083", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.2.5:*:*:*:*:*:*:*", "matchCriteriaId": "174613C3-A04B-4701-849B-BAA598BF4F72", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.2.6:*:*:*:*:*:*:*", "matchCriteriaId": "81C1137C-BE3D-45F9-83C9-D212107F0E14", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.2.7:*:*:*:*:*:*:*", "matchCriteriaId": "3CBC1F81-E93A-42A7-8BC8-4B903688F2E0", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.2.8:*:*:*:*:*:*:*", "matchCriteriaId": "1FA876FF-C58A-45CF-A8E8-E2068DF79421", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.2.9:*:*:*:*:*:*:*", "matchCriteriaId": "5FD78771-BD9A-4AC2-B664-B189DD288FB2", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.2.10:*:*:*:*:*:*:*", "matchCriteriaId": "50A16424-732F-4B76-A753-1642A97BC1EA", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.2.11:*:*:*:*:*:*:*", "matchCriteriaId": "E189C976-2DD2-485C-828E-7FC3DC6A8F32", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.2.12:*:*:*:*:*:*:*", "matchCriteriaId": "A86CA90F-A944-4F3E-B75F-8147125335D2", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "9FAFABDC-E40F-4C53-AC66-94EFD077665D", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "42A2F7B3-F4A7-416E-A07F-D4C5F0768B6F", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "F96C1B80-9E20-4832-8308-BF7911569EF6", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "3F2D7DB3-F467-4BC0-83BB-4706D067A2C5", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.3.4:*:*:*:*:*:*:*", "matchCriteriaId": "ABD33C2C-7D39-4CCE-AC99-BC7B1B205A4F", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.3.5:*:*:*:*:*:*:*", "matchCriteriaId": "46C394DC-65A7-4713-B823-6F5D329A0C5C", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.3.6:*:*:*:*:*:*:*", "matchCriteriaId": "E5E9F74F-3C7D-486A-8BA1-EE2A73160B39", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.3.7:*:*:*:*:*:*:*", "matchCriteriaId": "69BD64BB-BDA7-4F82-8324-B7C7C941133C", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.3.8:*:*:*:*:*:*:*", "matchCriteriaId": "FCAEE03E-0B8A-4D10-BD4D-2DA25B7BBE16", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.3.10:*:*:*:*:*:*:*", "matchCriteriaId": "D8814509-8B08-46C6-AE50-19B7D30DCF40", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:cups:1.3.11:*:*:*:*:*:*:*", "matchCriteriaId": "0718FB6B-D787-409A-B535-0318F2C63A81", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Multiple \"input validation flaws\" in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allow remote attackers to execute arbitrary code via a crafted PDF file." }, { "lang": "es", "value": "M\u00faltiples \"Input validation flaws\" en el decodificador JBIG2 en Xpdf versi\u00f3n 3.02 PL2 y anteriores, CUPS versi\u00f3n 1.3.9 y anteriores, Poppler versi\u00f3n anterior a 0.10.6, y otros productos permiten a los atacantes remotos ejecutar c\u00f3digo arbitrario por medio de un archivo PDF creado" } ], "id": "CVE-2009-0800", "lastModified": "2025-04-09T00:30:58.490", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2009-04-23T17:30:01.717", "references": [ { "source": "secalert@redhat.com", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html" }, { "source": "secalert@redhat.com", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html" }, { "source": "secalert@redhat.com", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html" }, { "source": "secalert@redhat.com", "url": "http://poppler.freedesktop.org/releases.html" }, { "source": "secalert@redhat.com", "url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34291" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34481" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34746" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34755" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34756" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34852" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34959" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34963" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34991" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/35037" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/35064" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/35065" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/35618" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/35685" }, { "source": "secalert@redhat.com", "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2009/dsa-1790" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2009/dsa-1793" }, { "source": "secalert@redhat.com", "tags": [ "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/196617" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/bid/34568" }, { "source": "secalert@redhat.com", "url": "http://www.securitytracker.com/id?1022073" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/1065" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/1066" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/1076" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/1077" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2010/1040" }, { "source": "secalert@redhat.com", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=495887" }, { "source": "secalert@redhat.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11323" }, { "source": "secalert@redhat.com", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html" }, { "source": "secalert@redhat.com", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html" }, { "source": "secalert@redhat.com", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://poppler.freedesktop.org/releases.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34291" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34481" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34746" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34755" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34756" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34852" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34959" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34963" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/34991" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/35037" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/35064" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/35065" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/35618" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/35685" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2009/dsa-1790" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2009/dsa-1793" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/196617" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/34568" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id?1022073" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/1065" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/1066" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/1076" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/1077" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2010/1040" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=495887" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11323" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html" } ], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-20" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2005-12-31 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka "Infinite CPU spins."
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.22:*:*:*:*:*:*:*", "matchCriteriaId": "B1512A96-B8E7-4DB7-A4CB-8FD3773BFC97", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.22_rc1:*:*:*:*:*:*:*", "matchCriteriaId": "787B918D-9CCC-44FE-92AF-E8DF1E91A3C7", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.23:*:*:*:*:*:*:*", "matchCriteriaId": "C116493B-2837-4531-9291-A9FF03099A97", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.23_rc1:*:*:*:*:*:*:*", "matchCriteriaId": "525BD04B-387F-4713-BC89-472D0D0BCFD0", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:kdegraphics:3.2:*:*:*:*:*:*:*", "matchCriteriaId": "6BF92649-90CE-4E75-A938-61D0916B5A7E", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:kdegraphics:3.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "2CA505B4-0C17-49C8-9533-CA8CE3AA77D8", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:koffice:1.4:*:*:*:*:*:*:*", "matchCriteriaId": "37C08E0A-651F-458B-BCEC-A30DCD527E47", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:koffice:1.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "6000D6AF-C056-4BC0-A54C-72E23E52AB92", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:koffice:1.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "A7D036E4-FA49-417D-968B-9D73B16A09BA", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:kpdf:3.2:*:*:*:*:*:*:*", "matchCriteriaId": "EDAF6452-F3B0-4F62-893E-BCFA6AB7AE3B", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:kpdf:3.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "BC2AB9CB-DEAB-45AB-A7CA-D19E069907EC", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:kword:1.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "EAC32BAA-99B3-4B40-83A3-ED9E1B12B295", "vulnerable": true }, { "criteria": "cpe:2.3:a:libextractor:libextractor:*:*:*:*:*:*:*:*", "matchCriteriaId": "679D9520-DE8E-4D06-A227-3B1C1D05977D", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "63C92F1C-3005-4EA6-B9C0-2BC2E3D611D6", "vulnerable": true }, { "criteria": "cpe:2.3:a:sgi:propack:3.0:sp6:*:*:*:*:*:*", "matchCriteriaId": "EF8ABD90-AD2B-4FA0-A355-9D7CD6D3C486", "vulnerable": true }, { "criteria": "cpe:2.3:a:tetex:tetex:1.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "C86C7D6F-C39E-4403-86C6-F87599570E97", "vulnerable": true }, { "criteria": "cpe:2.3:a:tetex:tetex:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "236005A1-C175-44D3-8D0C-C48F943F3D66", "vulnerable": true }, { "criteria": "cpe:2.3:a:tetex:tetex:2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "0AF2AD80-5E65-4B57-933B-C395E98EF10D", "vulnerable": true }, { "criteria": "cpe:2.3:a:tetex:tetex:2.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "07C92A0E-1DDA-4F83-A904-24A35C38883A", "vulnerable": true }, { "criteria": "cpe:2.3:a:tetex:tetex:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "9178B36F-41D5-4AE7-B9C8-56BDEADE76EB", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "7B93B3ED-AF82-49A9-8C7F-E5F652F19669", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "A35FC777-A34E-4C7B-9E93-8F17F3AD5180", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "2CAE037F-111C-4A76-8FFE-716B74D65EF3", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:alpha:*:*:*:*:*", "matchCriteriaId": "A6B060E4-B5A6-4469-828E-211C52542547", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:arm:*:*:*:*:*", "matchCriteriaId": "974C3541-990C-4CD4-A05A-38FA74A84632", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:hppa:*:*:*:*:*", "matchCriteriaId": "6CBF1E0F-C7F3-4F83-9E60-6E63FA7D2775", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-32:*:*:*:*:*", "matchCriteriaId": "58792F77-B06F-4780-BA25-FE1EE6C3FDD9", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-64:*:*:*:*:*", "matchCriteriaId": "C9419322-572F-4BB6-8416-C5E96541CF33", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:m68k:*:*:*:*:*", "matchCriteriaId": "BFC50555-C084-46A3-9C9F-949C5E3BB448", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mips:*:*:*:*:*", "matchCriteriaId": "9C25D6E1-D283-4CEA-B47B-60C47A5C0797", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mipsel:*:*:*:*:*", "matchCriteriaId": "AD18A446-C634-417E-86AC-B19B6DDDC856", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ppc:*:*:*:*:*", "matchCriteriaId": "E4BB852E-61B2-4842-989F-C6C0C901A8D7", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:s-390:*:*:*:*:*", "matchCriteriaId": "24DD9D59-E2A2-4116-A887-39E8CC2004FC", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:sparc:*:*:*:*:*", "matchCriteriaId": "F28D7457-607E-4E0C-909A-413F91CFCD82", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*", "matchCriteriaId": "A2E0C1F8-31F5-4F61-9DF7-E49B43D3C873", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:alpha:*:*:*:*:*", "matchCriteriaId": "5BF84240-1881-4EFB-BB2F-F9CE8AD09C7B", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:amd64:*:*:*:*:*", "matchCriteriaId": "AF8AE8C4-810F-41AB-A251-5A2D4DD6884D", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:arm:*:*:*:*:*", "matchCriteriaId": "5EACF214-FA27-44FF-A431-927AB79377A1", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:hppa:*:*:*:*:*", "matchCriteriaId": "E2B58895-0E2A-4466-9CB2-0083349A83B2", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:ia-32:*:*:*:*:*", "matchCriteriaId": "03F8220A-9B1C-40AA-AEAB-F9A93225FBD5", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:ia-64:*:*:*:*:*", "matchCriteriaId": "2311919C-7864-469D-B0F6-9B11D8D0A1C3", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:m68k:*:*:*:*:*", "matchCriteriaId": "19876495-4C1A-487C-955A-C5AA46362A1F", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:mips:*:*:*:*:*", "matchCriteriaId": "D75286DD-50BC-4B72-8AC8-E20730124DC2", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:mipsel:*:*:*:*:*", "matchCriteriaId": "1998C972-497E-4916-B50E-FB32303EEA8E", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:ppc:*:*:*:*:*", "matchCriteriaId": "A6CD3DD9-3A8A-4716-A2D1-136A790AFF94", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:s-390:*:*:*:*:*", "matchCriteriaId": "6CE2020A-4FB2-4FCD-8561-7BD147CD95EB", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:sparc:*:*:*:*:*", "matchCriteriaId": "08E90AFA-C262-46D0-B60E-26B67C9602D5", "vulnerable": true }, { "criteria": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*", "matchCriteriaId": "647BA336-5538-4972-9271-383A0EC9378E", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*", "matchCriteriaId": "3528DABD-B821-4D23-AE12-614A9CA92C46", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:x86-64:*:*:*:*:*", "matchCriteriaId": "0315FB43-D199-4734-B724-50ED031C0020", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.2:*:*:*:*:*:*:*", "matchCriteriaId": "11D69B83-4EF3-407B-8E8C-DE623F099C17", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.2:*:x86-64:*:*:*:*:*", "matchCriteriaId": "7D221688-18A0-453D-8D13-6B68011FCA13", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2006:*:*:*:*:*:*:*", "matchCriteriaId": "597094EC-D23F-4EC4-A140-96F287679124", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2006:*:x86-64:*:*:*:*:*", "matchCriteriaId": "C4FCF0D3-A6CB-448E-B0D3-DA82BE02DEC8", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*", "matchCriteriaId": "E0F0D201-B1DC-4024-AF77-A284673618F3", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:x86_64:*:*:*:*:*", "matchCriteriaId": "052E3862-BFB7-42E7-889D-8590AFA8EF37", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "2BB0B27C-04EA-426F-9016-7406BACD91DF", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:x86_64:*:*:*:*:*", "matchCriteriaId": "BB2B1BA5-8370-4281-B5C9-3D4FE6C70FBC", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*", "matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*", "matchCriteriaId": "A4A9461E-C117-42EC-9F14-DF2A82BA7C5D", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "E0B458EA-495E-40FA-9379-C03757F7B1EE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:*", "matchCriteriaId": "409E324A-C040-494F-A026-9DCAE01C07F8", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*", "matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*", "matchCriteriaId": "6474B775-C893-491F-A074-802AFB1FEDD8", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*", "matchCriteriaId": "78B46FFA-5B09-473E-AD33-3DB18BD0DAFE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*", "matchCriteriaId": "0EFE2E73-9536-41A9-B83B-0A06B54857F4", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:advanced_server:*:*:*:*:*", "matchCriteriaId": "F9440B25-D206-4914-9557-B5F030890DEC", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "E9933557-3BCA-4D92-AD4F-27758A0D3347", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:workstation:*:*:*:*:*", "matchCriteriaId": "10A60552-15A5-4E95-B3CE-99A4B26260C1", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "7D74A418-50F0-42C0-ABBC-BBBE718FF025", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:fedora_core:core_1.0:*:*:*:*:*:*:*", "matchCriteriaId": "3C84296C-2C8A-4DCD-9751-52951F8BEA9F", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*", "matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*", "matchCriteriaId": "EC80CF67-C51D-442C-9526-CFEDE84A6304", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:fedora_core:core_4.0:*:*:*:*:*:*:*", "matchCriteriaId": "C720DACC-CF4B-4A00-818C-8303A7D7DED6", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.3:*:i386:*:*:*:*:*", "matchCriteriaId": "9B502A61-44FB-4CD4-85BE-88D4ACCCA441", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:9.0:*:i386:*:*:*:*:*", "matchCriteriaId": "F3FDE8C4-5FFD-4CC2-9F35-7C32043966D1", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*", "matchCriteriaId": "84A50ED3-FD0D-4038-B3E7-CC65D166C968", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium:*:*:*:*:*", "matchCriteriaId": "8DBD9D3C-40AB-449D-A9A8-A09DF2DEDB96", "vulnerable": true }, { "criteria": "cpe:2.3:o:sco:openserver:5.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "D9D76A8D-832B-411E-A458-186733C66010", "vulnerable": true }, { "criteria": "cpe:2.3:o:sco:openserver:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "7458BA31-812E-40C9-BB92-8688A3BCBA56", "vulnerable": true }, { "criteria": "cpe:2.3:o:slackware:slackware_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "300A6A65-05FD-401C-80F6-B5F5B1F056E0", "vulnerable": true }, { "criteria": "cpe:2.3:o:slackware:slackware_linux:9.1:*:*:*:*:*:*:*", "matchCriteriaId": "AA3D53C9-3806-45E6-8AE9-7D41280EF64C", "vulnerable": true }, { "criteria": "cpe:2.3:o:slackware:slackware_linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "D29C5A03-A7C9-4780-BB63-CF1E874D018D", "vulnerable": true }, { "criteria": "cpe:2.3:o:slackware:slackware_linux:10.1:*:*:*:*:*:*:*", "matchCriteriaId": "B85EF0EE-3E61-4CA3-9F00-610AB2E1CFCF", "vulnerable": true }, { "criteria": "cpe:2.3:o:slackware:slackware_linux:10.2:*:*:*:*:*:*:*", "matchCriteriaId": "70440F49-AEE9-41BE-8E1A-43AB657C8E09", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "02EE2D72-B1E6-4380-80B0-E40A23DDD115", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "F7446746-87B7-4BD3-AABF-1E0FAA8265AB", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:personal:*:*:*:*:*", "matchCriteriaId": "F239BA8A-6B41-4B08-8C7C-25D235812C50", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:professional:*:*:*:*:*", "matchCriteriaId": "89BA858B-9466-4640-84AE-DC5BDC65D6B8", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:s_390:*:*:*:*:*", "matchCriteriaId": "85F2D904-E830-4034-9CCB-0FF65019622C", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*", "matchCriteriaId": "56EF103F-5668-4754-A83B-D3662D0CE815", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:personal:*:*:*:*:*", "matchCriteriaId": "3EA56868-ACA1-4C65-9FFB-A68129D2428A", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:professional:*:*:*:*:*", "matchCriteriaId": "1BA2E629-58C6-4BA0-A447-F8F570B35E74", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:x86_64:*:*:*:*:*", "matchCriteriaId": "D5F98B9A-880E-45F0-8C16-12B22970F0D1", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:personal:*:*:*:*:*", "matchCriteriaId": "3BEE15E9-9194-4E37-AB3B-66ECD5AC9E11", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:professional:*:*:*:*:*", "matchCriteriaId": "C89BA3B6-370B-4911-A363-935A9C9EACF5", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:x86_64:*:*:*:*:*", "matchCriteriaId": "B905C6E9-5058-4FD7-95B6-CD6AB6B2F516", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.3:*:personal:*:*:*:*:*", "matchCriteriaId": "4F1B4D15-0562-44D6-B80B-35A8F432BD41", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.3:*:professional:*:*:*:*:*", "matchCriteriaId": "D84ABF78-0D85-4E15-907E-B5ACE86EB8C7", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.3:*:x86_64:*:*:*:*:*", "matchCriteriaId": "9C7018E7-F90C-435D-A07A-05A294EA2827", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:10.0:*:oss:*:*:*:*:*", "matchCriteriaId": "16915004-1006-41D6-9E42-D1A5041E442D", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:10.0:*:professional:*:*:*:*:*", "matchCriteriaId": "994ABCE2-3B9E-4E4E-83F7-CE2A79C70F64", "vulnerable": true }, { "criteria": "cpe:2.3:o:trustix:secure_linux:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "53AF1A2D-B0A2-4097-AD1D-DF3AF27171BA", "vulnerable": true }, { "criteria": "cpe:2.3:o:trustix:secure_linux:2.2:*:*:*:*:*:*:*", "matchCriteriaId": "5AB70F82-52BB-4D0D-9A24-9AF67278466D", "vulnerable": true }, { "criteria": "cpe:2.3:o:trustix:secure_linux:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "100A2456-BF20-4461-8DC9-C61889322B29", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux:10:*:*:*:*:*:*:*", "matchCriteriaId": "1C7D4F57-E186-497A-B390-92E5D2C7E894", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux:fuji:*:*:*:*:*:*:*", "matchCriteriaId": "CEC3F6F3-9A6E-4A98-A967-6776C872475C", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_appliance_server:1.0_hosting_edition:*:*:*:*:*:*:*", "matchCriteriaId": "FC3218DD-A565-4AB8-86FE-E7F59AC0535F", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_appliance_server:1.0_workgroup_edition:*:*:*:*:*:*:*", "matchCriteriaId": "97AEDB57-202F-4B53-8815-21836F177060", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_desktop:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "31C3FFDD-03BF-4FD4-B7A7-B62AFD5DBA19", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_home:*:*:*:*:*:*:*:*", "matchCriteriaId": "065FF0F1-7FAC-4584-92EA-EAA87DC76FA1", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_multimedia:*:*:*:*:*:*:*:*", "matchCriteriaId": "E27180A1-9767-4CD3-978C-7538155B162D", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_personal:*:*:*:*:*:*:*:*", "matchCriteriaId": "BAAA9376-A060-49AE-86A7-6B28E26ED5D9", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_server:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "E06DCF0D-3241-453A-A0E4-937FE25EC404", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_server:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "B484D091-62DE-4EF2-AC54-26896CA8B315", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_server:10.0_x86:*:*:*:*:*:*:*", "matchCriteriaId": "EC5AC26E-3F3F-4D14-BE65-82B4432AB382", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_workstation:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "9428589A-0BD2-469E-978D-38239117D972", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ia64:*:*:*:*:*", "matchCriteriaId": "6E94583A-5184-462E-9FC4-57B35DA06DA7", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ppc:*:*:*:*:*", "matchCriteriaId": "E905FAAD-37B6-4DD0-A752-2974F8336273", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:amd64:*:*:*:*:*", "matchCriteriaId": "3BD12488-1ED8-4751-ABF5-3578D54750A8", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:i386:*:*:*:*:*", "matchCriteriaId": "AE3733CF-4C88-443C-9B90-6477C9C500D0", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:powerpc:*:*:*:*:*", "matchCriteriaId": "9C500A75-D75E-45B4-B582-0F0DF27C3C04", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:amd64:*:*:*:*:*", "matchCriteriaId": "86FD134D-A5C5-4B08-962D-70CF07C74923", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:i386:*:*:*:*:*", "matchCriteriaId": "FA84692E-F99D-4207-B4F2-799A6ADB88AD", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:powerpc:*:*:*:*:*", "matchCriteriaId": "8B0F1091-4B76-44F5-B896-6D37E2F909A2", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka \"Infinite CPU spins.\"" } ], "id": "CVE-2005-3625", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2005-12-31T05:00:00.000", "references": [ { "source": "secalert@redhat.com", "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt" }, { "source": "secalert@redhat.com", "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U" }, { "source": "secalert@redhat.com", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U" }, { "source": "secalert@redhat.com", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U" }, { "source": "secalert@redhat.com", "tags": [ "Patch" ], "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html" }, { "source": "secalert@redhat.com", "tags": [ "Exploit" ], "url": "http://scary.beasts.org/security/CESA-2005-003.txt" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18147" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18303" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18312" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18313" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18329" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18332" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18334" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18335" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18338" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18349" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18373" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18375" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18380" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18385" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18387" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18389" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18398" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18407" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18414" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18416" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18423" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18425" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18428" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18436" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18448" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18463" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18517" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18534" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18554" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18582" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18642" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18644" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18674" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18675" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18679" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18908" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18913" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/19230" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/19377" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/25729" }, { "source": "secalert@redhat.com", "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683" }, { "source": "secalert@redhat.com", "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747" }, { "source": "secalert@redhat.com", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2005/dsa-931" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2005/dsa-932" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2005/dsa-937" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2005/dsa-938" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2005/dsa-940" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2006/dsa-936" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2006/dsa-950" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2006/dsa-961" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2006/dsa-962" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml" }, { "source": "secalert@redhat.com", "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.kde.org/info/security/advisory-20051207-2.txt" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012" }, { "source": "secalert@redhat.com", "tags": [ "Patch" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.html" }, { "source": "secalert@redhat.com", "tags": [ "Patch" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.html" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded" }, { "source": "secalert@redhat.com", "tags": [ "Patch" ], "url": "http://www.securityfocus.com/bid/16143" }, { "source": "secalert@redhat.com", "url": "http://www.trustix.org/errata/2006/0002/" }, { "source": "secalert@redhat.com", "url": "http://www.vupen.com/english/advisories/2006/0047" }, { "source": "secalert@redhat.com", "url": "http://www.vupen.com/english/advisories/2007/2280" }, { "source": "secalert@redhat.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24023" }, { "source": "secalert@redhat.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9575" }, { "source": "secalert@redhat.com", "url": "https://usn.ubuntu.com/236-1/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit" ], "url": "http://scary.beasts.org/security/CESA-2005-003.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18147" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18303" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18312" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18313" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18329" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18332" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18334" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18335" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18338" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18349" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18373" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18375" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18380" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18385" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18387" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18389" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18398" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18407" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18414" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18416" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18423" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18425" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18428" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18436" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18448" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18463" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18517" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18534" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18554" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18582" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18642" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18644" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18674" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18675" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18679" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18908" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18913" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19230" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19377" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/25729" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2005/dsa-931" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2005/dsa-932" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2005/dsa-937" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2005/dsa-938" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2005/dsa-940" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2006/dsa-936" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2006/dsa-950" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2006/dsa-961" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2006/dsa-962" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.kde.org/info/security/advisory-20051207-2.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.securityfocus.com/bid/16143" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.trustix.org/errata/2006/0002/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2006/0047" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2007/2280" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24023" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9575" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://usn.ubuntu.com/236-1/" } ], "sourceIdentifier": "secalert@redhat.com", "vendorComments": [ { "comment": "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.", "lastModified": "2007-03-14T00:00:00", "organization": "Red Hat" } ], "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-399" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2009-10-21 17:30
Modified
2025-04-09 00:30
Severity ?
Summary
Integer overflow in the create_surface_from_thumbnail_data function in glib/poppler-page.cc in Poppler 0.x allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow. NOTE: some of these details are obtained from third party information.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:poppler:poppler:0.1:*:*:*:*:*:*:*", "matchCriteriaId": "E23EBF88-10DE-4EA6-9F0E-F33C88541F65", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "54F75CFD-3523-4017-992C-4FA6406D49F2", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "DB116A19-6436-40BE-B5C6-32C22D888B9A", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "8A4C1429-593B-47B6-AC84-832F2296FAB5", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "18240BA6-3390-4925-AC25-DA4C42397CF7", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "3090A142-2240-4A8D-A122-C037931A277C", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "EFD63240-4599-4212-8AF2-7C4089CA9D28", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "3C7EE965-EE3F-4B17-AF38-FA3AA0B11164", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "7BE488E5-B3D9-4723-ABBA-A8753EC2DA2D", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "1259C59E-517F-40BE-8BA6-01AB76257C9A", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "63C92F1C-3005-4EA6-B9C0-2BC2E3D611D6", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "576152B4-9ACD-4C4E-B423-4A5EF44332D0", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.4:*:*:*:*:*:*:*", "matchCriteriaId": "322F9E62-6A74-4805-8F6B-9C61739B2D4E", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "F51C453F-6A87-49FB-83F6-22316F28161F", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "75F532F0-6653-4275-A85A-BD9A9A611E96", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "4CC7300E-0CBE-47FD-A241-B4B4F0164EBB", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "255102DA-A2C0-4795-9539-B4CBD587554A", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "349B06F1-772A-4A12-A7B9-EA220ED96D2C", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.9:*:*:*:*:*:*:*", "matchCriteriaId": "B779800A-FF4B-47DD-B56F-77D10D6A335C", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.90:*:*:*:*:*:*:*", "matchCriteriaId": "F0213390-08FA-4E04-835B-8BE0FC61B464", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.91:*:*:*:*:*:*:*", "matchCriteriaId": "0B304657-740A-4F8D-99CD-22E283FEE6F1", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "178680C2-DB1B-4250-9B6E-6ADABA60DE44", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "FCA9036F-92DA-45C2-9FBC-DE03444D34F1", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "B6855B98-DAA2-4850-A765-2F4D6D93A424", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "4743EC55-B61D-4C1A-9ED7-060268F2DB27", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.6.4:*:*:*:*:*:*:*", "matchCriteriaId": "8CD4454E-3D2B-4582-B5E5-0317A6417654", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.7.0:*:*:*:*:*:*:*", "matchCriteriaId": "96402B67-A7A8-44E3-914E-A10A69FAD735", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "66C608C8-F382-4D6B-A638-98763C1CBB66", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.7.2:*:*:*:*:*:*:*", "matchCriteriaId": "21F0F4E0-91B7-4B1F-BFA9-829101A7F90A", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.7.3:*:*:*:*:*:*:*", "matchCriteriaId": "22287102-80B1-4E1F-85E4-488B020A51E0", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.0:*:*:*:*:*:*:*", "matchCriteriaId": "FF3030D6-DE07-418B-AB40-87C85FCA3C58", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.1:*:*:*:*:*:*:*", "matchCriteriaId": "D3583D56-F653-457A-B1F8-25842A15CB82", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.2:*:*:*:*:*:*:*", "matchCriteriaId": "6EEA5DBB-5A80-439E-A135-77CB40772916", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.3:*:*:*:*:*:*:*", "matchCriteriaId": "D4A5C43B-3978-4D0A-8166-A99622106781", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.4:*:*:*:*:*:*:*", "matchCriteriaId": "2A940AF2-A7CA-408F-86E2-797C7BA8A6BD", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.5:*:*:*:*:*:*:*", "matchCriteriaId": "8B2CD8A0-2DBA-4AC9-A97D-D4DAEB6C7A74", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.6:*:*:*:*:*:*:*", "matchCriteriaId": "AA56CB7C-E7B3-4F0B-8BEB-F133FAF0D6FC", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.7:*:*:*:*:*:*:*", "matchCriteriaId": "6323ED7A-6FE8-4885-B743-3E2F82ECA08B", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.9.0:*:*:*:*:*:*:*", "matchCriteriaId": "90D3345C-2D35-413C-B6F9-C308BC7C2AA6", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.9.1:*:*:*:*:*:*:*", "matchCriteriaId": "26216EEC-26B7-41C8-ADFB-64D2EA8DAA8F", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.9.2:*:*:*:*:*:*:*", "matchCriteriaId": "A9D3618D-A183-4B09-9CA2-8D622C3486DD", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.9.3:*:*:*:*:*:*:*", "matchCriteriaId": "A88294D9-563E-4AB3-9FE6-971F43B052B4", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.0:*:*:*:*:*:*:*", "matchCriteriaId": "1A39F672-B238-4B21-A48E-5121771949F3", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.1:*:*:*:*:*:*:*", "matchCriteriaId": "58A5D199-E952-44B5-B5E5-170040FA813E", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.2:*:*:*:*:*:*:*", "matchCriteriaId": "349B4B75-32E2-49FB-9606-8B057AFA2E3E", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.3:*:*:*:*:*:*:*", "matchCriteriaId": "55A8D058-224E-467E-AB61-06F90B541F24", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.4:*:*:*:*:*:*:*", "matchCriteriaId": "77C47EDD-2212-4259-8229-FF05E1A7B5AD", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.5:*:*:*:*:*:*:*", "matchCriteriaId": "C52995D0-0986-427F-B37D-2F6726EA330D", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.6:*:*:*:*:*:*:*", "matchCriteriaId": "7E4427C5-DBF0-4EF9-8B7A-61D56C14E3FB", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.7:*:*:*:*:*:*:*", "matchCriteriaId": "B91206CA-7EBE-4E64-9A49-D7EC0D051012", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.11.0:*:*:*:*:*:*:*", "matchCriteriaId": "BFD43644-7F02-42AF-8EC3-C326A13E2F89", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.11.1:*:*:*:*:*:*:*", "matchCriteriaId": "81FE2E6F-44B2-42D5-B986-D1FE2B510968", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.11.2:*:*:*:*:*:*:*", "matchCriteriaId": "0A605079-3705-4E2C-8F6D-C21B4D875817", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.11.3:*:*:*:*:*:*:*", "matchCriteriaId": "3ABBD590-8092-4920-BBC7-F3ACB9CCC900", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.12.0:*:*:*:*:*:*:*", "matchCriteriaId": "14D812D5-BC8B-4907-AA70-F8D7F982A8DD", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Integer overflow in the create_surface_from_thumbnail_data function in glib/poppler-page.cc in Poppler 0.x allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow. NOTE: some of these details are obtained from third party information." }, { "lang": "es", "value": "la funci\u00f3n create_surface_from_thumbnail_data en glib/poppler-page.cc en Poppler v0.x, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) o posiblemente la ejecuci\u00f3n de c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un documento PDF manipulado que provoca un desbordamiento de b\u00fafer basado en memoria din\u00e1mica (heap). NOTA: algunos de los detalles han sido obtenidos a partir de informaci\u00f3n de terceros." } ], "id": "CVE-2009-3607", "lastModified": "2025-04-09T00:30:58.490", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2009-10-21T17:30:00.377", "references": [ { "source": "secalert@redhat.com", "url": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=c839b706" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/37054" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/37114" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/37159" }, { "source": "secalert@redhat.com", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1" }, { "source": "secalert@redhat.com", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2009/dsa-1941" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175" }, { "source": "secalert@redhat.com", "url": "http://www.openwall.com/lists/oss-security/2009/12/01/1" }, { "source": "secalert@redhat.com", "url": "http://www.openwall.com/lists/oss-security/2009/12/01/5" }, { "source": "secalert@redhat.com", "url": "http://www.openwall.com/lists/oss-security/2009/12/01/6" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/bid/36718" }, { "source": "secalert@redhat.com", "url": "http://www.ubuntu.com/usn/USN-850-1" }, { "source": "secalert@redhat.com", "url": "http://www.ubuntu.com/usn/USN-850-3" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/2925" }, { "source": "secalert@redhat.com", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=526924" }, { "source": "secalert@redhat.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53801" }, { "source": "secalert@redhat.com", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00750.html" }, { "source": "secalert@redhat.com", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00784.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=c839b706" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/37054" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/37114" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/37159" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2009/dsa-1941" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.openwall.com/lists/oss-security/2009/12/01/1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.openwall.com/lists/oss-security/2009/12/01/5" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.openwall.com/lists/oss-security/2009/12/01/6" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/36718" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ubuntu.com/usn/USN-850-1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ubuntu.com/usn/USN-850-3" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/2925" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=526924" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53801" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00750.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00784.html" } ], "sourceIdentifier": "secalert@redhat.com", "vendorComments": [ { "comment": "Not vulnerable. This issue did not affect the version of poppler as shipped with Red Hat Enterprise Linux 5.", "lastModified": "2009-10-23T00:00:00", "organization": "Red Hat" } ], "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-189" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2009-10-21 17:30
Modified
2025-04-09 00:30
Severity ?
Summary
Integer overflow in the ImageStream::ImageStream function in Stream.cc in Xpdf before 3.02pl4 and Poppler before 0.12.1, as used in GPdf, kdegraphics KPDF, and CUPS pdftops, allows remote attackers to cause a denial of service (application crash) via a crafted PDF document that triggers a NULL pointer dereference or buffer over-read.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:foolabs:xpdf:3.02pl1:*:*:*:*:*:*:*", "matchCriteriaId": "0BC500DA-7B3F-4CD5-BB0E-B244000CD19D", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:3.02pl2:*:*:*:*:*:*:*", "matchCriteriaId": "9D5D9CEA-0707-46FC-AEC3-9EC540B22BC3", "vulnerable": true }, { "criteria": "cpe:2.3:a:foolabs:xpdf:3.02pl3:*:*:*:*:*:*:*", "matchCriteriaId": "BD38AC59-7518-40FB-BC29-EC64142DE682", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.00:*:*:*:*:*:*:*", "matchCriteriaId": "15D08CFD-BEE1-4DEE-926D-F4291F88224D", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.01:*:*:*:*:*:*:*", "matchCriteriaId": "D244903F-5407-4C35-AE2C-1A05D3C227D4", "vulnerable": true }, { "criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.02:*:*:*:*:*:*:*", "matchCriteriaId": "F7D4E256-FF91-47BA-B1D4-940FB2D970AF", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:*:*:*:*:*:*:*:*", "matchCriteriaId": "C16CA37E-F28E-47E6-B77B-4CB0A859F831", "versionEndIncluding": "0.12.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.1:*:*:*:*:*:*:*", "matchCriteriaId": "E23EBF88-10DE-4EA6-9F0E-F33C88541F65", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "54F75CFD-3523-4017-992C-4FA6406D49F2", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "DB116A19-6436-40BE-B5C6-32C22D888B9A", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "8A4C1429-593B-47B6-AC84-832F2296FAB5", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "18240BA6-3390-4925-AC25-DA4C42397CF7", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "3090A142-2240-4A8D-A122-C037931A277C", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "EFD63240-4599-4212-8AF2-7C4089CA9D28", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "3C7EE965-EE3F-4B17-AF38-FA3AA0B11164", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "7BE488E5-B3D9-4723-ABBA-A8753EC2DA2D", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "1259C59E-517F-40BE-8BA6-01AB76257C9A", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "63C92F1C-3005-4EA6-B9C0-2BC2E3D611D6", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "576152B4-9ACD-4C4E-B423-4A5EF44332D0", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.4:*:*:*:*:*:*:*", "matchCriteriaId": "322F9E62-6A74-4805-8F6B-9C61739B2D4E", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "F51C453F-6A87-49FB-83F6-22316F28161F", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "75F532F0-6653-4275-A85A-BD9A9A611E96", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "4CC7300E-0CBE-47FD-A241-B4B4F0164EBB", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "255102DA-A2C0-4795-9539-B4CBD587554A", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "349B06F1-772A-4A12-A7B9-EA220ED96D2C", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.5.9:*:*:*:*:*:*:*", "matchCriteriaId": "B779800A-FF4B-47DD-B56F-77D10D6A335C", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "178680C2-DB1B-4250-9B6E-6ADABA60DE44", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "FCA9036F-92DA-45C2-9FBC-DE03444D34F1", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "B6855B98-DAA2-4850-A765-2F4D6D93A424", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "4743EC55-B61D-4C1A-9ED7-060268F2DB27", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.6.4:*:*:*:*:*:*:*", "matchCriteriaId": "8CD4454E-3D2B-4582-B5E5-0317A6417654", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.7.0:*:*:*:*:*:*:*", "matchCriteriaId": "96402B67-A7A8-44E3-914E-A10A69FAD735", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "66C608C8-F382-4D6B-A638-98763C1CBB66", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.7.2:*:*:*:*:*:*:*", "matchCriteriaId": "21F0F4E0-91B7-4B1F-BFA9-829101A7F90A", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.7.3:*:*:*:*:*:*:*", "matchCriteriaId": "22287102-80B1-4E1F-85E4-488B020A51E0", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.0:*:*:*:*:*:*:*", "matchCriteriaId": "FF3030D6-DE07-418B-AB40-87C85FCA3C58", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.1:*:*:*:*:*:*:*", "matchCriteriaId": "D3583D56-F653-457A-B1F8-25842A15CB82", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.2:*:*:*:*:*:*:*", "matchCriteriaId": "6EEA5DBB-5A80-439E-A135-77CB40772916", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.3:*:*:*:*:*:*:*", "matchCriteriaId": "D4A5C43B-3978-4D0A-8166-A99622106781", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.4:*:*:*:*:*:*:*", "matchCriteriaId": "2A940AF2-A7CA-408F-86E2-797C7BA8A6BD", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.6:*:*:*:*:*:*:*", "matchCriteriaId": "AA56CB7C-E7B3-4F0B-8BEB-F133FAF0D6FC", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.8.7:*:*:*:*:*:*:*", "matchCriteriaId": "6323ED7A-6FE8-4885-B743-3E2F82ECA08B", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.9.0:*:*:*:*:*:*:*", "matchCriteriaId": "90D3345C-2D35-413C-B6F9-C308BC7C2AA6", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.9.1:*:*:*:*:*:*:*", "matchCriteriaId": "26216EEC-26B7-41C8-ADFB-64D2EA8DAA8F", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.9.2:*:*:*:*:*:*:*", "matchCriteriaId": "A9D3618D-A183-4B09-9CA2-8D622C3486DD", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.9.3:*:*:*:*:*:*:*", "matchCriteriaId": "A88294D9-563E-4AB3-9FE6-971F43B052B4", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.0:*:*:*:*:*:*:*", "matchCriteriaId": "1A39F672-B238-4B21-A48E-5121771949F3", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.1:*:*:*:*:*:*:*", "matchCriteriaId": "58A5D199-E952-44B5-B5E5-170040FA813E", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.2:*:*:*:*:*:*:*", "matchCriteriaId": "349B4B75-32E2-49FB-9606-8B057AFA2E3E", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.3:*:*:*:*:*:*:*", "matchCriteriaId": "55A8D058-224E-467E-AB61-06F90B541F24", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.4:*:*:*:*:*:*:*", "matchCriteriaId": "77C47EDD-2212-4259-8229-FF05E1A7B5AD", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.5:*:*:*:*:*:*:*", "matchCriteriaId": "C52995D0-0986-427F-B37D-2F6726EA330D", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.6:*:*:*:*:*:*:*", "matchCriteriaId": "7E4427C5-DBF0-4EF9-8B7A-61D56C14E3FB", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.10.7:*:*:*:*:*:*:*", "matchCriteriaId": "B91206CA-7EBE-4E64-9A49-D7EC0D051012", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.11.0:*:*:*:*:*:*:*", "matchCriteriaId": "BFD43644-7F02-42AF-8EC3-C326A13E2F89", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.11.1:*:*:*:*:*:*:*", "matchCriteriaId": "81FE2E6F-44B2-42D5-B986-D1FE2B510968", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.11.2:*:*:*:*:*:*:*", "matchCriteriaId": "0A605079-3705-4E2C-8F6D-C21B4D875817", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.11.3:*:*:*:*:*:*:*", "matchCriteriaId": "3ABBD590-8092-4920-BBC7-F3ACB9CCC900", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:glyph_and_cog:pdftops:*:*:*:*:*:*:*:*", "matchCriteriaId": "1833267E-3B18-4CF8-B996-6226D5439F5F", "vulnerable": false }, { "criteria": "cpe:2.3:a:gnome:gpdf:*:*:*:*:*:*:*:*", "matchCriteriaId": "E4A9A98B-5E37-4938-9506-927E0C8FACB8", "vulnerable": false }, { "criteria": "cpe:2.3:a:kde:kpdf:*:*:*:*:*:*:*:*", "matchCriteriaId": "41EF2714-DEC9-407F-9D1B-EF2A4D8B4DC3", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Integer overflow in the ImageStream::ImageStream function in Stream.cc in Xpdf before 3.02pl4 and Poppler before 0.12.1, as used in GPdf, kdegraphics KPDF, and CUPS pdftops, allows remote attackers to cause a denial of service (application crash) via a crafted PDF document that triggers a NULL pointer dereference or buffer over-read." }, { "lang": "es", "value": "Desbordamiento de entero en la funci\u00f3n ImageStream::ImageStream en Stream.cc en Xpdf v3.02pl4 y Poppler v0.12.1, usado en GPdf, kdegraphics KPDF, y CUPS pdftops, permite a atacantes remotsos provocar una denegaci\u00f3n de servicio (ca\u00edda de aplicaci\u00f3n) a trav\u00e9s de un documento PDF manipulado que provoca un deferencia a puntero nulo o un desbordamiento de b\u00fafer fuera del l\u00edmite (over-read)." } ], "id": "CVE-2009-3609", "lastModified": "2025-04-09T00:30:58.490", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2009-10-21T17:30:00.453", "references": [ { "source": "secalert@redhat.com", "tags": [ "Exploit" ], "url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl4.patch" }, { "source": "secalert@redhat.com", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035340.html" }, { "source": "secalert@redhat.com", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035399.html" }, { "source": "secalert@redhat.com", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035408.html" }, { "source": "secalert@redhat.com", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://poppler.freedesktop.org/" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/37023" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/37028" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/37034" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/37037" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/37043" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/37051" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/37054" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/37061" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/37077" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/37079" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/37114" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/37159" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/39327" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/39938" }, { "source": "secalert@redhat.com", "url": "http://securitytracker.com/id?1023029" }, { "source": "secalert@redhat.com", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1" }, { "source": "secalert@redhat.com", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2010/dsa-2028" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2010/dsa-2050" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:287" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:334" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/support/errata/RHSA-2010-0755.html" }, { "source": "secalert@redhat.com", "tags": [ "Exploit", "Patch" ], "url": "http://www.securityfocus.com/bid/36703" }, { "source": "secalert@redhat.com", "url": "http://www.ubuntu.com/usn/USN-850-1" }, { "source": "secalert@redhat.com", "url": "http://www.ubuntu.com/usn/USN-850-3" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/2924" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/2925" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/2926" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/2928" }, { "source": "secalert@redhat.com", "url": "http://www.vupen.com/english/advisories/2010/0802" }, { "source": "secalert@redhat.com", "url": "http://www.vupen.com/english/advisories/2010/1220" }, { "source": "secalert@redhat.com", "tags": [ "Exploit", "Patch" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=526893" }, { "source": "secalert@redhat.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53800" }, { "source": "secalert@redhat.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11043" }, { "source": "secalert@redhat.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8134" }, { "source": "secalert@redhat.com", "url": "https://rhn.redhat.com/errata/RHSA-2009-1500.html" }, { "source": "secalert@redhat.com", "url": "https://rhn.redhat.com/errata/RHSA-2009-1501.html" }, { "source": "secalert@redhat.com", "url": "https://rhn.redhat.com/errata/RHSA-2009-1502.html" }, { "source": "secalert@redhat.com", "url": "https://rhn.redhat.com/errata/RHSA-2009-1503.html" }, { "source": "secalert@redhat.com", "url": "https://rhn.redhat.com/errata/RHSA-2009-1504.html" }, { "source": "secalert@redhat.com", "url": "https://rhn.redhat.com/errata/RHSA-2009-1512.html" }, { "source": "secalert@redhat.com", "url": "https://rhn.redhat.com/errata/RHSA-2009-1513.html" }, { "source": "secalert@redhat.com", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00750.html" }, { "source": "secalert@redhat.com", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00784.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit" ], "url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl4.patch" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035340.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035399.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035408.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://poppler.freedesktop.org/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/37023" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/37028" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/37034" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/37037" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/37043" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/37051" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/37054" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/37061" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/37077" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/37079" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/37114" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/37159" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/39327" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/39938" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securitytracker.com/id?1023029" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2010/dsa-2028" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2010/dsa-2050" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:287" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:334" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2010-0755.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Patch" ], "url": "http://www.securityfocus.com/bid/36703" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ubuntu.com/usn/USN-850-1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ubuntu.com/usn/USN-850-3" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/2924" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/2925" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/2926" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/2928" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2010/0802" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2010/1220" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Patch" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=526893" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53800" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11043" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8134" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://rhn.redhat.com/errata/RHSA-2009-1500.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://rhn.redhat.com/errata/RHSA-2009-1501.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://rhn.redhat.com/errata/RHSA-2009-1502.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://rhn.redhat.com/errata/RHSA-2009-1503.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://rhn.redhat.com/errata/RHSA-2009-1504.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://rhn.redhat.com/errata/RHSA-2009-1512.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://rhn.redhat.com/errata/RHSA-2009-1513.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00750.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00784.html" } ], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-189" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
CVE-2009-0165 (GCVE-0-2009-0165)
Vulnerability from cvelistv5
Published
2009-04-23 19:11
Modified
2024-08-07 04:24
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, as used in Poppler and other products, when running on Mac OS X, has unspecified impact, related to "g*allocn."
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T04:24:17.994Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "DSA-1793", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2009/dsa-1793" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.apple.com/kb/HT3639" }, { "name": "DSA-1790", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2009/dsa-1790" }, { "name": "35037", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/35037" }, { "name": "ADV-2009-1621", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2009/1621" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.apple.com/kb/HT3549" }, { "name": "SSA:2009-129-01", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE", "x_transferred" ], "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://bugs.gentoo.org/show_bug.cgi?id=263028" }, { "name": "35074", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/35074" }, { "name": "APPLE-SA-2009-06-17-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html" }, { "name": "APPLE-SA-2009-05-12", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html" }, { "name": "35065", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/35065" }, { "name": "34568", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/34568" }, { "name": "SUSE-SA:2009:024", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html" }, { "name": "34991", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/34991" }, { "name": "MDVSA-2009:101", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101" }, { "name": "SUSE-SR:2009:010", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html" }, { "name": "TA09-133A", "tags": [ "third-party-advisory", "x_refsource_CERT", "x_transferred" ], "url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html" }, { "name": "35685", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/35685" }, { "name": "ADV-2009-1297", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2009/1297" }, { "name": "multiple-jbig2-unspecified(50377)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50377" }, { "name": "34852", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/34852" }, { "name": "SUSE-SR:2009:012", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html" }, { "name": "34959", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/34959" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2009-04-16T00:00:00", "descriptions": [ { "lang": "en", "value": "Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, as used in Poppler and other products, when running on Mac OS X, has unspecified impact, related to \"g*allocn.\"" } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-08-07T12:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "DSA-1793", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2009/dsa-1793" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.apple.com/kb/HT3639" }, { "name": "DSA-1790", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2009/dsa-1790" }, { "name": "35037", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/35037" }, { "name": "ADV-2009-1621", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2009/1621" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.apple.com/kb/HT3549" }, { "name": "SSA:2009-129-01", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE" ], "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://bugs.gentoo.org/show_bug.cgi?id=263028" }, { "name": "35074", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/35074" }, { "name": "APPLE-SA-2009-06-17-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html" }, { "name": "APPLE-SA-2009-05-12", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html" }, { "name": "35065", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/35065" }, { "name": "34568", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/34568" }, { "name": "SUSE-SA:2009:024", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html" }, { "name": "34991", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/34991" }, { "name": "MDVSA-2009:101", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101" }, { "name": "SUSE-SR:2009:010", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html" }, { "name": "TA09-133A", "tags": [ "third-party-advisory", "x_refsource_CERT" ], "url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html" }, { "name": "35685", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/35685" }, { "name": "ADV-2009-1297", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2009/1297" }, { "name": "multiple-jbig2-unspecified(50377)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50377" }, { "name": "34852", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/34852" }, { "name": "SUSE-SR:2009:012", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html" }, { "name": "34959", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/34959" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2009-0165", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, as used in Poppler and other products, when running on Mac OS X, has unspecified impact, related to \"g*allocn.\"" } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "DSA-1793", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2009/dsa-1793" }, { "name": "http://support.apple.com/kb/HT3639", "refsource": "CONFIRM", "url": "http://support.apple.com/kb/HT3639" }, { "name": "DSA-1790", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2009/dsa-1790" }, { "name": "35037", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/35037" }, { "name": "ADV-2009-1621", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2009/1621" }, { "name": "http://support.apple.com/kb/HT3549", "refsource": "CONFIRM", "url": "http://support.apple.com/kb/HT3549" }, { "name": "SSA:2009-129-01", "refsource": "SLACKWARE", "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477" }, { "name": "http://bugs.gentoo.org/show_bug.cgi?id=263028", "refsource": "CONFIRM", "url": "http://bugs.gentoo.org/show_bug.cgi?id=263028" }, { "name": "35074", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/35074" }, { "name": "APPLE-SA-2009-06-17-1", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html" }, { "name": "APPLE-SA-2009-05-12", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html" }, { "name": "35065", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/35065" }, { "name": "34568", "refsource": "BID", "url": "http://www.securityfocus.com/bid/34568" }, { "name": "SUSE-SA:2009:024", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html" }, { "name": "34991", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/34991" }, { "name": "MDVSA-2009:101", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101" }, { "name": "SUSE-SR:2009:010", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html" }, { "name": "TA09-133A", "refsource": "CERT", "url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html" }, { "name": "35685", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/35685" }, { "name": "ADV-2009-1297", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2009/1297" }, { "name": "multiple-jbig2-unspecified(50377)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50377" }, { "name": "34852", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/34852" }, { "name": "SUSE-SR:2009:012", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html" }, { "name": "34959", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/34959" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2009-0165", "datePublished": "2009-04-23T19:11:00", "dateReserved": "2009-01-16T00:00:00", "dateUpdated": "2024-08-07T04:24:17.994Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2009-0166 (GCVE-0-2009-0166)
Vulnerability from cvelistv5
Published
2009-04-23 17:00
Modified
2024-08-07 04:24
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers a free of uninitialized memory.
References
► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T04:24:18.237Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "DSA-1793", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2009/dsa-1793" }, { "name": "GLSA-200904-20", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://security.gentoo.org/glsa/glsa-200904-20.xml" }, { "name": "34963", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/34963" }, { "name": "DSA-1790", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2009/dsa-1790" }, { "name": "35037", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/35037" }, { "name": "ADV-2009-1077", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2009/1077" }, { "name": "35064", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/35064" }, { "name": "ADV-2009-1066", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2009/1066" }, { "name": "34481", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/34481" }, { "name": "SSA:2009-129-01", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE", "x_transferred" ], "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477" }, { "name": "RHSA-2009:0431", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html" }, { "name": "ADV-2009-1065", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2009/1065" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://wiki.rpath.com/Advisories:rPSA-2009-0061" }, { "name": "RHSA-2009:0430", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html" }, { "name": "FEDORA-2009-6972", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html" }, { "name": "35618", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/35618" }, { "name": "35065", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/35065" }, { "name": "RHSA-2009:0480", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html" }, { "name": "34568", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/34568" }, { "name": "20090417 rPSA-2009-0061-1 cups", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/502750/100/0/threaded" }, { "name": "ADV-2010-1040", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2010/1040" }, { "name": "SUSE-SA:2009:024", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html" }, { "name": "RHSA-2009:0458", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html" }, { "name": "FEDORA-2009-6982", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html" }, { "name": "34991", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/34991" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=490625" }, { "name": "MDVSA-2009:101", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101" }, { "name": "MDVSA-2010:087", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087" }, { "name": "SUSE-SR:2009:010", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html" }, { "name": "35685", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/35685" }, { "name": "34756", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/34756" }, { "name": "34291", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/34291" }, { "name": "34755", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/34755" }, { "name": "34852", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/34852" }, { "name": "SUSE-SR:2009:012", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html" }, { "name": "FEDORA-2009-6973", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html" }, { "name": "34959", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/34959" }, { "name": "oval:org.mitre.oval:def:9778", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9778" }, { "name": "RHSA-2009:0429", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html" }, { "name": "1022073", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id?1022073" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2009-04-16T00:00:00", "descriptions": [ { "lang": "en", "value": "The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers a free of uninitialized memory." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-11T19:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "DSA-1793", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2009/dsa-1793" }, { "name": "GLSA-200904-20", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://security.gentoo.org/glsa/glsa-200904-20.xml" }, { "name": "34963", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/34963" }, { "name": "DSA-1790", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2009/dsa-1790" }, { "name": "35037", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/35037" }, { "name": "ADV-2009-1077", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2009/1077" }, { "name": "35064", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/35064" }, { "name": "ADV-2009-1066", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2009/1066" }, { "name": "34481", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/34481" }, { "name": "SSA:2009-129-01", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE" ], "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477" }, { "name": "RHSA-2009:0431", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html" }, { "name": "ADV-2009-1065", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2009/1065" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://wiki.rpath.com/Advisories:rPSA-2009-0061" }, { "name": "RHSA-2009:0430", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html" }, { "name": "FEDORA-2009-6972", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html" }, { "name": "35618", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/35618" }, { "name": "35065", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/35065" }, { "name": "RHSA-2009:0480", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html" }, { "name": "34568", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/34568" }, { "name": "20090417 rPSA-2009-0061-1 cups", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/502750/100/0/threaded" }, { "name": "ADV-2010-1040", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2010/1040" }, { "name": "SUSE-SA:2009:024", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html" }, { "name": "RHSA-2009:0458", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html" }, { "name": "FEDORA-2009-6982", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html" }, { "name": "34991", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/34991" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=490625" }, { "name": "MDVSA-2009:101", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101" }, { "name": "MDVSA-2010:087", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087" }, { "name": "SUSE-SR:2009:010", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html" }, { "name": "35685", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/35685" }, { "name": "34756", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/34756" }, { "name": "34291", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/34291" }, { "name": "34755", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/34755" }, { "name": "34852", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/34852" }, { "name": "SUSE-SR:2009:012", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html" }, { "name": "FEDORA-2009-6973", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html" }, { "name": "34959", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/34959" }, { "name": "oval:org.mitre.oval:def:9778", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9778" }, { "name": "RHSA-2009:0429", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html" }, { "name": "1022073", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id?1022073" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2009-0166", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers a free of uninitialized memory." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "DSA-1793", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2009/dsa-1793" }, { "name": "GLSA-200904-20", "refsource": "GENTOO", "url": "http://security.gentoo.org/glsa/glsa-200904-20.xml" }, { "name": "34963", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/34963" }, { "name": "DSA-1790", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2009/dsa-1790" }, { "name": "35037", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/35037" }, { "name": "ADV-2009-1077", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2009/1077" }, { "name": "35064", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/35064" }, { "name": "ADV-2009-1066", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2009/1066" }, { "name": "34481", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/34481" }, { "name": "SSA:2009-129-01", "refsource": "SLACKWARE", "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477" }, { "name": "RHSA-2009:0431", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html" }, { "name": "ADV-2009-1065", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2009/1065" }, { "name": "http://wiki.rpath.com/Advisories:rPSA-2009-0061", "refsource": "CONFIRM", "url": "http://wiki.rpath.com/Advisories:rPSA-2009-0061" }, { "name": "RHSA-2009:0430", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html" }, { "name": "FEDORA-2009-6972", "refsource": "FEDORA", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html" }, { "name": "35618", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/35618" }, { "name": "35065", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/35065" }, { "name": "RHSA-2009:0480", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html" }, { "name": "34568", "refsource": "BID", "url": "http://www.securityfocus.com/bid/34568" }, { "name": "20090417 rPSA-2009-0061-1 cups", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/502750/100/0/threaded" }, { "name": "ADV-2010-1040", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2010/1040" }, { "name": "SUSE-SA:2009:024", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html" }, { "name": "RHSA-2009:0458", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html" }, { "name": "FEDORA-2009-6982", "refsource": "FEDORA", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html" }, { "name": "34991", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/34991" }, { "name": "https://bugzilla.redhat.com/show_bug.cgi?id=490625", "refsource": "CONFIRM", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=490625" }, { "name": "MDVSA-2009:101", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101" }, { "name": "MDVSA-2010:087", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087" }, { "name": "SUSE-SR:2009:010", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html" }, { "name": "35685", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/35685" }, { "name": "34756", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/34756" }, { "name": "34291", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/34291" }, { "name": "34755", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/34755" }, { "name": "34852", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/34852" }, { "name": "SUSE-SR:2009:012", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html" }, { "name": "FEDORA-2009-6973", "refsource": "FEDORA", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html" }, { "name": "34959", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/34959" }, { "name": "oval:org.mitre.oval:def:9778", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9778" }, { "name": "RHSA-2009:0429", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html" }, { "name": "1022073", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1022073" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2009-0166", "datePublished": "2009-04-23T17:00:00", "dateReserved": "2009-01-16T00:00:00", "dateUpdated": "2024-08-07T04:24:18.237Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2017-2820 (GCVE-0-2017-2820)
Vulnerability from cvelistv5
Published
2017-07-12 17:00
Modified
2024-09-16 17:57
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- heap overflow
Summary
An exploitable integer overflow vulnerability exists in the JPEG 2000 image parsing functionality of freedesktop.org Poppler 0.53.0. A specially crafted PDF file can lead to an integer overflow causing out of bounds memory overwrite on the heap resulting in potential arbitrary code execution. To trigger this vulnerability, a victim must open the malicious PDF in an application using this library.
References
► | URL | Tags | ||||||
---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T14:02:07.712Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "99497", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/99497" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2017-0321" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Poppler", "vendor": "Poppler", "versions": [ { "status": "affected", "version": "0.53" } ] } ], "datePublic": "2017-07-11T00:00:00", "descriptions": [ { "lang": "en", "value": "An exploitable integer overflow vulnerability exists in the JPEG 2000 image parsing functionality of freedesktop.org Poppler 0.53.0. A specially crafted PDF file can lead to an integer overflow causing out of bounds memory overwrite on the heap resulting in potential arbitrary code execution. To trigger this vulnerability, a victim must open the malicious PDF in an application using this library." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "description": "heap overflow", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-04-19T18:22:50", "orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b", "shortName": "talos" }, "references": [ { "name": "99497", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/99497" }, { "tags": [ "x_refsource_MISC" ], "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2017-0321" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "talos-cna@cisco.com", "DATE_PUBLIC": "2017-07-11T00:00:00", "ID": "CVE-2017-2820", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Poppler", "version": { "version_data": [ { "version_value": "0.53" } ] } } ] }, "vendor_name": "Poppler" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "An exploitable integer overflow vulnerability exists in the JPEG 2000 image parsing functionality of freedesktop.org Poppler 0.53.0. A specially crafted PDF file can lead to an integer overflow causing out of bounds memory overwrite on the heap resulting in potential arbitrary code execution. To trigger this vulnerability, a victim must open the malicious PDF in an application using this library." } ] }, "impact": { "cvss": { "baseScore": 8.8, "baseSeverity": "High", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "heap overflow" } ] } ] }, "references": { "reference_data": [ { "name": "99497", "refsource": "BID", "url": "http://www.securityfocus.com/bid/99497" }, { "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2017-0321", "refsource": "MISC", "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2017-0321" } ] } } } }, "cveMetadata": { "assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b", "assignerShortName": "talos", "cveId": "CVE-2017-2820", "datePublished": "2017-07-12T17:00:00Z", "dateReserved": "2016-12-01T00:00:00", "dateUpdated": "2024-09-16T17:57:59.150Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2008-2950 (GCVE-0-2008-2950)
Vulnerability from cvelistv5
Published
2008-07-07 23:00
Modified
2024-08-07 09:21
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The Page destructor in Page.cc in libpoppler in Poppler 0.8.4 and earlier deletes a pageWidgets object even if it is not initialized by a Page constructor, which allows remote attackers to execute arbitrary code via a crafted PDF document.
References
► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T09:21:34.456Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://wiki.rpath.com/Advisories:rPSA-2008-0223" }, { "name": "20080709 rPSA-2008-0223-1 poppler", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/494142/100/0/threaded" }, { "name": "6032", "tags": [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred" ], "url": "https://www.exploit-db.com/exploits/6032" }, { "name": "30963", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/30963" }, { "name": "SUSE-SR:2008:015", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00006.html" }, { "name": "ADV-2008-2024", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2008/2024/references" }, { "name": "31002", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/31002" }, { "name": "30107", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/30107" }, { "name": "GLSA-200807-04", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://security.gentoo.org/glsa/glsa-200807-04.xml" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://www.ocert.org/advisories/ocert-2008-007.html" }, { "name": "31267", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/31267" }, { "name": "USN-631-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/usn-631-1" }, { "name": "31405", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/31405" }, { "name": "FEDORA-2008-7104", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00161.html" }, { "name": "poppler-page-destructor-code-execution(43619)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43619" }, { "name": "MDVSA-2008:146", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:146" }, { "name": "3977", "tags": [ "third-party-advisory", "x_refsource_SREASON", "x_transferred" ], "url": "http://securityreason.com/securityalert/3977" }, { "name": "1020435", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id?1020435" }, { "name": "20080707 [oCERT-2008-007] libpoppler uninitialized pointer", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/493980/100/0/threaded" }, { "name": "31167", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/31167" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2008-07-07T00:00:00", "descriptions": [ { "lang": "en", "value": "The Page destructor in Page.cc in libpoppler in Poppler 0.8.4 and earlier deletes a pageWidgets object even if it is not initialized by a Page constructor, which allows remote attackers to execute arbitrary code via a crafted PDF document." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-11T19:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "http://wiki.rpath.com/Advisories:rPSA-2008-0223" }, { "name": "20080709 rPSA-2008-0223-1 poppler", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/494142/100/0/threaded" }, { "name": "6032", "tags": [ "exploit", "x_refsource_EXPLOIT-DB" ], "url": "https://www.exploit-db.com/exploits/6032" }, { "name": "30963", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/30963" }, { "name": "SUSE-SR:2008:015", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00006.html" }, { "name": "ADV-2008-2024", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2008/2024/references" }, { "name": "31002", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/31002" }, { "name": "30107", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/30107" }, { "name": "GLSA-200807-04", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://security.gentoo.org/glsa/glsa-200807-04.xml" }, { "tags": [ "x_refsource_MISC" ], "url": "http://www.ocert.org/advisories/ocert-2008-007.html" }, { "name": "31267", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/31267" }, { "name": "USN-631-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/usn-631-1" }, { "name": "31405", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/31405" }, { "name": "FEDORA-2008-7104", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00161.html" }, { "name": "poppler-page-destructor-code-execution(43619)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43619" }, { "name": "MDVSA-2008:146", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:146" }, { "name": "3977", "tags": [ "third-party-advisory", "x_refsource_SREASON" ], "url": "http://securityreason.com/securityalert/3977" }, { "name": "1020435", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id?1020435" }, { "name": "20080707 [oCERT-2008-007] libpoppler uninitialized pointer", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/493980/100/0/threaded" }, { "name": "31167", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/31167" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2008-2950", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The Page destructor in Page.cc in libpoppler in Poppler 0.8.4 and earlier deletes a pageWidgets object even if it is not initialized by a Page constructor, which allows remote attackers to execute arbitrary code via a crafted PDF document." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "http://wiki.rpath.com/Advisories:rPSA-2008-0223", "refsource": "CONFIRM", "url": "http://wiki.rpath.com/Advisories:rPSA-2008-0223" }, { "name": "20080709 rPSA-2008-0223-1 poppler", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/494142/100/0/threaded" }, { "name": "6032", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/6032" }, { "name": "30963", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/30963" }, { "name": "SUSE-SR:2008:015", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00006.html" }, { "name": "ADV-2008-2024", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/2024/references" }, { "name": "31002", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31002" }, { "name": "30107", "refsource": "BID", "url": "http://www.securityfocus.com/bid/30107" }, { "name": "GLSA-200807-04", "refsource": "GENTOO", "url": "http://security.gentoo.org/glsa/glsa-200807-04.xml" }, { "name": "http://www.ocert.org/advisories/ocert-2008-007.html", "refsource": "MISC", "url": "http://www.ocert.org/advisories/ocert-2008-007.html" }, { "name": "31267", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31267" }, { "name": "USN-631-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/usn-631-1" }, { "name": "31405", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31405" }, { "name": "FEDORA-2008-7104", "refsource": "FEDORA", "url": "https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00161.html" }, { "name": "poppler-page-destructor-code-execution(43619)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43619" }, { "name": "MDVSA-2008:146", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:146" }, { "name": "3977", "refsource": "SREASON", "url": "http://securityreason.com/securityalert/3977" }, { "name": "1020435", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1020435" }, { "name": "20080707 [oCERT-2008-007] libpoppler uninitialized pointer", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/493980/100/0/threaded" }, { "name": "31167", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31167" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2008-2950", "datePublished": "2008-07-07T23:00:00", "dateReserved": "2008-06-30T00:00:00", "dateUpdated": "2024-08-07T09:21:34.456Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2017-2814 (GCVE-0-2017-2814)
Vulnerability from cvelistv5
Published
2017-07-12 17:00
Modified
2024-09-16 19:15
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- heap overflow
Summary
An exploitable heap overflow vulnerability exists in the image rendering functionality of Poppler 0.53.0. A specifically crafted pdf can cause an image resizing after allocation has already occurred, resulting in heap corruption which can lead to code execution. An attacker controlled PDF file can be used to trigger this vulnerability.
References
► | URL | Tags | ||||||
---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T14:02:07.754Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "99497", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/99497" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2017-0311" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Poppler", "vendor": "Poppler", "versions": [ { "status": "affected", "version": "0.53.0" } ] } ], "datePublic": "2017-07-11T00:00:00", "descriptions": [ { "lang": "en", "value": "An exploitable heap overflow vulnerability exists in the image rendering functionality of Poppler 0.53.0. A specifically crafted pdf can cause an image resizing after allocation has already occurred, resulting in heap corruption which can lead to code execution. An attacker controlled PDF file can be used to trigger this vulnerability." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "description": "heap overflow", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-04-19T18:22:42", "orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b", "shortName": "talos" }, "references": [ { "name": "99497", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/99497" }, { "tags": [ "x_refsource_MISC" ], "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2017-0311" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "talos-cna@cisco.com", "DATE_PUBLIC": "2017-07-11T00:00:00", "ID": "CVE-2017-2814", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Poppler", "version": { "version_data": [ { "version_value": "0.53.0" } ] } } ] }, "vendor_name": "Poppler" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "An exploitable heap overflow vulnerability exists in the image rendering functionality of Poppler 0.53.0. A specifically crafted pdf can cause an image resizing after allocation has already occurred, resulting in heap corruption which can lead to code execution. An attacker controlled PDF file can be used to trigger this vulnerability." } ] }, "impact": { "cvss": { "baseScore": 7.5, "baseSeverity": "High", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "heap overflow" } ] } ] }, "references": { "reference_data": [ { "name": "99497", "refsource": "BID", "url": "http://www.securityfocus.com/bid/99497" }, { "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2017-0311", "refsource": "MISC", "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2017-0311" } ] } } } }, "cveMetadata": { "assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b", "assignerShortName": "talos", "cveId": "CVE-2017-2814", "datePublished": "2017-07-12T17:00:00Z", "dateReserved": "2016-12-01T00:00:00", "dateUpdated": "2024-09-16T19:15:46.393Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2005-3625 (GCVE-0-2005-3625)
Vulnerability from cvelistv5
Published
2006-01-06 22:00
Modified
2024-08-07 23:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka "Infinite CPU spins."
References
► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T23:17:23.366Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "16143", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/16143" }, { "name": "DSA-932", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2005/dsa-932" }, { "name": "18349", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18349" }, { "name": "oval:org.mitre.oval:def:9575", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9575" }, { "name": "18147", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18147" }, { "name": "SCOSA-2006.15", "tags": [ "vendor-advisory", "x_refsource_SCO", "x_transferred" ], "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://scary.beasts.org/security/CESA-2005-003.txt" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.kde.org/info/security/advisory-20051207-2.txt" }, { "name": "18679", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18679" }, { "name": "18312", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18312" }, { "name": "18644", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18644" }, { "name": "USN-236-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/236-1/" }, { "name": "18425", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18425" }, { "name": "18373", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18373" }, { "name": "18303", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18303" }, { "name": "DSA-931", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2005/dsa-931" }, { "name": "18554", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18554" }, { "name": "MDKSA-2006:003", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003" }, { "name": "19230", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/19230" }, { "name": "102972", "tags": [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1" }, { "name": "MDKSA-2006:012", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012" }, { "name": "DSA-962", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-962" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.html" }, { "name": "RHSA-2006:0163", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html" }, { "name": "DSA-937", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2005/dsa-937" }, { "name": "18398", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18398" }, { "name": "FLSA-2006:176751", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded" }, { "name": "2006-0002", "tags": [ "vendor-advisory", "x_refsource_TRUSTIX", "x_transferred" ], "url": "http://www.trustix.org/errata/2006/0002/" }, { "name": "SUSE-SA:2006:001", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html" }, { "name": "DSA-936", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-936" }, { "name": "FEDORA-2005-026", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html" }, { "name": "18329", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18329" }, { "name": "18463", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18463" }, { "name": "18642", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18642" }, { "name": "18674", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18674" }, { "name": "MDKSA-2006:005", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005" }, { "name": "18313", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18313" }, { "name": "20051201-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U" }, { "name": "20060101-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U" }, { "name": "18448", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18448" }, { "name": "18436", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18436" }, { "name": "18428", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18428" }, { "name": "18380", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18380" }, { "name": "18423", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18423" }, { "name": "18416", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18416" }, { "name": "RHSA-2006:0177", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html" }, { "name": "ADV-2007-2280", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2007/2280" }, { "name": "GLSA-200601-02", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml" }, { "name": "18335", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18335" }, { "name": "18407", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18407" }, { "name": "18332", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18332" }, { "name": "18517", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18517" }, { "name": "18582", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18582" }, { "name": "18534", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18534" }, { "name": "SSA:2006-045-09", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE", "x_transferred" ], "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683" }, { "name": "xpdf-ccittfaxdecode-dctdecode-dos(24023)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24023" }, { "name": "18908", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18908" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.html" }, { "name": "25729", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/25729" }, { "name": "18414", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18414" }, { "name": "MDKSA-2006:006", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006" }, { "name": "18338", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18338" }, { "name": "MDKSA-2006:008", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008" }, { "name": "20060201-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U" }, { "name": "RHSA-2006:0160", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html" }, { "name": "MDKSA-2006:010", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010" }, { "name": "DSA-940", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2005/dsa-940" }, { "name": "MDKSA-2006:004", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004" }, { "name": "ADV-2006-0047", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/0047" }, { "name": "GLSA-200601-17", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml" }, { "name": "18389", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18389" }, { "name": "SSA:2006-045-04", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE", "x_transferred" ], "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747" }, { "name": "19377", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/19377" }, { "name": "FEDORA-2005-025", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html" }, { "name": "FLSA:175404", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded" }, { "name": "DSA-961", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-961" }, { "name": "18675", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18675" }, { "name": "18913", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18913" }, { "name": "DSA-938", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2005/dsa-938" }, { "name": "18334", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18334" }, { "name": "18375", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18375" }, { "name": "DSA-950", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-950" }, { "name": "18387", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18387" }, { "name": "MDKSA-2006:011", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011" }, { "name": "18385", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18385" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2006-01-06T00:00:00", "descriptions": [ { "lang": "en", "value": "Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka \"Infinite CPU spins.\"" } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-19T14:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "16143", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/16143" }, { "name": "DSA-932", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2005/dsa-932" }, { "name": "18349", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18349" }, { "name": "oval:org.mitre.oval:def:9575", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9575" }, { "name": "18147", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18147" }, { "name": "SCOSA-2006.15", "tags": [ "vendor-advisory", "x_refsource_SCO" ], "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt" }, { "tags": [ "x_refsource_MISC" ], "url": "http://scary.beasts.org/security/CESA-2005-003.txt" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.kde.org/info/security/advisory-20051207-2.txt" }, { "name": "18679", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18679" }, { "name": "18312", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18312" }, { "name": "18644", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18644" }, { "name": "USN-236-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/236-1/" }, { "name": "18425", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18425" }, { "name": "18373", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18373" }, { "name": "18303", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18303" }, { "name": "DSA-931", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2005/dsa-931" }, { "name": "18554", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18554" }, { "name": "MDKSA-2006:003", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003" }, { "name": "19230", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/19230" }, { "name": "102972", "tags": [ "vendor-advisory", "x_refsource_SUNALERT" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1" }, { "name": "MDKSA-2006:012", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012" }, { "name": "DSA-962", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-962" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.html" }, { "name": "RHSA-2006:0163", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html" }, { "name": "DSA-937", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2005/dsa-937" }, { "name": "18398", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18398" }, { "name": "FLSA-2006:176751", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded" }, { "name": "2006-0002", "tags": [ "vendor-advisory", "x_refsource_TRUSTIX" ], "url": "http://www.trustix.org/errata/2006/0002/" }, { "name": "SUSE-SA:2006:001", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html" }, { "name": "DSA-936", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-936" }, { "name": "FEDORA-2005-026", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html" }, { "name": "18329", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18329" }, { "name": "18463", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18463" }, { "name": "18642", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18642" }, { "name": "18674", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18674" }, { "name": "MDKSA-2006:005", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005" }, { "name": "18313", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18313" }, { "name": "20051201-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U" }, { "name": "20060101-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U" }, { "name": "18448", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18448" }, { "name": "18436", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18436" }, { "name": "18428", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18428" }, { "name": "18380", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18380" }, { "name": "18423", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18423" }, { "name": "18416", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18416" }, { "name": "RHSA-2006:0177", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html" }, { "name": "ADV-2007-2280", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2007/2280" }, { "name": "GLSA-200601-02", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml" }, { "name": "18335", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18335" }, { "name": "18407", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18407" }, { "name": "18332", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18332" }, { "name": "18517", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18517" }, { "name": "18582", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18582" }, { "name": "18534", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18534" }, { "name": "SSA:2006-045-09", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE" ], "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683" }, { "name": "xpdf-ccittfaxdecode-dctdecode-dos(24023)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24023" }, { "name": "18908", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18908" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.html" }, { "name": "25729", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/25729" }, { "name": "18414", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18414" }, { "name": "MDKSA-2006:006", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006" }, { "name": "18338", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18338" }, { "name": "MDKSA-2006:008", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008" }, { "name": "20060201-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U" }, { "name": "RHSA-2006:0160", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html" }, { "name": "MDKSA-2006:010", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010" }, { "name": "DSA-940", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2005/dsa-940" }, { "name": "MDKSA-2006:004", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004" }, { "name": "ADV-2006-0047", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/0047" }, { "name": "GLSA-200601-17", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml" }, { "name": "18389", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18389" }, { "name": "SSA:2006-045-04", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE" ], "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747" }, { "name": "19377", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/19377" }, { "name": "FEDORA-2005-025", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html" }, { "name": "FLSA:175404", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded" }, { "name": "DSA-961", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-961" }, { "name": "18675", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18675" }, { "name": "18913", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18913" }, { "name": "DSA-938", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2005/dsa-938" }, { "name": "18334", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18334" }, { "name": "18375", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18375" }, { "name": "DSA-950", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-950" }, { "name": "18387", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18387" }, { "name": "MDKSA-2006:011", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011" }, { "name": "18385", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18385" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2005-3625", "datePublished": "2006-01-06T22:00:00", "dateReserved": "2005-11-16T00:00:00", "dateUpdated": "2024-08-07T23:17:23.366Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2009-1180 (GCVE-0-2009-1180)
Vulnerability from cvelistv5
Published
2009-04-23 17:00
Modified
2024-08-07 05:04
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to execute arbitrary code via a crafted PDF file that triggers a free of invalid data.
References
► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T05:04:49.251Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "DSA-1793", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2009/dsa-1793" }, { "name": "34963", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/34963" }, { "name": "DSA-1790", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2009/dsa-1790" }, { "name": "35037", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/35037" }, { "name": "ADV-2009-1077", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2009/1077" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=495892" }, { "name": "35064", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/35064" }, { "name": "ADV-2009-1066", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2009/1066" }, { "name": "34481", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/34481" }, { "name": "oval:org.mitre.oval:def:9926", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9926" }, { "name": "SSA:2009-129-01", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE", "x_transferred" ], "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477" }, { "name": "RHSA-2009:0431", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html" }, { "name": "ADV-2009-1065", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2009/1065" }, { "name": "RHSA-2009:0430", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html" }, { "name": "FEDORA-2009-6972", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html" }, { "name": "35618", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/35618" }, { "name": "35065", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/35065" }, { "name": "RHSA-2009:0480", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://poppler.freedesktop.org/releases.html" }, { "name": "34568", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/34568" }, { "name": "MDVSA-2011:175", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175" }, { "name": "VU#196617", "tags": [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred" ], "url": "http://www.kb.cert.org/vuls/id/196617" }, { "name": "ADV-2010-1040", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2010/1040" }, { "name": "SUSE-SA:2009:024", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html" }, { "name": "RHSA-2009:0458", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html" }, { "name": "FEDORA-2009-6982", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html" }, { "name": "34991", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/34991" }, { "name": "MDVSA-2009:101", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101" }, { "name": "MDVSA-2010:087", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087" }, { "name": "SUSE-SR:2009:010", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html" }, { "name": "35685", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/35685" }, { "name": "ADV-2009-1076", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2009/1076" }, { "name": "34756", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/34756" }, { "name": "34291", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/34291" }, { "name": "34755", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/34755" }, { "name": "34852", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/34852" }, { "name": "SUSE-SR:2009:012", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html" }, { "name": "FEDORA-2009-6973", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html" }, { "name": "34959", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/34959" }, { "name": "34746", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/34746" }, { "name": "RHSA-2009:0429", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html" }, { "name": "1022073", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id?1022073" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2009-04-16T00:00:00", "descriptions": [ { "lang": "en", "value": "The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to execute arbitrary code via a crafted PDF file that triggers a free of invalid data." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-09-28T12:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "DSA-1793", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2009/dsa-1793" }, { "name": "34963", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/34963" }, { "name": "DSA-1790", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2009/dsa-1790" }, { "name": "35037", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/35037" }, { "name": "ADV-2009-1077", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2009/1077" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=495892" }, { "name": "35064", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/35064" }, { "name": "ADV-2009-1066", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2009/1066" }, { "name": "34481", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/34481" }, { "name": "oval:org.mitre.oval:def:9926", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9926" }, { "name": "SSA:2009-129-01", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE" ], "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477" }, { "name": "RHSA-2009:0431", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html" }, { "name": "ADV-2009-1065", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2009/1065" }, { "name": "RHSA-2009:0430", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html" }, { "name": "FEDORA-2009-6972", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html" }, { "name": "35618", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/35618" }, { "name": "35065", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/35065" }, { "name": "RHSA-2009:0480", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://poppler.freedesktop.org/releases.html" }, { "name": "34568", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/34568" }, { "name": "MDVSA-2011:175", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175" }, { "name": "VU#196617", "tags": [ "third-party-advisory", "x_refsource_CERT-VN" ], "url": "http://www.kb.cert.org/vuls/id/196617" }, { "name": "ADV-2010-1040", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2010/1040" }, { "name": "SUSE-SA:2009:024", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html" }, { "name": "RHSA-2009:0458", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html" }, { "name": "FEDORA-2009-6982", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html" }, { "name": "34991", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/34991" }, { "name": "MDVSA-2009:101", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101" }, { "name": "MDVSA-2010:087", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087" }, { "name": "SUSE-SR:2009:010", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html" }, { "name": "35685", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/35685" }, { "name": "ADV-2009-1076", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2009/1076" }, { "name": "34756", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/34756" }, { "name": "34291", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/34291" }, { "name": "34755", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/34755" }, { "name": "34852", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/34852" }, { "name": "SUSE-SR:2009:012", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html" }, { "name": "FEDORA-2009-6973", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html" }, { "name": "34959", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/34959" }, { "name": "34746", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/34746" }, { "name": "RHSA-2009:0429", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html" }, { "name": "1022073", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id?1022073" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2009-1180", "datePublished": "2009-04-23T17:00:00", "dateReserved": "2009-03-31T00:00:00", "dateUpdated": "2024-08-07T05:04:49.251Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2009-1181 (GCVE-0-2009-1181)
Vulnerability from cvelistv5
Published
2009-04-23 17:00
Modified
2024-08-07 05:04
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers a NULL pointer dereference.
References
► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T05:04:49.236Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "DSA-1793", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2009/dsa-1793" }, { "name": "34963", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/34963" }, { "name": "DSA-1790", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2009/dsa-1790" }, { "name": "35037", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/35037" }, { "name": "ADV-2009-1077", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2009/1077" }, { "name": "35064", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/35064" }, { "name": "ADV-2009-1066", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2009/1066" }, { "name": "34481", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/34481" }, { "name": "SSA:2009-129-01", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE", "x_transferred" ], "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477" }, { "name": "1022072", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id?1022072" }, { "name": "RHSA-2009:0431", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html" }, { "name": "ADV-2009-1065", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2009/1065" }, { "name": "RHSA-2009:0430", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html" }, { "name": "FEDORA-2009-6972", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html" }, { "name": "35618", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/35618" }, { "name": "35065", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/35065" }, { "name": "RHSA-2009:0480", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://poppler.freedesktop.org/releases.html" }, { "name": "34568", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/34568" }, { "name": "MDVSA-2011:175", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175" }, { "name": "VU#196617", "tags": [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred" ], "url": "http://www.kb.cert.org/vuls/id/196617" }, { "name": "ADV-2010-1040", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2010/1040" }, { "name": "SUSE-SA:2009:024", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html" }, { "name": "RHSA-2009:0458", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html" }, { "name": "FEDORA-2009-6982", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html" }, { "name": "34991", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/34991" }, { "name": "MDVSA-2009:101", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101" }, { "name": "oval:org.mitre.oval:def:9683", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9683" }, { "name": "MDVSA-2010:087", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087" }, { "name": "SUSE-SR:2009:010", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html" }, { "name": "35685", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/35685" }, { "name": "ADV-2009-1076", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2009/1076" }, { "name": "34756", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/34756" }, { "name": "34291", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/34291" }, { "name": "34755", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/34755" }, { "name": "34852", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/34852" }, { "name": "SUSE-SR:2009:012", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html" }, { "name": "FEDORA-2009-6973", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html" }, { "name": "34959", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/34959" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=495894" }, { "name": "34746", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/34746" }, { "name": "RHSA-2009:0429", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2009-04-16T00:00:00", "descriptions": [ { "lang": "en", "value": "The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers a NULL pointer dereference." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-09-28T12:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "DSA-1793", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2009/dsa-1793" }, { "name": "34963", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/34963" }, { "name": "DSA-1790", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2009/dsa-1790" }, { "name": "35037", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/35037" }, { "name": "ADV-2009-1077", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2009/1077" }, { "name": "35064", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/35064" }, { "name": "ADV-2009-1066", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2009/1066" }, { "name": "34481", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/34481" }, { "name": "SSA:2009-129-01", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE" ], "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477" }, { "name": "1022072", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id?1022072" }, { "name": "RHSA-2009:0431", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html" }, { "name": "ADV-2009-1065", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2009/1065" }, { "name": "RHSA-2009:0430", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html" }, { "name": "FEDORA-2009-6972", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html" }, { "name": "35618", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/35618" }, { "name": "35065", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/35065" }, { "name": "RHSA-2009:0480", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://poppler.freedesktop.org/releases.html" }, { "name": "34568", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/34568" }, { "name": "MDVSA-2011:175", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175" }, { "name": "VU#196617", "tags": [ "third-party-advisory", "x_refsource_CERT-VN" ], "url": "http://www.kb.cert.org/vuls/id/196617" }, { "name": "ADV-2010-1040", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2010/1040" }, { "name": "SUSE-SA:2009:024", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html" }, { "name": "RHSA-2009:0458", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html" }, { "name": "FEDORA-2009-6982", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html" }, { "name": "34991", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/34991" }, { "name": "MDVSA-2009:101", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101" }, { "name": "oval:org.mitre.oval:def:9683", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9683" }, { "name": "MDVSA-2010:087", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087" }, { "name": "SUSE-SR:2009:010", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html" }, { "name": "35685", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/35685" }, { "name": "ADV-2009-1076", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2009/1076" }, { "name": "34756", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/34756" }, { "name": "34291", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/34291" }, { "name": "34755", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/34755" }, { "name": "34852", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/34852" }, { "name": "SUSE-SR:2009:012", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html" }, { "name": "FEDORA-2009-6973", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html" }, { "name": "34959", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/34959" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=495894" }, { "name": "34746", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/34746" }, { "name": "RHSA-2009:0429", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2009-1181", "datePublished": "2009-04-23T17:00:00", "dateReserved": "2009-03-31T00:00:00", "dateUpdated": "2024-08-07T05:04:49.236Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2010-4654 (GCVE-0-2010-4654)
Vulnerability from cvelistv5
Published
2019-11-13 19:41
Modified
2024-08-07 03:51
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Other
Summary
poppler before 0.16.3 has malformed commands that may cause corruption of the internal stack.
References
► | URL | Tags | ||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T03:51:18.054Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://security-tracker.debian.org/tracker/CVE-2010-4654" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4654" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://access.redhat.com/security/cve/cve-2010-4654" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://security.gentoo.org/glsa/glsa-201310-03.xml" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "poppler", "vendor": "poppler", "versions": [ { "status": "affected", "version": "before 0.16.3" } ] } ], "descriptions": [ { "lang": "en", "value": "poppler before 0.16.3 has malformed commands that may cause corruption of the internal stack." } ], "problemTypes": [ { "descriptions": [ { "description": "Other", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2019-11-13T19:41:43", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://security-tracker.debian.org/tracker/CVE-2010-4654" }, { "tags": [ "x_refsource_MISC" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4654" }, { "tags": [ "x_refsource_MISC" ], "url": "https://access.redhat.com/security/cve/cve-2010-4654" }, { "tags": [ "x_refsource_MISC" ], "url": "http://security.gentoo.org/glsa/glsa-201310-03.xml" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2010-4654", "datePublished": "2019-11-13T19:41:43", "dateReserved": "2011-01-03T00:00:00", "dateUpdated": "2024-08-07T03:51:18.054Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2009-3604 (GCVE-0-2009-3604)
Vulnerability from cvelistv5
Published
2009-10-21 17:00
Modified
2024-08-07 06:31
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The Splash::drawImage function in Splash.cc in Xpdf 2.x and 3.x before 3.02pl4, and Poppler 0.x, as used in GPdf and kdegraphics KPDF, does not properly allocate memory, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document that triggers a NULL pointer dereference or a heap-based buffer overflow.
References
► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T06:31:10.557Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "39938", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/39938" }, { "name": "37042", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/37042" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl4.patch" }, { "name": "MDVSA-2009:287", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:287" }, { "name": "37028", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/37028" }, { "name": "FEDORA-2010-1377", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035408.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://site.pi3.com.pl/adv/xpdf.txt" }, { "name": "FEDORA-2009-10823", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00750.html" }, { "name": "RHSA-2009:1501", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://rhn.redhat.com/errata/RHSA-2009-1501.html" }, { "name": "37079", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/37079" }, { "name": "SUSE-SR:2009:018", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html" }, { "name": "xpdf-splashdrawimage-bo(53795)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53795" }, { "name": "DSA-2028", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2010/dsa-2028" }, { "name": "DSA-2050", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2010/dsa-2050" }, { "name": "37159", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/37159" }, { "name": "FEDORA-2010-1805", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035340.html" }, { "name": "1021706", "tags": [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1" }, { "name": "FEDORA-2009-10845", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00784.html" }, { "name": "RHSA-2009:1512", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://rhn.redhat.com/errata/RHSA-2009-1512.html" }, { "name": "37114", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/37114" }, { "name": "37077", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/37077" }, { "name": "1023029", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://securitytracker.com/id?1023029" }, { "name": "RHSA-2009:1503", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://rhn.redhat.com/errata/RHSA-2009-1503.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://cgit.freedesktop.org/poppler/poppler/diff/?id=284a928996\u0026id2=75c3466ba2" }, { "name": "MDVSA-2011:175", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175" }, { "name": "oval:org.mitre.oval:def:10969", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10969" }, { "name": "37037", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/37037" }, { "name": "ADV-2010-1040", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2010/1040" }, { "name": "USN-850-3", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/USN-850-3" }, { "name": "ADV-2010-0802", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2010/0802" }, { "name": "RHSA-2009:1502", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://rhn.redhat.com/errata/RHSA-2009-1502.html" }, { "name": "FEDORA-2010-1842", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035399.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=9cf2325fb2" }, { "name": "RHSA-2009:1500", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://rhn.redhat.com/errata/RHSA-2009-1500.html" }, { "name": "ADV-2009-2928", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2009/2928" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=526911" }, { "name": "37023", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/37023" }, { "name": "ADV-2009-2924", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2009/2924" }, { "name": "MDVSA-2010:087", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087" }, { "name": "274030", "tags": [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1" }, { "name": "ADV-2010-1220", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2010/1220" }, { "name": "USN-850-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/USN-850-1" }, { "name": "37053", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/37053" }, { "name": "39327", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/39327" }, { "name": "37043", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/37043" }, { "name": "36703", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/36703" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2009-10-15T00:00:00", "descriptions": [ { "lang": "en", "value": "The Splash::drawImage function in Splash.cc in Xpdf 2.x and 3.x before 3.02pl4, and Poppler 0.x, as used in GPdf and kdegraphics KPDF, does not properly allocate memory, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document that triggers a NULL pointer dereference or a heap-based buffer overflow." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-09-18T12:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "39938", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/39938" }, { "name": "37042", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/37042" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl4.patch" }, { "name": "MDVSA-2009:287", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:287" }, { "name": "37028", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/37028" }, { "name": "FEDORA-2010-1377", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035408.html" }, { "tags": [ "x_refsource_MISC" ], "url": "http://site.pi3.com.pl/adv/xpdf.txt" }, { "name": "FEDORA-2009-10823", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00750.html" }, { "name": "RHSA-2009:1501", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://rhn.redhat.com/errata/RHSA-2009-1501.html" }, { "name": "37079", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/37079" }, { "name": "SUSE-SR:2009:018", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html" }, { "name": "xpdf-splashdrawimage-bo(53795)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53795" }, { "name": "DSA-2028", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2010/dsa-2028" }, { "name": "DSA-2050", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2010/dsa-2050" }, { "name": "37159", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/37159" }, { "name": "FEDORA-2010-1805", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035340.html" }, { "name": "1021706", "tags": [ "vendor-advisory", "x_refsource_SUNALERT" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1" }, { "name": "FEDORA-2009-10845", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00784.html" }, { "name": "RHSA-2009:1512", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://rhn.redhat.com/errata/RHSA-2009-1512.html" }, { "name": "37114", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/37114" }, { "name": "37077", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/37077" }, { "name": "1023029", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://securitytracker.com/id?1023029" }, { "name": "RHSA-2009:1503", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://rhn.redhat.com/errata/RHSA-2009-1503.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://cgit.freedesktop.org/poppler/poppler/diff/?id=284a928996\u0026id2=75c3466ba2" }, { "name": "MDVSA-2011:175", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175" }, { "name": "oval:org.mitre.oval:def:10969", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10969" }, { "name": "37037", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/37037" }, { "name": "ADV-2010-1040", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2010/1040" }, { "name": "USN-850-3", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/USN-850-3" }, { "name": "ADV-2010-0802", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2010/0802" }, { "name": "RHSA-2009:1502", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://rhn.redhat.com/errata/RHSA-2009-1502.html" }, { "name": "FEDORA-2010-1842", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035399.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=9cf2325fb2" }, { "name": "RHSA-2009:1500", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://rhn.redhat.com/errata/RHSA-2009-1500.html" }, { "name": "ADV-2009-2928", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2009/2928" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=526911" }, { "name": "37023", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/37023" }, { "name": "ADV-2009-2924", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2009/2924" }, { "name": "MDVSA-2010:087", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087" }, { "name": "274030", "tags": [ "vendor-advisory", "x_refsource_SUNALERT" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1" }, { "name": "ADV-2010-1220", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2010/1220" }, { "name": "USN-850-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/USN-850-1" }, { "name": "37053", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/37053" }, { "name": "39327", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/39327" }, { "name": "37043", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/37043" }, { "name": "36703", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/36703" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2009-3604", "datePublished": "2009-10-21T17:00:00", "dateReserved": "2009-10-09T00:00:00", "dateUpdated": "2024-08-07T06:31:10.557Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2009-3938 (GCVE-0-2009-3938)
Vulnerability from cvelistv5
Published
2009-11-13 16:00
Modified
2024-08-07 06:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in the ABWOutputDev::endWord function in poppler/ABWOutputDev.cc in Poppler (aka libpoppler) 0.10.6, 0.12.0, and possibly other versions, as used by the Abiword pdftoabw utility, allows user-assisted remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted PDF file.
References
► | URL | Tags | |||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T06:45:50.643Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "DSA-1941", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2009/dsa-1941" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://bugs.freedesktop.org/attachment.cgi?id=30599\u0026action=edit" }, { "name": "MDVSA-2011:175", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175" }, { "name": "36976", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/36976" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://bugs.freedesktop.org/show_bug.cgi?id=23074" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=534680" }, { "name": "poppler-abwoutputdev-bo(54215)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54215" }, { "name": "37333", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/37333" }, { "name": "ADV-2009-3227", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2009/3227" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2009-06-26T00:00:00", "descriptions": [ { "lang": "en", "value": "Buffer overflow in the ABWOutputDev::endWord function in poppler/ABWOutputDev.cc in Poppler (aka libpoppler) 0.10.6, 0.12.0, and possibly other versions, as used by the Abiword pdftoabw utility, allows user-assisted remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted PDF file." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-08-16T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "DSA-1941", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2009/dsa-1941" }, { "tags": [ "x_refsource_MISC" ], "url": "http://bugs.freedesktop.org/attachment.cgi?id=30599\u0026action=edit" }, { "name": "MDVSA-2011:175", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175" }, { "name": "36976", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/36976" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://bugs.freedesktop.org/show_bug.cgi?id=23074" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=534680" }, { "name": "poppler-abwoutputdev-bo(54215)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54215" }, { "name": "37333", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/37333" }, { "name": "ADV-2009-3227", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2009/3227" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2009-3938", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Buffer overflow in the ABWOutputDev::endWord function in poppler/ABWOutputDev.cc in Poppler (aka libpoppler) 0.10.6, 0.12.0, and possibly other versions, as used by the Abiword pdftoabw utility, allows user-assisted remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted PDF file." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "DSA-1941", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2009/dsa-1941" }, { "name": "http://bugs.freedesktop.org/attachment.cgi?id=30599\u0026action=edit", "refsource": "MISC", "url": "http://bugs.freedesktop.org/attachment.cgi?id=30599\u0026action=edit" }, { "name": "MDVSA-2011:175", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175" }, { "name": "36976", "refsource": "BID", "url": "http://www.securityfocus.com/bid/36976" }, { "name": "http://bugs.freedesktop.org/show_bug.cgi?id=23074", "refsource": "CONFIRM", "url": "http://bugs.freedesktop.org/show_bug.cgi?id=23074" }, { "name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=534680", "refsource": "CONFIRM", "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=534680" }, { "name": "poppler-abwoutputdev-bo(54215)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54215" }, { "name": "37333", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/37333" }, { "name": "ADV-2009-3227", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2009/3227" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2009-3938", "datePublished": "2009-11-13T16:00:00", "dateReserved": "2009-11-13T00:00:00", "dateUpdated": "2024-08-07T06:45:50.643Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2009-0756 (GCVE-0-2009-0756)
Vulnerability from cvelistv5
Published
2009-03-03 16:00
Modified
2024-08-07 04:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The JBIG2Stream::readSymbolDictSeg function in Poppler before 0.10.4 allows remote attackers to cause a denial of service (crash) via a PDF file that triggers a parsing error, which is not properly handled by JBIG2SymbolDict::~JBIG2SymbolDict and triggers an invalid memory dereference.
References
► | URL | Tags | ||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T04:48:51.602Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "33749", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/33749" }, { "name": "33853", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/33853" }, { "name": "[oss-security] 20090219 Re: CVE Request: Poppler -Two Denial of Service Vulnerabilities", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2009/02/19/2" }, { "name": "[oss-security] 20090213 CVE Request: Poppler -Two Denial of Service Vulnerabilities", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2009/02/13/1" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://wiki.rpath.com/Advisories:rPSA-2009-0059" }, { "name": "35685", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/35685" }, { "name": "20090417 rPSA-2009-0059-1 poppler", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/502761/100/0/threaded" }, { "name": "[poppler] 20090123 poppler/JBIG2Stream.cc", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://lists.freedesktop.org/archives/poppler/2009-January/004403.html" }, { "name": "SUSE-SR:2009:012", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://bugs.freedesktop.org/show_bug.cgi?id=19702" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2009-01-23T00:00:00", "descriptions": [ { "lang": "en", "value": "The JBIG2Stream::readSymbolDictSeg function in Poppler before 0.10.4 allows remote attackers to cause a denial of service (crash) via a PDF file that triggers a parsing error, which is not properly handled by JBIG2SymbolDict::~JBIG2SymbolDict and triggers an invalid memory dereference." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-10T18:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "33749", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/33749" }, { "name": "33853", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/33853" }, { "name": "[oss-security] 20090219 Re: CVE Request: Poppler -Two Denial of Service Vulnerabilities", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://www.openwall.com/lists/oss-security/2009/02/19/2" }, { "name": "[oss-security] 20090213 CVE Request: Poppler -Two Denial of Service Vulnerabilities", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://www.openwall.com/lists/oss-security/2009/02/13/1" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://wiki.rpath.com/Advisories:rPSA-2009-0059" }, { "name": "35685", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/35685" }, { "name": "20090417 rPSA-2009-0059-1 poppler", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/502761/100/0/threaded" }, { "name": "[poppler] 20090123 poppler/JBIG2Stream.cc", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://lists.freedesktop.org/archives/poppler/2009-January/004403.html" }, { "name": "SUSE-SR:2009:012", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://bugs.freedesktop.org/show_bug.cgi?id=19702" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2009-0756", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The JBIG2Stream::readSymbolDictSeg function in Poppler before 0.10.4 allows remote attackers to cause a denial of service (crash) via a PDF file that triggers a parsing error, which is not properly handled by JBIG2SymbolDict::~JBIG2SymbolDict and triggers an invalid memory dereference." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "33749", "refsource": "BID", "url": "http://www.securityfocus.com/bid/33749" }, { "name": "33853", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/33853" }, { "name": "[oss-security] 20090219 Re: CVE Request: Poppler -Two Denial of Service Vulnerabilities", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2009/02/19/2" }, { "name": "[oss-security] 20090213 CVE Request: Poppler -Two Denial of Service Vulnerabilities", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2009/02/13/1" }, { "name": "http://wiki.rpath.com/Advisories:rPSA-2009-0059", "refsource": "CONFIRM", "url": "http://wiki.rpath.com/Advisories:rPSA-2009-0059" }, { "name": "35685", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/35685" }, { "name": "20090417 rPSA-2009-0059-1 poppler", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/502761/100/0/threaded" }, { "name": "[poppler] 20090123 poppler/JBIG2Stream.cc", "refsource": "MLIST", "url": "http://lists.freedesktop.org/archives/poppler/2009-January/004403.html" }, { "name": "SUSE-SR:2009:012", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html" }, { "name": "http://bugs.freedesktop.org/show_bug.cgi?id=19702", "refsource": "CONFIRM", "url": "http://bugs.freedesktop.org/show_bug.cgi?id=19702" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2009-0756", "datePublished": "2009-03-03T16:00:00", "dateReserved": "2009-03-03T00:00:00", "dateUpdated": "2024-08-07T04:48:51.602Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2009-3605 (GCVE-0-2009-3605)
Vulnerability from cvelistv5
Published
2009-11-02 15:00
Modified
2024-08-07 06:31
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple integer overflows in Poppler 0.10.5 and earlier allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF file, related to (1) glib/poppler-page.cc; (2) ArthurOutputDev.cc, (3) CairoOutputDev.cc, (4) GfxState.cc, (5) JBIG2Stream.cc, (6) PSOutputDev.cc, and (7) SplashOutputDev.cc in poppler/; and (8) SplashBitmap.cc, (9) Splash.cc, and (10) SplashFTFont.cc in splash/. NOTE: this may overlap CVE-2009-0791.
References
► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T06:31:10.587Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://launchpad.net/ubuntu/+archive/primary/+files/poppler_0.8.7-1ubuntu0.4.diff.gz" }, { "name": "SUSE-SR:2009:018", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=9cf2325fb22f812b31858e519411f57747d39bd8" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=7b2d314a61fd0e12f47c62996cb49ec0d1ba747a" }, { "name": "1021706", "tags": [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1" }, { "name": "37114", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/37114" }, { "name": "MDVSA-2011:175", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175" }, { "name": "oval:org.mitre.oval:def:7731", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7731" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://launchpad.net/ubuntu/+archive/primary/+files/poppler_0.10.5-1ubuntu2.4.diff.gz" }, { "name": "274030", "tags": [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1" }, { "name": "USN-850-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/USN-850-1" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://bugs.launchpad.net/bugs/cve/2009-3605" }, { "name": "MDVSA-2009:334", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:334" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=491840" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=284a92899602daa4a7f429e61849e794569310b5" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2009-10-21T00:00:00", "descriptions": [ { "lang": "en", "value": "Multiple integer overflows in Poppler 0.10.5 and earlier allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF file, related to (1) glib/poppler-page.cc; (2) ArthurOutputDev.cc, (3) CairoOutputDev.cc, (4) GfxState.cc, (5) JBIG2Stream.cc, (6) PSOutputDev.cc, and (7) SplashOutputDev.cc in poppler/; and (8) SplashBitmap.cc, (9) Splash.cc, and (10) SplashFTFont.cc in splash/. NOTE: this may overlap CVE-2009-0791." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-09-18T12:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://launchpad.net/ubuntu/+archive/primary/+files/poppler_0.8.7-1ubuntu0.4.diff.gz" }, { "name": "SUSE-SR:2009:018", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=9cf2325fb22f812b31858e519411f57747d39bd8" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=7b2d314a61fd0e12f47c62996cb49ec0d1ba747a" }, { "name": "1021706", "tags": [ "vendor-advisory", "x_refsource_SUNALERT" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1" }, { "name": "37114", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/37114" }, { "name": "MDVSA-2011:175", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175" }, { "name": "oval:org.mitre.oval:def:7731", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7731" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://launchpad.net/ubuntu/+archive/primary/+files/poppler_0.10.5-1ubuntu2.4.diff.gz" }, { "name": "274030", "tags": [ "vendor-advisory", "x_refsource_SUNALERT" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1" }, { "name": "USN-850-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/USN-850-1" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://bugs.launchpad.net/bugs/cve/2009-3605" }, { "name": "MDVSA-2009:334", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:334" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=491840" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=284a92899602daa4a7f429e61849e794569310b5" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2009-3605", "datePublished": "2009-11-02T15:00:00", "dateReserved": "2009-10-09T00:00:00", "dateUpdated": "2024-08-07T06:31:10.587Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2009-0799 (GCVE-0-2009-0799)
Vulnerability from cvelistv5
Published
2009-04-23 17:00
Modified
2024-08-07 04:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers an out-of-bounds read.
References
► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T04:48:52.381Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "oval:org.mitre.oval:def:10204", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10204" }, { "name": "DSA-1793", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2009/dsa-1793" }, { "name": "34963", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/34963" }, { "name": "DSA-1790", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2009/dsa-1790" }, { "name": "35037", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/35037" }, { "name": "ADV-2009-1077", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2009/1077" }, { "name": "35064", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/35064" }, { "name": "ADV-2009-1066", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2009/1066" }, { "name": "34481", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/34481" }, { "name": "SSA:2009-129-01", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE", "x_transferred" ], "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477" }, { "name": "1022072", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id?1022072" }, { "name": "RHSA-2009:0431", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html" }, { "name": "ADV-2009-1065", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2009/1065" }, { "name": "RHSA-2009:0430", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html" }, { "name": "FEDORA-2009-6972", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html" }, { "name": "35618", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/35618" }, { "name": "35065", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/35065" }, { "name": "RHSA-2009:0480", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://poppler.freedesktop.org/releases.html" }, { "name": "34568", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/34568" }, { "name": "MDVSA-2011:175", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175" }, { "name": "VU#196617", "tags": [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred" ], "url": "http://www.kb.cert.org/vuls/id/196617" }, { "name": "ADV-2010-1040", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2010/1040" }, { "name": "SUSE-SA:2009:024", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html" }, { "name": "RHSA-2009:0458", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html" }, { "name": "FEDORA-2009-6982", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html" }, { "name": "34991", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/34991" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=495886" }, { "name": "MDVSA-2009:101", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101" }, { "name": "MDVSA-2010:087", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087" }, { "name": "SUSE-SR:2009:010", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html" }, { "name": "35685", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/35685" }, { "name": "ADV-2009-1076", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2009/1076" }, { "name": "34756", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/34756" }, { "name": "34291", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/34291" }, { "name": "34755", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/34755" }, { "name": "34852", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/34852" }, { "name": "SUSE-SR:2009:012", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html" }, { "name": "FEDORA-2009-6973", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html" }, { "name": "34959", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/34959" }, { "name": "34746", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/34746" }, { "name": "RHSA-2009:0429", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2009-04-16T00:00:00", "descriptions": [ { "lang": "en", "value": "The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers an out-of-bounds read." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-09-28T12:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "oval:org.mitre.oval:def:10204", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10204" }, { "name": "DSA-1793", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2009/dsa-1793" }, { "name": "34963", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/34963" }, { "name": "DSA-1790", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2009/dsa-1790" }, { "name": "35037", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/35037" }, { "name": "ADV-2009-1077", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2009/1077" }, { "name": "35064", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/35064" }, { "name": "ADV-2009-1066", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2009/1066" }, { "name": "34481", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/34481" }, { "name": "SSA:2009-129-01", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE" ], "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477" }, { "name": "1022072", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id?1022072" }, { "name": "RHSA-2009:0431", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html" }, { "name": "ADV-2009-1065", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2009/1065" }, { "name": "RHSA-2009:0430", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html" }, { "name": "FEDORA-2009-6972", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html" }, { "name": "35618", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/35618" }, { "name": "35065", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/35065" }, { "name": "RHSA-2009:0480", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://poppler.freedesktop.org/releases.html" }, { "name": "34568", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/34568" }, { "name": "MDVSA-2011:175", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175" }, { "name": "VU#196617", "tags": [ "third-party-advisory", "x_refsource_CERT-VN" ], "url": "http://www.kb.cert.org/vuls/id/196617" }, { "name": "ADV-2010-1040", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2010/1040" }, { "name": "SUSE-SA:2009:024", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html" }, { "name": "RHSA-2009:0458", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html" }, { "name": "FEDORA-2009-6982", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html" }, { "name": "34991", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/34991" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=495886" }, { "name": "MDVSA-2009:101", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101" }, { "name": "MDVSA-2010:087", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087" }, { "name": "SUSE-SR:2009:010", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html" }, { "name": "35685", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/35685" }, { "name": "ADV-2009-1076", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2009/1076" }, { "name": "34756", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/34756" }, { "name": "34291", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/34291" }, { "name": "34755", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/34755" }, { "name": "34852", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/34852" }, { "name": "SUSE-SR:2009:012", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html" }, { "name": "FEDORA-2009-6973", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html" }, { "name": "34959", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/34959" }, { "name": "34746", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/34746" }, { "name": "RHSA-2009:0429", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2009-0799", "datePublished": "2009-04-23T17:00:00", "dateReserved": "2009-03-04T00:00:00", "dateUpdated": "2024-08-07T04:48:52.381Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2009-3603 (GCVE-0-2009-3603)
Vulnerability from cvelistv5
Published
2009-10-21 17:00
Modified
2024-08-07 06:31
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Integer overflow in the SplashBitmap::SplashBitmap function in Xpdf 3.x before 3.02pl4 and Poppler before 0.12.1 might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow. NOTE: some of these details are obtained from third party information. NOTE: this issue reportedly exists because of an incomplete fix for CVE-2009-1188.
References
► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T06:31:10.565Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "39938", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/39938" }, { "name": "RHSA-2009:1504", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://rhn.redhat.com/errata/RHSA-2009-1504.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl4.patch" }, { "name": "MDVSA-2009:287", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:287" }, { "name": "FEDORA-2010-1377", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035408.html" }, { "name": "FEDORA-2009-10823", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00750.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://poppler.freedesktop.org/" }, { "name": "SUSE-SR:2009:018", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html" }, { "name": "DSA-2028", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2010/dsa-2028" }, { "name": "DSA-2050", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2010/dsa-2050" }, { "name": "37159", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/37159" }, { "name": "37054", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/37054" }, { "name": "FEDORA-2010-1805", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035340.html" }, { "name": "1021706", "tags": [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1" }, { "name": "FEDORA-2009-10845", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00784.html" }, { "name": "37114", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/37114" }, { "name": "1023029", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://securitytracker.com/id?1023029" }, { "name": "MDVSA-2011:175", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175" }, { "name": "ADV-2010-1040", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2010/1040" }, { "name": "USN-850-3", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/USN-850-3" }, { "name": "ADV-2010-0802", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2010/0802" }, { "name": "FEDORA-2010-1842", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035399.html" }, { "name": "xpdf-splashbitmap-bo(53793)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53793" }, { "name": "37034", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/37034" }, { "name": "ADV-2009-2924", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2009/2924" }, { "name": "MDVSA-2010:087", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087" }, { "name": "274030", "tags": [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1" }, { "name": "ADV-2010-1220", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2010/1220" }, { "name": "USN-850-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/USN-850-1" }, { "name": "37053", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/37053" }, { "name": "39327", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/39327" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=526915" }, { "name": "oval:org.mitre.oval:def:9671", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9671" }, { "name": "36703", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/36703" }, { "name": "ADV-2009-2925", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2009/2925" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2009-10-15T00:00:00", "descriptions": [ { "lang": "en", "value": "Integer overflow in the SplashBitmap::SplashBitmap function in Xpdf 3.x before 3.02pl4 and Poppler before 0.12.1 might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow. NOTE: some of these details are obtained from third party information. NOTE: this issue reportedly exists because of an incomplete fix for CVE-2009-1188." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-09-18T12:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "39938", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/39938" }, { "name": "RHSA-2009:1504", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://rhn.redhat.com/errata/RHSA-2009-1504.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl4.patch" }, { "name": "MDVSA-2009:287", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:287" }, { "name": "FEDORA-2010-1377", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035408.html" }, { "name": "FEDORA-2009-10823", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00750.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://poppler.freedesktop.org/" }, { "name": "SUSE-SR:2009:018", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html" }, { "name": "DSA-2028", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2010/dsa-2028" }, { "name": "DSA-2050", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2010/dsa-2050" }, { "name": "37159", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/37159" }, { "name": "37054", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/37054" }, { "name": "FEDORA-2010-1805", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035340.html" }, { "name": "1021706", "tags": [ "vendor-advisory", "x_refsource_SUNALERT" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1" }, { "name": "FEDORA-2009-10845", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00784.html" }, { "name": "37114", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/37114" }, { "name": "1023029", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://securitytracker.com/id?1023029" }, { "name": "MDVSA-2011:175", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175" }, { "name": "ADV-2010-1040", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2010/1040" }, { "name": "USN-850-3", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/USN-850-3" }, { "name": "ADV-2010-0802", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2010/0802" }, { "name": "FEDORA-2010-1842", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035399.html" }, { "name": "xpdf-splashbitmap-bo(53793)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53793" }, { "name": "37034", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/37034" }, { "name": "ADV-2009-2924", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2009/2924" }, { "name": "MDVSA-2010:087", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087" }, { "name": "274030", "tags": [ "vendor-advisory", "x_refsource_SUNALERT" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1" }, { "name": "ADV-2010-1220", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2010/1220" }, { "name": "USN-850-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/USN-850-1" }, { "name": "37053", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/37053" }, { "name": "39327", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/39327" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=526915" }, { "name": "oval:org.mitre.oval:def:9671", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9671" }, { "name": "36703", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/36703" }, { "name": "ADV-2009-2925", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2009/2925" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2009-3603", "datePublished": "2009-10-21T17:00:00", "dateReserved": "2009-10-09T00:00:00", "dateUpdated": "2024-08-07T06:31:10.565Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2005-3626 (GCVE-0-2005-3626)
Vulnerability from cvelistv5
Published
2006-01-06 22:00
Modified
2024-08-07 23:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference.
References
► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T23:17:23.446Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "16143", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/16143" }, { "name": "DSA-932", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2005/dsa-932" }, { "name": "18349", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18349" }, { "name": "18147", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18147" }, { "name": "SCOSA-2006.15", "tags": [ "vendor-advisory", "x_refsource_SCO", "x_transferred" ], "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://scary.beasts.org/security/CESA-2005-003.txt" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.kde.org/info/security/advisory-20051207-2.txt" }, { "name": "18679", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18679" }, { "name": "18312", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18312" }, { "name": "18644", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18644" }, { "name": "USN-236-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/236-1/" }, { "name": "18425", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18425" }, { "name": "18373", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18373" }, { "name": "oval:org.mitre.oval:def:9992", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9992" }, { "name": "18303", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18303" }, { "name": "DSA-931", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2005/dsa-931" }, { "name": "18554", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18554" }, { "name": "MDKSA-2006:003", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003" }, { "name": "19230", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/19230" }, { "name": "102972", "tags": [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1" }, { "name": "MDKSA-2006:012", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012" }, { "name": "DSA-962", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-962" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.html" }, { "name": "RHSA-2006:0163", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html" }, { "name": "DSA-937", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2005/dsa-937" }, { "name": "18398", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18398" }, { "name": "FLSA-2006:176751", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded" }, { "name": "2006-0002", "tags": [ "vendor-advisory", "x_refsource_TRUSTIX", "x_transferred" ], "url": "http://www.trustix.org/errata/2006/0002/" }, { "name": "SUSE-SA:2006:001", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html" }, { "name": "DSA-936", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-936" }, { "name": "FEDORA-2005-026", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html" }, { "name": "18329", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18329" }, { "name": "18463", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18463" }, { "name": "18642", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18642" }, { "name": "18674", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18674" }, { "name": "MDKSA-2006:005", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005" }, { "name": "18313", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18313" }, { "name": "20051201-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U" }, { "name": "20060101-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U" }, { "name": "18448", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18448" }, { "name": "18436", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18436" }, { "name": "18428", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18428" }, { "name": "xpdf-flatedecode-dos(24026)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24026" }, { "name": "18380", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18380" }, { "name": "18423", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18423" }, { "name": "18416", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18416" }, { "name": "RHSA-2006:0177", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html" }, { "name": "ADV-2007-2280", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2007/2280" }, { "name": "GLSA-200601-02", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml" }, { "name": "18335", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18335" }, { "name": "18407", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18407" }, { "name": "18332", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18332" }, { "name": "18517", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18517" }, { "name": "18582", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18582" }, { "name": "18534", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18534" }, { "name": "SSA:2006-045-09", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE", "x_transferred" ], "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683" }, { "name": "18908", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18908" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.html" }, { "name": "25729", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/25729" }, { "name": "18414", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18414" }, { "name": "MDKSA-2006:006", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006" }, { "name": "18338", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18338" }, { "name": "MDKSA-2006:008", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008" }, { "name": "20060201-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U" }, { "name": "RHSA-2006:0160", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html" }, { "name": "MDKSA-2006:010", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010" }, { "name": "DSA-940", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2005/dsa-940" }, { "name": "MDKSA-2006:004", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004" }, { "name": "ADV-2006-0047", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/0047" }, { "name": "GLSA-200601-17", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml" }, { "name": "18389", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18389" }, { "name": "SSA:2006-045-04", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE", "x_transferred" ], "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747" }, { "name": "19377", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/19377" }, { "name": "FEDORA-2005-025", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html" }, { "name": "FLSA:175404", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded" }, { "name": "DSA-961", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-961" }, { "name": "18675", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18675" }, { "name": "18913", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18913" }, { "name": "DSA-938", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2005/dsa-938" }, { "name": "18334", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18334" }, { "name": "18375", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18375" }, { "name": "DSA-950", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-950" }, { "name": "18387", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18387" }, { "name": "MDKSA-2006:011", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011" }, { "name": "18385", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18385" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2006-01-06T00:00:00", "descriptions": [ { "lang": "en", "value": "Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-19T14:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "16143", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/16143" }, { "name": "DSA-932", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2005/dsa-932" }, { "name": "18349", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18349" }, { "name": "18147", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18147" }, { "name": "SCOSA-2006.15", "tags": [ "vendor-advisory", "x_refsource_SCO" ], "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt" }, { "tags": [ "x_refsource_MISC" ], "url": "http://scary.beasts.org/security/CESA-2005-003.txt" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.kde.org/info/security/advisory-20051207-2.txt" }, { "name": "18679", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18679" }, { "name": "18312", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18312" }, { "name": "18644", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18644" }, { "name": "USN-236-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/236-1/" }, { "name": "18425", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18425" }, { "name": "18373", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18373" }, { "name": "oval:org.mitre.oval:def:9992", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9992" }, { "name": "18303", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18303" }, { "name": "DSA-931", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2005/dsa-931" }, { "name": "18554", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18554" }, { "name": "MDKSA-2006:003", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003" }, { "name": "19230", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/19230" }, { "name": "102972", "tags": [ "vendor-advisory", "x_refsource_SUNALERT" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1" }, { "name": "MDKSA-2006:012", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012" }, { "name": "DSA-962", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-962" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.html" }, { "name": "RHSA-2006:0163", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html" }, { "name": "DSA-937", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2005/dsa-937" }, { "name": "18398", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18398" }, { "name": "FLSA-2006:176751", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded" }, { "name": "2006-0002", "tags": [ "vendor-advisory", "x_refsource_TRUSTIX" ], "url": "http://www.trustix.org/errata/2006/0002/" }, { "name": "SUSE-SA:2006:001", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html" }, { "name": "DSA-936", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-936" }, { "name": "FEDORA-2005-026", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html" }, { "name": "18329", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18329" }, { "name": "18463", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18463" }, { "name": "18642", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18642" }, { "name": "18674", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18674" }, { "name": "MDKSA-2006:005", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005" }, { "name": "18313", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18313" }, { "name": "20051201-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U" }, { "name": "20060101-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U" }, { "name": "18448", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18448" }, { "name": "18436", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18436" }, { "name": "18428", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18428" }, { "name": "xpdf-flatedecode-dos(24026)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24026" }, { "name": "18380", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18380" }, { "name": "18423", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18423" }, { "name": "18416", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18416" }, { "name": "RHSA-2006:0177", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html" }, { "name": "ADV-2007-2280", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2007/2280" }, { "name": "GLSA-200601-02", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml" }, { "name": "18335", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18335" }, { "name": "18407", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18407" }, { "name": "18332", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18332" }, { "name": "18517", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18517" }, { "name": "18582", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18582" }, { "name": "18534", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18534" }, { "name": "SSA:2006-045-09", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE" ], "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683" }, { "name": "18908", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18908" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.html" }, { "name": "25729", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/25729" }, { "name": "18414", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18414" }, { "name": "MDKSA-2006:006", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006" }, { "name": "18338", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18338" }, { "name": "MDKSA-2006:008", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008" }, { "name": "20060201-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U" }, { "name": "RHSA-2006:0160", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html" }, { "name": "MDKSA-2006:010", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010" }, { "name": "DSA-940", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2005/dsa-940" }, { "name": "MDKSA-2006:004", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004" }, { "name": "ADV-2006-0047", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/0047" }, { "name": "GLSA-200601-17", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml" }, { "name": "18389", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18389" }, { "name": "SSA:2006-045-04", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE" ], "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747" }, { "name": "19377", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/19377" }, { "name": "FEDORA-2005-025", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html" }, { "name": "FLSA:175404", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded" }, { "name": "DSA-961", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-961" }, { "name": "18675", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18675" }, { "name": "18913", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18913" }, { "name": "DSA-938", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2005/dsa-938" }, { "name": "18334", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18334" }, { "name": "18375", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18375" }, { "name": "DSA-950", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-950" }, { "name": "18387", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18387" }, { "name": "MDKSA-2006:011", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011" }, { "name": "18385", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18385" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2005-3626", "datePublished": "2006-01-06T22:00:00", "dateReserved": "2005-11-16T00:00:00", "dateUpdated": "2024-08-07T23:17:23.446Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2010-0207 (GCVE-0-2010-0207)
Vulnerability from cvelistv5
Published
2019-10-30 20:46
Modified
2024-08-07 00:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Other
Summary
In xpdf, the xref table contains an infinite loop which allows remote attackers to cause a denial of service (application crash) in xpdf-based PDF viewers.
References
► | URL | Tags | ||||||
---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T00:37:54.327Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://security-tracker.debian.org/tracker/CVE-2010-0207" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-0207" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "poppler", "vendor": "poppler", "versions": [ { "status": "affected", "version": "0.26.5-2" } ] } ], "datePublic": "2010-04-19T00:00:00", "descriptions": [ { "lang": "en", "value": "In xpdf, the xref table contains an infinite loop which allows remote attackers to cause a denial of service (application crash) in xpdf-based PDF viewers." } ], "problemTypes": [ { "descriptions": [ { "description": "Other", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2019-10-30T20:46:53", "orgId": "37e5125f-f79b-445b-8fad-9564f167944b", "shortName": "certcc" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://security-tracker.debian.org/tracker/CVE-2010-0207" }, { "tags": [ "x_refsource_MISC" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-0207" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cert@cert.org", "ID": "CVE-2010-0207", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "poppler", "version": { "version_data": [ { "version_value": "0.26.5-2" } ] } } ] }, "vendor_name": "poppler" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "In xpdf, the xref table contains an infinite loop which allows remote attackers to cause a denial of service (application crash) in xpdf-based PDF viewers." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Other" } ] } ] }, "references": { "reference_data": [ { "name": "https://security-tracker.debian.org/tracker/CVE-2010-0207", "refsource": "MISC", "url": "https://security-tracker.debian.org/tracker/CVE-2010-0207" }, { "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-0207", "refsource": "MISC", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-0207" } ] } } } }, "cveMetadata": { "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b", "assignerShortName": "certcc", "cveId": "CVE-2010-0207", "datePublished": "2019-10-30T20:46:53", "dateReserved": "2010-01-06T00:00:00", "dateUpdated": "2024-08-07T00:37:54.327Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2009-3606 (GCVE-0-2009-3606)
Vulnerability from cvelistv5
Published
2009-10-21 17:00
Modified
2024-08-07 06:31
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Integer overflow in the PSOutputDev::doImageL1Sep function in Xpdf before 3.02pl4, and Poppler 0.x, as used in kdegraphics KPDF, might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow.
References
► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T06:31:11.027Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "39938", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/39938" }, { "name": "37042", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/37042" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl4.patch" }, { "name": "DSA-1941", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2009/dsa-1941" }, { "name": "MDVSA-2009:287", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:287" }, { "name": "[oss-security] 20091201 Re: Need more information on recent poppler issues", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2009/12/01/6" }, { "name": "FEDORA-2010-1377", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035408.html" }, { "name": "FEDORA-2009-10823", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00750.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://cgit.freedesktop.org/poppler/poppler/diff/poppler/PSOutputDev.cc?id=7b2d314a61" }, { "name": "RHSA-2009:1501", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://rhn.redhat.com/errata/RHSA-2009-1501.html" }, { "name": "SUSE-SR:2009:018", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html" }, { "name": "DSA-2028", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2010/dsa-2028" }, { "name": "DSA-2050", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2010/dsa-2050" }, { "name": "oval:org.mitre.oval:def:11289", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11289" }, { "name": "[oss-security] 20091130 Need more information on recent poppler issues", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2009/12/01/1" }, { "name": "37159", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/37159" }, { "name": "FEDORA-2010-1805", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035340.html" }, { "name": "1021706", "tags": [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1" }, { "name": "FEDORA-2009-10845", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00784.html" }, { "name": "oval:org.mitre.oval:def:7836", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7836" }, { "name": "37077", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/37077" }, { "name": "1023029", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://securitytracker.com/id?1023029" }, { "name": "xpdf-psoutputdev-bo(53798)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53798" }, { "name": "MDVSA-2011:175", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175" }, { "name": "37037", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/37037" }, { "name": "ADV-2010-1040", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2010/1040" }, { "name": "ADV-2010-0802", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2010/0802" }, { "name": "RHSA-2009:1502", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://rhn.redhat.com/errata/RHSA-2009-1502.html" }, { "name": "FEDORA-2010-1842", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035399.html" }, { "name": "RHSA-2009:1500", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://rhn.redhat.com/errata/RHSA-2009-1500.html" }, { "name": "ADV-2009-2928", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2009/2928" }, { "name": "37023", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/37023" }, { "name": "[oss-security] 20091130 Re: Need more information on recent poppler issues", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2009/12/01/5" }, { "name": "ADV-2009-2924", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2009/2924" }, { "name": "MDVSA-2010:087", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087" }, { "name": "274030", "tags": [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1" }, { "name": "ADV-2010-1220", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2010/1220" }, { "name": "37053", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/37053" }, { "name": "39327", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/39327" }, { "name": "37043", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/37043" }, { "name": "36703", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/36703" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=526877" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2009-10-15T00:00:00", "descriptions": [ { "lang": "en", "value": "Integer overflow in the PSOutputDev::doImageL1Sep function in Xpdf before 3.02pl4, and Poppler 0.x, as used in kdegraphics KPDF, might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-09-18T12:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "39938", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/39938" }, { "name": "37042", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/37042" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl4.patch" }, { "name": "DSA-1941", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2009/dsa-1941" }, { "name": "MDVSA-2009:287", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:287" }, { "name": "[oss-security] 20091201 Re: Need more information on recent poppler issues", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://www.openwall.com/lists/oss-security/2009/12/01/6" }, { "name": "FEDORA-2010-1377", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035408.html" }, { "name": "FEDORA-2009-10823", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00750.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://cgit.freedesktop.org/poppler/poppler/diff/poppler/PSOutputDev.cc?id=7b2d314a61" }, { "name": "RHSA-2009:1501", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://rhn.redhat.com/errata/RHSA-2009-1501.html" }, { "name": "SUSE-SR:2009:018", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html" }, { "name": "DSA-2028", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2010/dsa-2028" }, { "name": "DSA-2050", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2010/dsa-2050" }, { "name": "oval:org.mitre.oval:def:11289", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11289" }, { "name": "[oss-security] 20091130 Need more information on recent poppler issues", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://www.openwall.com/lists/oss-security/2009/12/01/1" }, { "name": "37159", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/37159" }, { "name": "FEDORA-2010-1805", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035340.html" }, { "name": "1021706", "tags": [ "vendor-advisory", "x_refsource_SUNALERT" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1" }, { "name": "FEDORA-2009-10845", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00784.html" }, { "name": "oval:org.mitre.oval:def:7836", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7836" }, { "name": "37077", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/37077" }, { "name": "1023029", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://securitytracker.com/id?1023029" }, { "name": "xpdf-psoutputdev-bo(53798)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53798" }, { "name": "MDVSA-2011:175", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175" }, { "name": "37037", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/37037" }, { "name": "ADV-2010-1040", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2010/1040" }, { "name": "ADV-2010-0802", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2010/0802" }, { "name": "RHSA-2009:1502", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://rhn.redhat.com/errata/RHSA-2009-1502.html" }, { "name": "FEDORA-2010-1842", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035399.html" }, { "name": "RHSA-2009:1500", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://rhn.redhat.com/errata/RHSA-2009-1500.html" }, { "name": "ADV-2009-2928", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2009/2928" }, { "name": "37023", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/37023" }, { "name": "[oss-security] 20091130 Re: Need more information on recent poppler issues", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://www.openwall.com/lists/oss-security/2009/12/01/5" }, { "name": "ADV-2009-2924", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2009/2924" }, { "name": "MDVSA-2010:087", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087" }, { "name": "274030", "tags": [ "vendor-advisory", "x_refsource_SUNALERT" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1" }, { "name": "ADV-2010-1220", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2010/1220" }, { "name": "37053", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/37053" }, { "name": "39327", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/39327" }, { "name": "37043", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/37043" }, { "name": "36703", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/36703" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=526877" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2009-3606", "datePublished": "2009-10-21T17:00:00", "dateReserved": "2009-10-09T00:00:00", "dateUpdated": "2024-08-07T06:31:11.027Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2009-3607 (GCVE-0-2009-3607)
Vulnerability from cvelistv5
Published
2009-10-21 17:00
Modified
2024-08-07 06:31
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Integer overflow in the create_surface_from_thumbnail_data function in glib/poppler-page.cc in Poppler 0.x allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow. NOTE: some of these details are obtained from third party information.
References
► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T06:31:10.561Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "DSA-1941", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2009/dsa-1941" }, { "name": "[oss-security] 20091201 Re: Need more information on recent poppler issues", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2009/12/01/6" }, { "name": "FEDORA-2009-10823", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00750.html" }, { "name": "36718", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/36718" }, { "name": "[oss-security] 20091130 Need more information on recent poppler issues", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2009/12/01/1" }, { "name": "poppler-createsurfacefromthumbnaildata-bo(53801)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53801" }, { "name": "37159", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/37159" }, { "name": "37054", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/37054" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=526924" }, { "name": "1021706", "tags": [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1" }, { "name": "FEDORA-2009-10845", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00784.html" }, { "name": "37114", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/37114" }, { "name": "MDVSA-2011:175", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175" }, { "name": "USN-850-3", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/USN-850-3" }, { "name": "[oss-security] 20091130 Re: Need more information on recent poppler issues", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2009/12/01/5" }, { "name": "274030", "tags": [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1" }, { "name": "USN-850-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/USN-850-1" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=c839b706" }, { "name": "ADV-2009-2925", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2009/2925" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2009-10-15T00:00:00", "descriptions": [ { "lang": "en", "value": "Integer overflow in the create_surface_from_thumbnail_data function in glib/poppler-page.cc in Poppler 0.x allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow. NOTE: some of these details are obtained from third party information." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-08-16T14:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "DSA-1941", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2009/dsa-1941" }, { "name": "[oss-security] 20091201 Re: Need more information on recent poppler issues", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://www.openwall.com/lists/oss-security/2009/12/01/6" }, { "name": "FEDORA-2009-10823", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00750.html" }, { "name": "36718", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/36718" }, { "name": "[oss-security] 20091130 Need more information on recent poppler issues", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://www.openwall.com/lists/oss-security/2009/12/01/1" }, { "name": "poppler-createsurfacefromthumbnaildata-bo(53801)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53801" }, { "name": "37159", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/37159" }, { "name": "37054", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/37054" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=526924" }, { "name": "1021706", "tags": [ "vendor-advisory", "x_refsource_SUNALERT" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1" }, { "name": "FEDORA-2009-10845", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00784.html" }, { "name": "37114", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/37114" }, { "name": "MDVSA-2011:175", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175" }, { "name": "USN-850-3", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/USN-850-3" }, { "name": "[oss-security] 20091130 Re: Need more information on recent poppler issues", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://www.openwall.com/lists/oss-security/2009/12/01/5" }, { "name": "274030", "tags": [ "vendor-advisory", "x_refsource_SUNALERT" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1" }, { "name": "USN-850-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/USN-850-1" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=c839b706" }, { "name": "ADV-2009-2925", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2009/2925" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2009-3607", "datePublished": "2009-10-21T17:00:00", "dateReserved": "2009-10-09T00:00:00", "dateUpdated": "2024-08-07T06:31:10.561Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2009-1182 (GCVE-0-2009-1182)
Vulnerability from cvelistv5
Published
2009-04-23 17:00
Modified
2024-08-07 05:04
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple buffer overflows in the JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allow remote attackers to execute arbitrary code via a crafted PDF file.
References
► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T05:04:49.234Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "DSA-1793", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2009/dsa-1793" }, { "name": "34963", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/34963" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=495896" }, { "name": "DSA-1790", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2009/dsa-1790" }, { "name": "35037", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/35037" }, { "name": "ADV-2009-1077", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2009/1077" }, { "name": "35064", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/35064" }, { "name": "ADV-2009-1066", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2009/1066" }, { "name": "34481", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/34481" }, { "name": "SSA:2009-129-01", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE", "x_transferred" ], "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477" }, { "name": "RHSA-2009:0431", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html" }, { "name": "ADV-2009-1065", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2009/1065" }, { "name": "RHSA-2009:0430", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html" }, { "name": "FEDORA-2009-6972", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html" }, { "name": "35618", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/35618" }, { "name": "oval:org.mitre.oval:def:10735", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10735" }, { "name": "35065", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/35065" }, { "name": "RHSA-2009:0480", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://poppler.freedesktop.org/releases.html" }, { "name": "34568", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/34568" }, { "name": "MDVSA-2011:175", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175" }, { "name": "VU#196617", "tags": [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred" ], "url": "http://www.kb.cert.org/vuls/id/196617" }, { "name": "ADV-2010-1040", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2010/1040" }, { "name": "SUSE-SA:2009:024", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html" }, { "name": "RHSA-2009:0458", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html" }, { "name": "FEDORA-2009-6982", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html" }, { "name": "34991", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/34991" }, { "name": "MDVSA-2009:101", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101" }, { "name": "MDVSA-2010:087", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087" }, { "name": "SUSE-SR:2009:010", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html" }, { "name": "35685", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/35685" }, { "name": "ADV-2009-1076", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2009/1076" }, { "name": "34756", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/34756" }, { "name": "34291", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/34291" }, { "name": "34755", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/34755" }, { "name": "34852", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/34852" }, { "name": "SUSE-SR:2009:012", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html" }, { "name": "FEDORA-2009-6973", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html" }, { "name": "34959", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/34959" }, { "name": "34746", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/34746" }, { "name": "RHSA-2009:0429", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html" }, { "name": "1022073", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id?1022073" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2009-04-16T00:00:00", "descriptions": [ { "lang": "en", "value": "Multiple buffer overflows in the JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allow remote attackers to execute arbitrary code via a crafted PDF file." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-09-28T12:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "DSA-1793", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2009/dsa-1793" }, { "name": "34963", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/34963" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=495896" }, { "name": "DSA-1790", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2009/dsa-1790" }, { "name": "35037", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/35037" }, { "name": "ADV-2009-1077", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2009/1077" }, { "name": "35064", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/35064" }, { "name": "ADV-2009-1066", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2009/1066" }, { "name": "34481", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/34481" }, { "name": "SSA:2009-129-01", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE" ], "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477" }, { "name": "RHSA-2009:0431", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html" }, { "name": "ADV-2009-1065", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2009/1065" }, { "name": "RHSA-2009:0430", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html" }, { "name": "FEDORA-2009-6972", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html" }, { "name": "35618", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/35618" }, { "name": "oval:org.mitre.oval:def:10735", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10735" }, { "name": "35065", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/35065" }, { "name": "RHSA-2009:0480", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://poppler.freedesktop.org/releases.html" }, { "name": "34568", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/34568" }, { "name": "MDVSA-2011:175", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175" }, { "name": "VU#196617", "tags": [ "third-party-advisory", "x_refsource_CERT-VN" ], "url": "http://www.kb.cert.org/vuls/id/196617" }, { "name": "ADV-2010-1040", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2010/1040" }, { "name": "SUSE-SA:2009:024", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html" }, { "name": "RHSA-2009:0458", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html" }, { "name": "FEDORA-2009-6982", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html" }, { "name": "34991", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/34991" }, { "name": "MDVSA-2009:101", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101" }, { "name": "MDVSA-2010:087", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087" }, { "name": "SUSE-SR:2009:010", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html" }, { "name": "35685", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/35685" }, { "name": "ADV-2009-1076", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2009/1076" }, { "name": "34756", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/34756" }, { "name": "34291", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/34291" }, { "name": "34755", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/34755" }, { "name": "34852", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/34852" }, { "name": "SUSE-SR:2009:012", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html" }, { "name": "FEDORA-2009-6973", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html" }, { "name": "34959", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/34959" }, { "name": "34746", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/34746" }, { "name": "RHSA-2009:0429", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html" }, { "name": "1022073", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id?1022073" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2009-1182", "datePublished": "2009-04-23T17:00:00", "dateReserved": "2009-03-31T00:00:00", "dateUpdated": "2024-08-07T05:04:49.234Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2008-1693 (GCVE-0-2008-1693)
Vulnerability from cvelistv5
Published
2008-04-18 15:00
Modified
2024-08-07 08:32
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The CairoFont::create function in CairoFontEngine.cc in Poppler, possibly before 0.8.0, as used in Xpdf, Evince, ePDFview, KWord, and other applications, does not properly handle embedded fonts in PDF files, which allows remote attackers to execute arbitrary code via a crafted font object, related to dereferencing a function pointer associated with the type of this font object.
References
► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T08:32:01.237Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "29869", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/29869" }, { "name": "SUSE-SR:2008:011", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2008-05/msg00000.html" }, { "name": "MDVSA-2008:173", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:173" }, { "name": "oval:org.mitre.oval:def:11226", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11226" }, { "name": "ADV-2008-1265", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2008/1265/references" }, { "name": "MDVSA-2008:089", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:089" }, { "name": "29884", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/29884" }, { "name": "30019", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/30019" }, { "name": "29885", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/29885" }, { "name": "1019893", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://securitytracker.com/id?1019893" }, { "name": "28830", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/28830" }, { "name": "29853", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/29853" }, { "name": "29851", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/29851" }, { "name": "29816", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/29816" }, { "name": "MDVSA-2008:197", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:197" }, { "name": "RHSA-2008:0239", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2008-0239.html" }, { "name": "DSA-1548", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2008/dsa-1548" }, { "name": "DSA-1606", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2008/dsa-1606" }, { "name": "RHSA-2008:0240", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2008-0240.html" }, { "name": "GLSA-200804-18", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://security.gentoo.org/glsa/glsa-200804-18.xml" }, { "name": "29868", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/29868" }, { "name": "ADV-2008-1266", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2008/1266/references" }, { "name": "RHSA-2008:0262", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2008-0262.html" }, { "name": "31035", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/31035" }, { "name": "xpdf-pdf-code-execution(41884)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41884" }, { "name": "30033", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/30033" }, { "name": "29836", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/29836" }, { "name": "29834", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/29834" }, { "name": "RHSA-2008:0238", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2008-0238.html" }, { "name": "FEDORA-2008-3312", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00522.html" }, { "name": "USN-603-2", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/usn-603-2" }, { "name": "USN-603-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/usn-603-1" }, { "name": "SUSE-SR:2008:013", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://www.novell.com/linux/security/advisories/2008_13_sr.html" }, { "name": "30717", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/30717" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2008-04-17T00:00:00", "descriptions": [ { "lang": "en", "value": "The CairoFont::create function in CairoFontEngine.cc in Poppler, possibly before 0.8.0, as used in Xpdf, Evince, ePDFview, KWord, and other applications, does not properly handle embedded fonts in PDF files, which allows remote attackers to execute arbitrary code via a crafted font object, related to dereferencing a function pointer associated with the type of this font object." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-09-28T12:57:01", "orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc", "shortName": "canonical" }, "references": [ { "name": "29869", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/29869" }, { "name": "SUSE-SR:2008:011", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2008-05/msg00000.html" }, { "name": "MDVSA-2008:173", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:173" }, { "name": "oval:org.mitre.oval:def:11226", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11226" }, { "name": "ADV-2008-1265", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2008/1265/references" }, { "name": "MDVSA-2008:089", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:089" }, { "name": "29884", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/29884" }, { "name": "30019", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/30019" }, { "name": "29885", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/29885" }, { "name": "1019893", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://securitytracker.com/id?1019893" }, { "name": "28830", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/28830" }, { "name": "29853", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/29853" }, { "name": "29851", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/29851" }, { "name": "29816", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/29816" }, { "name": "MDVSA-2008:197", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:197" }, { "name": "RHSA-2008:0239", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2008-0239.html" }, { "name": "DSA-1548", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2008/dsa-1548" }, { "name": "DSA-1606", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2008/dsa-1606" }, { "name": "RHSA-2008:0240", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2008-0240.html" }, { "name": "GLSA-200804-18", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://security.gentoo.org/glsa/glsa-200804-18.xml" }, { "name": "29868", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/29868" }, { "name": "ADV-2008-1266", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2008/1266/references" }, { "name": "RHSA-2008:0262", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2008-0262.html" }, { "name": "31035", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/31035" }, { "name": "xpdf-pdf-code-execution(41884)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41884" }, { "name": "30033", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/30033" }, { "name": "29836", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/29836" }, { "name": "29834", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/29834" }, { "name": "RHSA-2008:0238", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2008-0238.html" }, { "name": "FEDORA-2008-3312", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00522.html" }, { "name": "USN-603-2", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/usn-603-2" }, { "name": "USN-603-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/usn-603-1" }, { "name": "SUSE-SR:2008:013", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://www.novell.com/linux/security/advisories/2008_13_sr.html" }, { "name": "30717", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/30717" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@ubuntu.com", "ID": "CVE-2008-1693", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The CairoFont::create function in CairoFontEngine.cc in Poppler, possibly before 0.8.0, as used in Xpdf, Evince, ePDFview, KWord, and other applications, does not properly handle embedded fonts in PDF files, which allows remote attackers to execute arbitrary code via a crafted font object, related to dereferencing a function pointer associated with the type of this font object." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "29869", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/29869" }, { "name": "SUSE-SR:2008:011", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2008-05/msg00000.html" }, { "name": "MDVSA-2008:173", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:173" }, { "name": "oval:org.mitre.oval:def:11226", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11226" }, { "name": "ADV-2008-1265", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/1265/references" }, { "name": "MDVSA-2008:089", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:089" }, { "name": "29884", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/29884" }, { "name": "30019", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/30019" }, { "name": "29885", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/29885" }, { "name": "1019893", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1019893" }, { "name": "28830", "refsource": "BID", "url": "http://www.securityfocus.com/bid/28830" }, { "name": "29853", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/29853" }, { "name": "29851", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/29851" }, { "name": "29816", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/29816" }, { "name": "MDVSA-2008:197", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:197" }, { "name": "RHSA-2008:0239", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2008-0239.html" }, { "name": "DSA-1548", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2008/dsa-1548" }, { "name": "DSA-1606", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2008/dsa-1606" }, { "name": "RHSA-2008:0240", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2008-0240.html" }, { "name": "GLSA-200804-18", "refsource": "GENTOO", "url": "http://security.gentoo.org/glsa/glsa-200804-18.xml" }, { "name": "29868", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/29868" }, { "name": "ADV-2008-1266", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/1266/references" }, { "name": "RHSA-2008:0262", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2008-0262.html" }, { "name": "31035", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31035" }, { "name": "xpdf-pdf-code-execution(41884)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41884" }, { "name": "30033", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/30033" }, { "name": "29836", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/29836" }, { "name": "29834", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/29834" }, { "name": "RHSA-2008:0238", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2008-0238.html" }, { "name": "FEDORA-2008-3312", "refsource": "FEDORA", "url": "https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00522.html" }, { "name": "USN-603-2", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/usn-603-2" }, { "name": "USN-603-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/usn-603-1" }, { "name": "SUSE-SR:2008:013", "refsource": "SUSE", "url": "http://www.novell.com/linux/security/advisories/2008_13_sr.html" }, { "name": "30717", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/30717" } ] } } } }, "cveMetadata": { "assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc", "assignerShortName": "canonical", "cveId": "CVE-2008-1693", "datePublished": "2008-04-18T15:00:00", "dateReserved": "2008-04-08T00:00:00", "dateUpdated": "2024-08-07T08:32:01.237Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2025-52886 (GCVE-0-2025-52886)
Vulnerability from cvelistv5
Published
2025-07-02 15:46
Modified
2025-07-02 15:59
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-416 - Use After Free
Summary
Poppler is a PDF rendering library. Versions prior to 25.06.0 use `std::atomic_int` for reference counting. Because `std::atomic_int` is only 32 bits, it is possible to overflow the reference count and trigger a use-after-free. Version 25.06.0 patches the issue.
References
► | URL | Tags | |||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2025-52886", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2025-07-02T15:59:12.705717Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2025-07-02T15:59:16.924Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "poppler", "vendor": "poppler", "versions": [ { "status": "affected", "version": "\u003c 25.06.0" } ] } ], "descriptions": [ { "lang": "en", "value": "Poppler is a PDF rendering library. Versions prior to 25.06.0 use `std::atomic_int` for reference counting. Because `std::atomic_int` is only 32 bits, it is possible to overflow the reference count and trigger a use-after-free. Version 25.06.0 patches the issue." } ], "metrics": [ { "cvssV4_0": { "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "LOCAL", "baseScore": 5.5, "baseSeverity": "MEDIUM", "privilegesRequired": "NONE", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416: Use After Free", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2025-07-02T15:46:49.733Z", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M" }, "references": [ { "name": "https://securitylab.github.com/advisories/GHSL-2025-054_poppler/", "tags": [ "x_refsource_CONFIRM" ], "url": "https://securitylab.github.com/advisories/GHSL-2025-054_poppler/" }, { "name": "https://gitlab.freedesktop.org/poppler/poppler/-/commit/04bd91684ed41d67ae0f10cde0660e4ed74ac203", "tags": [ "x_refsource_MISC" ], "url": "https://gitlab.freedesktop.org/poppler/poppler/-/commit/04bd91684ed41d67ae0f10cde0660e4ed74ac203" }, { "name": "https://gitlab.freedesktop.org/poppler/poppler/-/commit/ac36affcc8486de38e8905a8d6547a3464ff46e5", "tags": [ "x_refsource_MISC" ], "url": "https://gitlab.freedesktop.org/poppler/poppler/-/commit/ac36affcc8486de38e8905a8d6547a3464ff46e5" }, { "name": "https://gitlab.freedesktop.org/poppler/poppler/-/issues/1581", "tags": [ "x_refsource_MISC" ], "url": "https://gitlab.freedesktop.org/poppler/poppler/-/issues/1581" }, { "name": "https://gitlab.freedesktop.org/poppler/poppler/-/merge_requests/1828", "tags": [ "x_refsource_MISC" ], "url": "https://gitlab.freedesktop.org/poppler/poppler/-/merge_requests/1828" } ], "source": { "advisory": "GHSA-922r-mhj4-78rc", "discovery": "UNKNOWN" }, "title": "Poppler Use After Free Vulnerability" } }, "cveMetadata": { "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2025-52886", "datePublished": "2025-07-02T15:46:49.733Z", "dateReserved": "2025-06-20T17:42:25.708Z", "dateUpdated": "2025-07-02T15:59:16.924Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2009-3609 (GCVE-0-2009-3609)
Vulnerability from cvelistv5
Published
2009-10-21 17:00
Modified
2024-08-07 06:31
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Integer overflow in the ImageStream::ImageStream function in Stream.cc in Xpdf before 3.02pl4 and Poppler before 0.12.1, as used in GPdf, kdegraphics KPDF, and CUPS pdftops, allows remote attackers to cause a denial of service (application crash) via a crafted PDF document that triggers a NULL pointer dereference or buffer over-read.
References
► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T06:31:10.540Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "39938", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/39938" }, { "name": "RHSA-2009:1504", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://rhn.redhat.com/errata/RHSA-2009-1504.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl4.patch" }, { "name": "MDVSA-2009:287", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:287" }, { "name": "37028", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/37028" }, { "name": "FEDORA-2010-1377", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035408.html" }, { "name": "FEDORA-2009-10823", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00750.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://poppler.freedesktop.org/" }, { "name": "RHSA-2009:1501", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://rhn.redhat.com/errata/RHSA-2009-1501.html" }, { "name": "37079", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/37079" }, { "name": "SUSE-SR:2009:018", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html" }, { "name": "oval:org.mitre.oval:def:8134", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8134" }, { "name": "DSA-2028", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2010/dsa-2028" }, { "name": "DSA-2050", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2010/dsa-2050" }, { "name": "37159", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/37159" }, { "name": "37054", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/37054" }, { "name": "FEDORA-2010-1805", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035340.html" }, { "name": "1021706", "tags": [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1" }, { "name": "FEDORA-2009-10845", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00784.html" }, { "name": "RHSA-2009:1512", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://rhn.redhat.com/errata/RHSA-2009-1512.html" }, { "name": "37114", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/37114" }, { "name": "37077", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/37077" }, { "name": "oval:org.mitre.oval:def:11043", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11043" }, { "name": "1023029", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://securitytracker.com/id?1023029" }, { "name": "RHSA-2009:1503", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://rhn.redhat.com/errata/RHSA-2009-1503.html" }, { "name": "ADV-2009-2926", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2009/2926" }, { "name": "MDVSA-2011:175", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=526893" }, { "name": "xpdf-imagestream-dos(53800)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53800" }, { "name": "37037", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/37037" }, { "name": "USN-850-3", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/USN-850-3" }, { "name": "ADV-2010-0802", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2010/0802" }, { "name": "RHSA-2009:1502", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://rhn.redhat.com/errata/RHSA-2009-1502.html" }, { "name": "FEDORA-2010-1842", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035399.html" }, { "name": "RHSA-2009:1500", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://rhn.redhat.com/errata/RHSA-2009-1500.html" }, { "name": "ADV-2009-2928", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2009/2928" }, { "name": "RHSA-2009:1513", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://rhn.redhat.com/errata/RHSA-2009-1513.html" }, { "name": "37034", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/37034" }, { "name": "37023", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/37023" }, { "name": "ADV-2009-2924", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2009/2924" }, { "name": "37051", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/37051" }, { "name": "274030", "tags": [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1" }, { "name": "ADV-2010-1220", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2010/1220" }, { "name": "USN-850-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/USN-850-1" }, { "name": "37061", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/37061" }, { "name": "39327", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/39327" }, { "name": "37043", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/37043" }, { "name": "36703", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/36703" }, { "name": "ADV-2009-2925", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2009/2925" }, { "name": "RHSA-2010:0755", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2010-0755.html" }, { "name": "MDVSA-2009:334", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:334" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2009-10-15T00:00:00", "descriptions": [ { "lang": "en", "value": "Integer overflow in the ImageStream::ImageStream function in Stream.cc in Xpdf before 3.02pl4 and Poppler before 0.12.1, as used in GPdf, kdegraphics KPDF, and CUPS pdftops, allows remote attackers to cause a denial of service (application crash) via a crafted PDF document that triggers a NULL pointer dereference or buffer over-read." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-09-18T12:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "39938", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/39938" }, { "name": "RHSA-2009:1504", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://rhn.redhat.com/errata/RHSA-2009-1504.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl4.patch" }, { "name": "MDVSA-2009:287", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:287" }, { "name": "37028", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/37028" }, { "name": "FEDORA-2010-1377", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035408.html" }, { "name": "FEDORA-2009-10823", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00750.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://poppler.freedesktop.org/" }, { "name": "RHSA-2009:1501", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://rhn.redhat.com/errata/RHSA-2009-1501.html" }, { "name": "37079", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/37079" }, { "name": "SUSE-SR:2009:018", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html" }, { "name": "oval:org.mitre.oval:def:8134", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8134" }, { "name": "DSA-2028", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2010/dsa-2028" }, { "name": "DSA-2050", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2010/dsa-2050" }, { "name": "37159", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/37159" }, { "name": "37054", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/37054" }, { "name": "FEDORA-2010-1805", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035340.html" }, { "name": "1021706", "tags": [ "vendor-advisory", "x_refsource_SUNALERT" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1" }, { "name": "FEDORA-2009-10845", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00784.html" }, { "name": "RHSA-2009:1512", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://rhn.redhat.com/errata/RHSA-2009-1512.html" }, { "name": "37114", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/37114" }, { "name": "37077", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/37077" }, { "name": "oval:org.mitre.oval:def:11043", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11043" }, { "name": "1023029", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://securitytracker.com/id?1023029" }, { "name": "RHSA-2009:1503", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://rhn.redhat.com/errata/RHSA-2009-1503.html" }, { "name": "ADV-2009-2926", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2009/2926" }, { "name": "MDVSA-2011:175", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=526893" }, { "name": "xpdf-imagestream-dos(53800)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53800" }, { "name": "37037", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/37037" }, { "name": "USN-850-3", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/USN-850-3" }, { "name": "ADV-2010-0802", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2010/0802" }, { "name": "RHSA-2009:1502", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://rhn.redhat.com/errata/RHSA-2009-1502.html" }, { "name": "FEDORA-2010-1842", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035399.html" }, { "name": "RHSA-2009:1500", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://rhn.redhat.com/errata/RHSA-2009-1500.html" }, { "name": "ADV-2009-2928", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2009/2928" }, { "name": "RHSA-2009:1513", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://rhn.redhat.com/errata/RHSA-2009-1513.html" }, { "name": "37034", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/37034" }, { "name": "37023", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/37023" }, { "name": "ADV-2009-2924", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2009/2924" }, { "name": "37051", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/37051" }, { "name": "274030", "tags": [ "vendor-advisory", "x_refsource_SUNALERT" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1" }, { "name": "ADV-2010-1220", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2010/1220" }, { "name": "USN-850-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/USN-850-1" }, { "name": "37061", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/37061" }, { "name": "39327", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/39327" }, { "name": "37043", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/37043" }, { "name": "36703", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/36703" }, { "name": "ADV-2009-2925", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2009/2925" }, { "name": "RHSA-2010:0755", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2010-0755.html" }, { "name": "MDVSA-2009:334", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:334" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2009-3609", "datePublished": "2009-10-21T17:00:00", "dateReserved": "2009-10-09T00:00:00", "dateUpdated": "2024-08-07T06:31:10.540Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2017-7511 (GCVE-0-2017-7511)
Vulnerability from cvelistv5
Published
2017-05-30 18:00
Modified
2024-08-05 16:04
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
poppler since version 0.17.3 has been vulnerable to NULL pointer dereference in pdfunite triggered by specially crafted documents.
References
► | URL | Tags | ||||||
---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T16:04:11.847Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "GLSA-201801-17", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201801-17" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://cgit.freedesktop.org/poppler/poppler/commit/?id=5c9b08a875b07853be6c44e43ff5f7f059df666a" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "poppler", "vendor": "Poppler", "versions": [ { "status": "affected", "version": "since 0.17.3" } ] } ], "datePublic": "2017-05-26T00:00:00", "descriptions": [ { "lang": "en", "value": "poppler since version 0.17.3 has been vulnerable to NULL pointer dereference in pdfunite triggered by specially crafted documents." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-476", "description": "CWE-476", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-18T10:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "GLSA-201801-17", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201801-17" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://cgit.freedesktop.org/poppler/poppler/commit/?id=5c9b08a875b07853be6c44e43ff5f7f059df666a" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2017-7511", "datePublished": "2017-05-30T18:00:00", "dateReserved": "2017-04-05T00:00:00", "dateUpdated": "2024-08-05T16:04:11.847Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2005-3624 (GCVE-0-2005-3624)
Vulnerability from cvelistv5
Published
2006-01-06 22:00
Modified
2024-08-07 23:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows.
References
► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T23:17:23.457Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "16143", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/16143" }, { "name": "DSA-932", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2005/dsa-932" }, { "name": "18349", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18349" }, { "name": "18147", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18147" }, { "name": "SCOSA-2006.15", "tags": [ "vendor-advisory", "x_refsource_SCO", "x_transferred" ], "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://scary.beasts.org/security/CESA-2005-003.txt" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.kde.org/info/security/advisory-20051207-2.txt" }, { "name": "18679", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18679" }, { "name": "18312", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18312" }, { "name": "18644", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18644" }, { "name": "USN-236-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/236-1/" }, { "name": "18425", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18425" }, { "name": "18373", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18373" }, { "name": "18303", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18303" }, { "name": "DSA-931", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2005/dsa-931" }, { "name": "18554", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18554" }, { "name": "MDKSA-2006:003", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003" }, { "name": "19230", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/19230" }, { "name": "102972", "tags": [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1" }, { "name": "MDKSA-2006:012", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012" }, { "name": "DSA-962", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-962" }, { "name": "RHSA-2006:0163", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html" }, { "name": "DSA-937", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2005/dsa-937" }, { "name": "18398", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18398" }, { "name": "FLSA-2006:176751", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded" }, { "name": "2006-0002", "tags": [ "vendor-advisory", "x_refsource_TRUSTIX", "x_transferred" ], "url": "http://www.trustix.org/errata/2006/0002/" }, { "name": "SUSE-SA:2006:001", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html" }, { "name": "DSA-936", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-936" }, { "name": "FEDORA-2005-026", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html" }, { "name": "18329", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18329" }, { "name": "18463", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18463" }, { "name": "18642", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18642" }, { "name": "18674", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18674" }, { "name": "MDKSA-2006:005", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005" }, { "name": "18313", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18313" }, { "name": "20051201-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U" }, { "name": "20060101-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U" }, { "name": "18448", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18448" }, { "name": "18436", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18436" }, { "name": "18428", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18428" }, { "name": "18380", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18380" }, { "name": "18423", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18423" }, { "name": "18416", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18416" }, { "name": "RHSA-2006:0177", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html" }, { "name": "ADV-2007-2280", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2007/2280" }, { "name": "GLSA-200601-02", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml" }, { "name": "18407", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18407" }, { "name": "18332", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18332" }, { "name": "18517", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18517" }, { "name": "18582", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18582" }, { "name": "18534", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18534" }, { "name": "SSA:2006-045-09", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE", "x_transferred" ], "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683" }, { "name": "18908", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18908" }, { "name": "25729", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/25729" }, { "name": "18414", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18414" }, { "name": "MDKSA-2006:006", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006" }, { "name": "18338", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18338" }, { "name": "MDKSA-2006:008", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008" }, { "name": "20060201-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U" }, { "name": "RHSA-2006:0160", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html" }, { "name": "MDKSA-2006:010", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010" }, { "name": "DSA-940", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2005/dsa-940" }, { "name": "MDKSA-2006:004", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004" }, { "name": "ADV-2006-0047", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/0047" }, { "name": "GLSA-200601-17", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml" }, { "name": "xpdf-ccitt-faxstream-bo(24022)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24022" }, { "name": "18389", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18389" }, { "name": "oval:org.mitre.oval:def:9437", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9437" }, { "name": "SSA:2006-045-04", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE", "x_transferred" ], "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747" }, { "name": "19377", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/19377" }, { "name": "FEDORA-2005-025", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html" }, { "name": "FLSA:175404", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded" }, { "name": "DSA-961", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-961" }, { "name": "18675", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18675" }, { "name": "18913", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18913" }, { "name": "DSA-938", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2005/dsa-938" }, { "name": "18334", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18334" }, { "name": "18375", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18375" }, { "name": "DSA-950", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-950" }, { "name": "18387", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18387" }, { "name": "MDKSA-2006:011", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011" }, { "name": "18385", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18385" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2006-01-06T00:00:00", "descriptions": [ { "lang": "en", "value": "The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-19T14:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "16143", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/16143" }, { "name": "DSA-932", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2005/dsa-932" }, { "name": "18349", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18349" }, { "name": "18147", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18147" }, { "name": "SCOSA-2006.15", "tags": [ "vendor-advisory", "x_refsource_SCO" ], "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt" }, { "tags": [ "x_refsource_MISC" ], "url": "http://scary.beasts.org/security/CESA-2005-003.txt" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.kde.org/info/security/advisory-20051207-2.txt" }, { "name": "18679", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18679" }, { "name": "18312", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18312" }, { "name": "18644", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18644" }, { "name": "USN-236-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/236-1/" }, { "name": "18425", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18425" }, { "name": "18373", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18373" }, { "name": "18303", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18303" }, { "name": "DSA-931", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2005/dsa-931" }, { "name": "18554", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18554" }, { "name": "MDKSA-2006:003", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003" }, { "name": "19230", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/19230" }, { "name": "102972", "tags": [ "vendor-advisory", "x_refsource_SUNALERT" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1" }, { "name": "MDKSA-2006:012", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012" }, { "name": "DSA-962", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-962" }, { "name": "RHSA-2006:0163", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html" }, { "name": "DSA-937", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2005/dsa-937" }, { "name": "18398", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18398" }, { "name": "FLSA-2006:176751", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded" }, { "name": "2006-0002", "tags": [ "vendor-advisory", "x_refsource_TRUSTIX" ], "url": "http://www.trustix.org/errata/2006/0002/" }, { "name": "SUSE-SA:2006:001", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html" }, { "name": "DSA-936", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-936" }, { "name": "FEDORA-2005-026", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html" }, { "name": "18329", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18329" }, { "name": "18463", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18463" }, { "name": "18642", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18642" }, { "name": "18674", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18674" }, { "name": "MDKSA-2006:005", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005" }, { "name": "18313", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18313" }, { "name": "20051201-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U" }, { "name": "20060101-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U" }, { "name": "18448", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18448" }, { "name": "18436", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18436" }, { "name": "18428", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18428" }, { "name": "18380", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18380" }, { "name": "18423", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18423" }, { "name": "18416", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18416" }, { "name": "RHSA-2006:0177", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html" }, { "name": "ADV-2007-2280", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2007/2280" }, { "name": "GLSA-200601-02", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml" }, { "name": "18407", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18407" }, { "name": "18332", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18332" }, { "name": "18517", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18517" }, { "name": "18582", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18582" }, { "name": "18534", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18534" }, { "name": "SSA:2006-045-09", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE" ], "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683" }, { "name": "18908", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18908" }, { "name": "25729", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/25729" }, { "name": "18414", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18414" }, { "name": "MDKSA-2006:006", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006" }, { "name": "18338", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18338" }, { "name": "MDKSA-2006:008", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008" }, { "name": "20060201-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U" }, { "name": "RHSA-2006:0160", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html" }, { "name": "MDKSA-2006:010", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010" }, { "name": "DSA-940", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2005/dsa-940" }, { "name": "MDKSA-2006:004", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004" }, { "name": "ADV-2006-0047", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/0047" }, { "name": "GLSA-200601-17", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml" }, { "name": "xpdf-ccitt-faxstream-bo(24022)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24022" }, { "name": "18389", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18389" }, { "name": "oval:org.mitre.oval:def:9437", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9437" }, { "name": "SSA:2006-045-04", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE" ], "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747" }, { "name": "19377", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/19377" }, { "name": "FEDORA-2005-025", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html" }, { "name": "FLSA:175404", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded" }, { "name": "DSA-961", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-961" }, { "name": "18675", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18675" }, { "name": "18913", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18913" }, { "name": "DSA-938", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2005/dsa-938" }, { "name": "18334", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18334" }, { "name": "18375", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18375" }, { "name": "DSA-950", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-950" }, { "name": "18387", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18387" }, { "name": "MDKSA-2006:011", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011" }, { "name": "18385", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18385" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2005-3624", "datePublished": "2006-01-06T22:00:00", "dateReserved": "2005-11-16T00:00:00", "dateUpdated": "2024-08-07T23:17:23.457Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2010-3703 (GCVE-0-2010-3703)
Vulnerability from cvelistv5
Published
2010-11-05 17:00
Modified
2024-08-07 03:18
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The PostScriptFunction::PostScriptFunction function in poppler/Function.cc in the PDF parser in poppler 0.8.7 and possibly other versions up to 0.15.1, and possibly other products, allows context-dependent attackers to cause a denial of service (crash) via a PDF file that triggers an uninitialized pointer dereference.
References
► | URL | Tags | ||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T03:18:52.924Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "[oss-security] 20101004 Re: CVE requests: Poppler, Quassel, Pyfribidi, Overkill, DocUtils, FireGPG, Wireshark", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2010/10/04/6" }, { "name": "FEDORA-2010-15857", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049392.html" }, { "name": "RHSA-2010:0859", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2010-0859.html" }, { "name": "42357", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/42357" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=639356" }, { "name": "MDVSA-2010:231", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:231" }, { "name": "SSA:2010-324-01", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE", "x_transferred" ], "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2010\u0026m=slackware-security.571720" }, { "name": "FEDORA-2010-15911", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049523.html" }, { "name": "USN-1005-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/USN-1005-1" }, { "name": "FEDORA-2010-15981", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049545.html" }, { "name": "SUSE-SR:2010:024", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=bf2055088a3a2d3bb3d3c37d464954ec1a25771f" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2010-10-01T00:00:00", "descriptions": [ { "lang": "en", "value": "The PostScriptFunction::PostScriptFunction function in poppler/Function.cc in the PDF parser in poppler 0.8.7 and possibly other versions up to 0.15.1, and possibly other products, allows context-dependent attackers to cause a denial of service (crash) via a PDF file that triggers an uninitialized pointer dereference." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2010-12-07T10:00:00", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "[oss-security] 20101004 Re: CVE requests: Poppler, Quassel, Pyfribidi, Overkill, DocUtils, FireGPG, Wireshark", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://www.openwall.com/lists/oss-security/2010/10/04/6" }, { "name": "FEDORA-2010-15857", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049392.html" }, { "name": "RHSA-2010:0859", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2010-0859.html" }, { "name": "42357", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/42357" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=639356" }, { "name": "MDVSA-2010:231", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:231" }, { "name": "SSA:2010-324-01", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE" ], "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2010\u0026m=slackware-security.571720" }, { "name": "FEDORA-2010-15911", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049523.html" }, { "name": "USN-1005-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/USN-1005-1" }, { "name": "FEDORA-2010-15981", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049545.html" }, { "name": "SUSE-SR:2010:024", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=bf2055088a3a2d3bb3d3c37d464954ec1a25771f" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2010-3703", "datePublished": "2010-11-05T17:00:00", "dateReserved": "2010-10-01T00:00:00", "dateUpdated": "2024-08-07T03:18:52.924Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2010-3704 (GCVE-0-2010-3704)
Vulnerability from cvelistv5
Published
2010-11-05 17:00
Modified
2024-08-07 03:18
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The FoFiType1::parse function in fofi/FoFiType1.cc in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, kdegraphics, and possibly other products allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a PDF file with a crafted PostScript Type1 font that contains a negative array index, which bypasses input validation and triggers memory corruption.
References
► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T03:18:53.042Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "FEDORA-2010-16662", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050285.html" }, { "name": "[oss-security] 20101004 Re: CVE requests: Poppler, Quassel, Pyfribidi, Overkill, DocUtils, FireGPG, Wireshark", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2010/10/04/6" }, { "name": "FEDORA-2010-15857", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049392.html" }, { "name": "RHSA-2010:0859", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2010-0859.html" }, { "name": "42357", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/42357" }, { "name": "MDVSA-2010:228", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:228" }, { "name": "ADV-2011-0230", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2011/0230" }, { "name": "RHSA-2010:0752", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2010-0752.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.openoffice.org/security/cves/CVE-2010-3702_CVE-2010-3704.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=638960" }, { "name": "MDVSA-2010:230", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:230" }, { "name": "SUSE-SR:2010:022", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00006.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=39d140bfc0b8239bdd96d6a55842034ae5c05473" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl5.patch" }, { "name": "RHSA-2012:1201", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2012-1201.html" }, { "name": "MDVSA-2010:231", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:231" }, { "name": "FEDORA-2010-16705", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050390.html" }, { "name": "SSA:2010-324-01", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE", "x_transferred" ], "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2010\u0026m=slackware-security.571720" }, { "name": "RHSA-2010:0751", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2010-0751.html" }, { "name": "42397", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/42397" }, { "name": "42141", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/42141" }, { "name": "FEDORA-2010-15911", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049523.html" }, { "name": "MDVSA-2012:144", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:144" }, { "name": "ADV-2010-3097", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2010/3097" }, { "name": "USN-1005-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/USN-1005-1" }, { "name": "RHSA-2010:0749", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2010-0749.html" }, { "name": "FEDORA-2010-15981", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049545.html" }, { "name": "FEDORA-2010-16744", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050268.html" }, { "name": "ADV-2010-2897", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2010/2897" }, { "name": "42691", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/42691" }, { "name": "DSA-2119", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2010/dsa-2119" }, { "name": "SUSE-SR:2010:024", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html" }, { "name": "MDVSA-2010:229", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:229" }, { "name": "43841", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/43841" }, { "name": "DSA-2135", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2010/dsa-2135" }, { "name": "RHSA-2010:0753", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2010-0753.html" }, { "name": "43079", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/43079" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2010-09-21T00:00:00", "descriptions": [ { "lang": "en", "value": "The FoFiType1::parse function in fofi/FoFiType1.cc in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, kdegraphics, and possibly other products allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a PDF file with a crafted PostScript Type1 font that contains a negative array index, which bypasses input validation and triggers memory corruption." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2010-11-19T10:00:00", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "FEDORA-2010-16662", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050285.html" }, { "name": "[oss-security] 20101004 Re: CVE requests: Poppler, Quassel, Pyfribidi, Overkill, DocUtils, FireGPG, Wireshark", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://www.openwall.com/lists/oss-security/2010/10/04/6" }, { "name": "FEDORA-2010-15857", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049392.html" }, { "name": "RHSA-2010:0859", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2010-0859.html" }, { "name": "42357", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/42357" }, { "name": "MDVSA-2010:228", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:228" }, { "name": "ADV-2011-0230", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2011/0230" }, { "name": "RHSA-2010:0752", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2010-0752.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.openoffice.org/security/cves/CVE-2010-3702_CVE-2010-3704.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=638960" }, { "name": "MDVSA-2010:230", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:230" }, { "name": "SUSE-SR:2010:022", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00006.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=39d140bfc0b8239bdd96d6a55842034ae5c05473" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl5.patch" }, { "name": "RHSA-2012:1201", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2012-1201.html" }, { "name": "MDVSA-2010:231", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:231" }, { "name": "FEDORA-2010-16705", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050390.html" }, { "name": "SSA:2010-324-01", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE" ], "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2010\u0026m=slackware-security.571720" }, { "name": "RHSA-2010:0751", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2010-0751.html" }, { "name": "42397", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/42397" }, { "name": "42141", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/42141" }, { "name": "FEDORA-2010-15911", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049523.html" }, { "name": "MDVSA-2012:144", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:144" }, { "name": "ADV-2010-3097", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2010/3097" }, { "name": "USN-1005-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/USN-1005-1" }, { "name": "RHSA-2010:0749", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2010-0749.html" }, { "name": "FEDORA-2010-15981", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049545.html" }, { "name": "FEDORA-2010-16744", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050268.html" }, { "name": "ADV-2010-2897", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2010/2897" }, { "name": "42691", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/42691" }, { "name": "DSA-2119", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2010/dsa-2119" }, { "name": "SUSE-SR:2010:024", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html" }, { "name": "MDVSA-2010:229", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:229" }, { "name": "43841", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/43841" }, { "name": "DSA-2135", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2010/dsa-2135" }, { "name": "RHSA-2010:0753", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2010-0753.html" }, { "name": "43079", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/43079" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2010-3704", "datePublished": "2010-11-05T17:00:00", "dateReserved": "2010-10-01T00:00:00", "dateUpdated": "2024-08-07T03:18:53.042Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2012-2142 (GCVE-0-2012-2142)
Vulnerability from cvelistv5
Published
2020-01-09 20:42
Modified
2024-08-06 19:26
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Other
Summary
The error function in Error.cc in poppler before 0.21.4 allows remote attackers to execute arbitrary commands via a PDF containing an escape sequence for a terminal emulator.
References
► | URL | Tags | ||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T19:26:08.483Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2013/08/09/6" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2013/08/09/5" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=71bad47ed6a36d825b0d08992c8db56845c71e40" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://cgit.freedesktop.org/poppler/poppler/commit/NEWS?id=2bc48d5369f1dbecfc4db2878f33bdeb80d8d90f" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=789936" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00049.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "poppler", "vendor": "poppler", "versions": [ { "status": "affected", "version": "before 0.21.4" } ] } ], "datePublic": "2012-12-09T00:00:00", "descriptions": [ { "lang": "en", "value": "The error function in Error.cc in poppler before 0.21.4 allows remote attackers to execute arbitrary commands via a PDF containing an escape sequence for a terminal emulator." } ], "problemTypes": [ { "descriptions": [ { "description": "Other", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2020-01-09T20:42:47", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "http://www.openwall.com/lists/oss-security/2013/08/09/6" }, { "tags": [ "x_refsource_MISC" ], "url": "http://www.openwall.com/lists/oss-security/2013/08/09/5" }, { "tags": [ "x_refsource_MISC" ], "url": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=71bad47ed6a36d825b0d08992c8db56845c71e40" }, { "tags": [ "x_refsource_MISC" ], "url": "http://cgit.freedesktop.org/poppler/poppler/commit/NEWS?id=2bc48d5369f1dbecfc4db2878f33bdeb80d8d90f" }, { "tags": [ "x_refsource_MISC" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=789936" }, { "tags": [ "x_refsource_MISC" ], "url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00049.html" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2012-2142", "datePublished": "2020-01-09T20:42:47", "dateReserved": "2012-04-04T00:00:00", "dateUpdated": "2024-08-06T19:26:08.483Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2009-0755 (GCVE-0-2009-0755)
Vulnerability from cvelistv5
Published
2009-03-03 16:00
Modified
2024-08-07 04:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The FormWidgetChoice::loadDefaults function in Poppler before 0.10.4 allows remote attackers to cause a denial of service (crash) via a PDF file with an invalid Form Opt entry.
References
► | URL | Tags | |||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T04:48:51.910Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "33749", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/33749" }, { "name": "DSA-1941", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2009/dsa-1941" }, { "name": "[poppler] 20090128 poppler/Form.cc", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://lists.freedesktop.org/archives/poppler/2009-January/004406.html" }, { "name": "33853", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/33853" }, { "name": "[oss-security] 20090219 Re: CVE Request: Poppler -Two Denial of Service Vulnerabilities", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2009/02/19/2" }, { "name": "37114", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/37114" }, { "name": "[oss-security] 20090213 CVE Request: Poppler -Two Denial of Service Vulnerabilities", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2009/02/13/1" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://wiki.rpath.com/Advisories:rPSA-2009-0059" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://bugs.freedesktop.org/show_bug.cgi?id=19790" }, { "name": "35685", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/35685" }, { "name": "USN-850-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/USN-850-1" }, { "name": "20090417 rPSA-2009-0059-1 poppler", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/502761/100/0/threaded" }, { "name": "SUSE-SR:2009:012", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2009-01-28T00:00:00", "descriptions": [ { "lang": "en", "value": "The FormWidgetChoice::loadDefaults function in Poppler before 0.10.4 allows remote attackers to cause a denial of service (crash) via a PDF file with an invalid Form Opt entry." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-10T18:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "33749", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/33749" }, { "name": "DSA-1941", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2009/dsa-1941" }, { "name": "[poppler] 20090128 poppler/Form.cc", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://lists.freedesktop.org/archives/poppler/2009-January/004406.html" }, { "name": "33853", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/33853" }, { "name": "[oss-security] 20090219 Re: CVE Request: Poppler -Two Denial of Service Vulnerabilities", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://www.openwall.com/lists/oss-security/2009/02/19/2" }, { "name": "37114", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/37114" }, { "name": "[oss-security] 20090213 CVE Request: Poppler -Two Denial of Service Vulnerabilities", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://www.openwall.com/lists/oss-security/2009/02/13/1" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://wiki.rpath.com/Advisories:rPSA-2009-0059" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://bugs.freedesktop.org/show_bug.cgi?id=19790" }, { "name": "35685", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/35685" }, { "name": "USN-850-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/USN-850-1" }, { "name": "20090417 rPSA-2009-0059-1 poppler", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/502761/100/0/threaded" }, { "name": "SUSE-SR:2009:012", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2009-0755", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The FormWidgetChoice::loadDefaults function in Poppler before 0.10.4 allows remote attackers to cause a denial of service (crash) via a PDF file with an invalid Form Opt entry." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "33749", "refsource": "BID", "url": "http://www.securityfocus.com/bid/33749" }, { "name": "DSA-1941", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2009/dsa-1941" }, { "name": "[poppler] 20090128 poppler/Form.cc", "refsource": "MLIST", "url": "http://lists.freedesktop.org/archives/poppler/2009-January/004406.html" }, { "name": "33853", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/33853" }, { "name": "[oss-security] 20090219 Re: CVE Request: Poppler -Two Denial of Service Vulnerabilities", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2009/02/19/2" }, { "name": "37114", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/37114" }, { "name": "[oss-security] 20090213 CVE Request: Poppler -Two Denial of Service Vulnerabilities", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2009/02/13/1" }, { "name": "http://wiki.rpath.com/Advisories:rPSA-2009-0059", "refsource": "CONFIRM", "url": "http://wiki.rpath.com/Advisories:rPSA-2009-0059" }, { "name": "http://bugs.freedesktop.org/show_bug.cgi?id=19790", "refsource": "CONFIRM", "url": "http://bugs.freedesktop.org/show_bug.cgi?id=19790" }, { "name": "35685", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/35685" }, { "name": "USN-850-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-850-1" }, { "name": "20090417 rPSA-2009-0059-1 poppler", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/502761/100/0/threaded" }, { "name": "SUSE-SR:2009:012", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2009-0755", "datePublished": "2009-03-03T16:00:00", "dateReserved": "2009-03-03T00:00:00", "dateUpdated": "2024-08-07T04:48:51.910Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2010-4653 (GCVE-0-2010-4653)
Vulnerability from cvelistv5
Published
2019-11-13 19:12
Modified
2024-08-07 03:51
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Integer Overflow
Summary
An integer overflow condition in poppler before 0.16.3 can occur when parsing CharCodes for fonts.
References
► | URL | Tags | |||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T03:51:17.954Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://security-tracker.debian.org/tracker/CVE-2010-4653" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4653" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://access.redhat.com/security/cve/cve-2010-4653" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://security.gentoo.org/glsa/glsa-201310-03.xml" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://www.securityfocus.com/bid/45948" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "poppler", "vendor": "poppler", "versions": [ { "status": "affected", "version": "before 0.16.3" } ] } ], "descriptions": [ { "lang": "en", "value": "An integer overflow condition in poppler before 0.16.3 can occur when parsing CharCodes for fonts." } ], "problemTypes": [ { "descriptions": [ { "description": "Integer Overflow", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2019-11-13T19:12:53", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://security-tracker.debian.org/tracker/CVE-2010-4653" }, { "tags": [ "x_refsource_MISC" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4653" }, { "tags": [ "x_refsource_MISC" ], "url": "https://access.redhat.com/security/cve/cve-2010-4653" }, { "tags": [ "x_refsource_MISC" ], "url": "http://security.gentoo.org/glsa/glsa-201310-03.xml" }, { "tags": [ "x_refsource_MISC" ], "url": "http://www.securityfocus.com/bid/45948" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2010-4653", "datePublished": "2019-11-13T19:12:53", "dateReserved": "2011-01-03T00:00:00", "dateUpdated": "2024-08-07T03:51:17.954Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2009-1188 (GCVE-0-2009-1188)
Vulnerability from cvelistv5
Published
2009-04-23 19:11
Modified
2024-08-07 05:04
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Integer overflow in the JBIG2 decoding feature in the SplashBitmap::SplashBitmap function in SplashBitmap.cc in Xpdf 3.x before 3.02pl4 and Poppler before 0.10.6, as used in GPdf and kdegraphics KPDF, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document.
References
► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T05:04:49.317Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "39938", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/39938" }, { "name": "oval:org.mitre.oval:def:9957", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9957" }, { "name": "37028", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/37028" }, { "name": "FEDORA-2010-1377", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035408.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://bugs.gentoo.org/show_bug.cgi?id=263028#c16" }, { "name": "RHSA-2009:1501", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://rhn.redhat.com/errata/RHSA-2009-1501.html" }, { "name": "37079", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/37079" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://bugs.launchpad.net/ubuntu/+source/poppler/+bug/361875" }, { "name": "35064", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/35064" }, { "name": "DSA-2028", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2010/dsa-2028" }, { "name": "DSA-2050", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2010/dsa-2050" }, { "name": "FEDORA-2010-1805", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035340.html" }, { "name": "RHSA-2009:1512", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://rhn.redhat.com/errata/RHSA-2009-1512.html" }, { "name": "FEDORA-2009-6972", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html" }, { "name": "35618", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/35618" }, { "name": "37077", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/37077" }, { "name": "RHSA-2009:0480", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://poppler.freedesktop.org/releases.html" }, { "name": "RHSA-2009:1503", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://rhn.redhat.com/errata/RHSA-2009-1503.html" }, { "name": "34568", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/34568" }, { "name": "MDVSA-2011:175", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175" }, { "name": "VU#196617", "tags": [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred" ], "url": "http://www.kb.cert.org/vuls/id/196617" }, { "name": "37037", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/37037" }, { "name": "ADV-2010-1040", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2010/1040" }, { "name": "ADV-2010-0802", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2010/0802" }, { "name": "RHSA-2009:1502", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://rhn.redhat.com/errata/RHSA-2009-1502.html" }, { "name": "poppler-jbig2-splashbitmap-code-execution(50185)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50185" }, { "name": "FEDORA-2009-6982", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html" }, { "name": "FEDORA-2010-1842", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035399.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://wiki.rpath.com/Advisories:rPSA-2009-0059" }, { "name": "ADV-2009-2928", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2009/2928" }, { "name": "MDVSA-2010:087", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087" }, { "name": "ADV-2010-1220", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2010/1220" }, { "name": "ADV-2009-1076", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2009/1076" }, { "name": "37053", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/37053" }, { "name": "20090417 rPSA-2009-0059-1 poppler", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/502761/100/0/threaded" }, { "name": "39327", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/39327" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=495907" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=526915" }, { "name": "FEDORA-2009-6973", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html" }, { "name": "37043", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/37043" }, { "name": "34746", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/34746" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2009-04-16T00:00:00", "descriptions": [ { "lang": "en", "value": "Integer overflow in the JBIG2 decoding feature in the SplashBitmap::SplashBitmap function in SplashBitmap.cc in Xpdf 3.x before 3.02pl4 and Poppler before 0.10.6, as used in GPdf and kdegraphics KPDF, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-10T18:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "39938", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/39938" }, { "name": "oval:org.mitre.oval:def:9957", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9957" }, { "name": "37028", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/37028" }, { "name": "FEDORA-2010-1377", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035408.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://bugs.gentoo.org/show_bug.cgi?id=263028#c16" }, { "name": "RHSA-2009:1501", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://rhn.redhat.com/errata/RHSA-2009-1501.html" }, { "name": "37079", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/37079" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://bugs.launchpad.net/ubuntu/+source/poppler/+bug/361875" }, { "name": "35064", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/35064" }, { "name": "DSA-2028", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2010/dsa-2028" }, { "name": "DSA-2050", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2010/dsa-2050" }, { "name": "FEDORA-2010-1805", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035340.html" }, { "name": "RHSA-2009:1512", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://rhn.redhat.com/errata/RHSA-2009-1512.html" }, { "name": "FEDORA-2009-6972", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html" }, { "name": "35618", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/35618" }, { "name": "37077", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/37077" }, { "name": "RHSA-2009:0480", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://poppler.freedesktop.org/releases.html" }, { "name": "RHSA-2009:1503", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://rhn.redhat.com/errata/RHSA-2009-1503.html" }, { "name": "34568", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/34568" }, { "name": "MDVSA-2011:175", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175" }, { "name": "VU#196617", "tags": [ "third-party-advisory", "x_refsource_CERT-VN" ], "url": "http://www.kb.cert.org/vuls/id/196617" }, { "name": "37037", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/37037" }, { "name": "ADV-2010-1040", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2010/1040" }, { "name": "ADV-2010-0802", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2010/0802" }, { "name": "RHSA-2009:1502", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://rhn.redhat.com/errata/RHSA-2009-1502.html" }, { "name": "poppler-jbig2-splashbitmap-code-execution(50185)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50185" }, { "name": "FEDORA-2009-6982", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html" }, { "name": "FEDORA-2010-1842", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035399.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://wiki.rpath.com/Advisories:rPSA-2009-0059" }, { "name": "ADV-2009-2928", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2009/2928" }, { "name": "MDVSA-2010:087", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087" }, { "name": "ADV-2010-1220", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2010/1220" }, { "name": "ADV-2009-1076", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2009/1076" }, { "name": "37053", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/37053" }, { "name": "20090417 rPSA-2009-0059-1 poppler", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/502761/100/0/threaded" }, { "name": "39327", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/39327" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=495907" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=526915" }, { "name": "FEDORA-2009-6973", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html" }, { "name": "37043", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/37043" }, { "name": "34746", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/34746" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2009-1188", "datePublished": "2009-04-23T19:11:00", "dateReserved": "2009-03-31T00:00:00", "dateUpdated": "2024-08-07T05:04:49.317Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2009-1183 (GCVE-0-2009-1183)
Vulnerability from cvelistv5
Published
2009-04-23 17:00
Modified
2024-08-07 05:04
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service (infinite loop and hang) via a crafted PDF file.
References
► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T05:04:49.221Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "DSA-1793", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2009/dsa-1793" }, { "name": "34963", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/34963" }, { "name": "DSA-1790", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2009/dsa-1790" }, { "name": "35037", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/35037" }, { "name": "ADV-2009-1077", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2009/1077" }, { "name": "35064", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/35064" }, { "name": "ADV-2009-1066", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2009/1066" }, { "name": "34481", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/34481" }, { "name": "SSA:2009-129-01", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE", "x_transferred" ], "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477" }, { "name": "1022072", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id?1022072" }, { "name": "RHSA-2009:0431", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html" }, { "name": "ADV-2009-1065", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2009/1065" }, { "name": "RHSA-2009:0430", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html" }, { "name": "FEDORA-2009-6972", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=495899" }, { "name": "35618", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/35618" }, { "name": "35065", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/35065" }, { "name": "RHSA-2009:0480", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://poppler.freedesktop.org/releases.html" }, { "name": "34568", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/34568" }, { "name": "MDVSA-2011:175", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175" }, { "name": "VU#196617", "tags": [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred" ], "url": "http://www.kb.cert.org/vuls/id/196617" }, { "name": "ADV-2010-1040", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2010/1040" }, { "name": "SUSE-SA:2009:024", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html" }, { "name": "RHSA-2009:0458", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html" }, { "name": "oval:org.mitre.oval:def:10769", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10769" }, { "name": "FEDORA-2009-6982", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html" }, { "name": "34991", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/34991" }, { "name": "MDVSA-2009:101", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101" }, { "name": "MDVSA-2010:087", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087" }, { "name": "SUSE-SR:2009:010", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html" }, { "name": "35685", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/35685" }, { "name": "ADV-2009-1076", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2009/1076" }, { "name": "34756", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/34756" }, { "name": "34291", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/34291" }, { "name": "34755", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/34755" }, { "name": "34852", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/34852" }, { "name": "SUSE-SR:2009:012", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html" }, { "name": "FEDORA-2009-6973", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html" }, { "name": "34959", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/34959" }, { "name": "34746", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/34746" }, { "name": "RHSA-2009:0429", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2009-04-16T00:00:00", "descriptions": [ { "lang": "en", "value": "The JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service (infinite loop and hang) via a crafted PDF file." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-09-28T12:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "DSA-1793", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2009/dsa-1793" }, { "name": "34963", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/34963" }, { "name": "DSA-1790", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2009/dsa-1790" }, { "name": "35037", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/35037" }, { "name": "ADV-2009-1077", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2009/1077" }, { "name": "35064", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/35064" }, { "name": "ADV-2009-1066", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2009/1066" }, { "name": "34481", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/34481" }, { "name": "SSA:2009-129-01", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE" ], "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477" }, { "name": "1022072", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id?1022072" }, { "name": "RHSA-2009:0431", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html" }, { "name": "ADV-2009-1065", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2009/1065" }, { "name": "RHSA-2009:0430", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html" }, { "name": "FEDORA-2009-6972", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=495899" }, { "name": "35618", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/35618" }, { "name": "35065", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/35065" }, { "name": "RHSA-2009:0480", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://poppler.freedesktop.org/releases.html" }, { "name": "34568", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/34568" }, { "name": "MDVSA-2011:175", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175" }, { "name": "VU#196617", "tags": [ "third-party-advisory", "x_refsource_CERT-VN" ], "url": "http://www.kb.cert.org/vuls/id/196617" }, { "name": "ADV-2010-1040", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2010/1040" }, { "name": "SUSE-SA:2009:024", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html" }, { "name": "RHSA-2009:0458", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html" }, { "name": "oval:org.mitre.oval:def:10769", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10769" }, { "name": "FEDORA-2009-6982", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html" }, { "name": "34991", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/34991" }, { "name": "MDVSA-2009:101", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101" }, { "name": "MDVSA-2010:087", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087" }, { "name": "SUSE-SR:2009:010", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html" }, { "name": "35685", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/35685" }, { "name": "ADV-2009-1076", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2009/1076" }, { "name": "34756", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/34756" }, { "name": "34291", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/34291" }, { "name": "34755", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/34755" }, { "name": "34852", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/34852" }, { "name": "SUSE-SR:2009:012", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html" }, { "name": "FEDORA-2009-6973", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html" }, { "name": "34959", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/34959" }, { "name": "34746", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/34746" }, { "name": "RHSA-2009:0429", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2009-1183", "datePublished": "2009-04-23T17:00:00", "dateReserved": "2009-03-31T00:00:00", "dateUpdated": "2024-08-07T05:04:49.221Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2009-1179 (GCVE-0-2009-1179)
Vulnerability from cvelistv5
Published
2009-04-23 17:00
Modified
2024-08-07 05:04
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to execute arbitrary code via a crafted PDF file.
References
► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T05:04:49.216Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "DSA-1793", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2009/dsa-1793" }, { "name": "34963", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/34963" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.apple.com/kb/HT3639" }, { "name": "DSA-1790", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2009/dsa-1790" }, { "name": "35037", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/35037" }, { "name": "ADV-2009-1077", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2009/1077" }, { "name": "ADV-2009-1621", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2009/1621" }, { "name": "35064", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/35064" }, { "name": "ADV-2009-1066", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2009/1066" }, { "name": "34481", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/34481" }, { "name": "SSA:2009-129-01", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE", "x_transferred" ], "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477" }, { "name": "APPLE-SA-2009-06-08-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html" }, { "name": "RHSA-2009:0431", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html" }, { "name": "ADV-2009-1065", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2009/1065" }, { "name": "RHSA-2009:0430", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html" }, { "name": "ADV-2009-1522", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2009/1522" }, { "name": "FEDORA-2009-6972", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html" }, { "name": "35618", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/35618" }, { "name": "APPLE-SA-2009-06-17-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html" }, { "name": "35065", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/35065" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=495889" }, { "name": "RHSA-2009:0480", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://poppler.freedesktop.org/releases.html" }, { "name": "34568", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/34568" }, { "name": "MDVSA-2011:175", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175" }, { "name": "VU#196617", "tags": [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred" ], "url": "http://www.kb.cert.org/vuls/id/196617" }, { "name": "ADV-2010-1040", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2010/1040" }, { "name": "SUSE-SA:2009:024", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html" }, { "name": "RHSA-2009:0458", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html" }, { "name": "FEDORA-2009-6982", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html" }, { "name": "34991", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/34991" }, { "name": "35379", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/35379" }, { "name": "MDVSA-2009:101", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101" }, { "name": "MDVSA-2010:087", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087" }, { "name": "SUSE-SR:2009:010", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html" }, { "name": "35685", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/35685" }, { "name": "ADV-2009-1076", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2009/1076" }, { "name": "34756", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/34756" }, { "name": "34291", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/34291" }, { "name": "34755", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/34755" }, { "name": "34852", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/34852" }, { "name": "SUSE-SR:2009:012", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html" }, { "name": "FEDORA-2009-6973", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html" }, { "name": "34959", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/34959" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.apple.com/kb/HT3613" }, { "name": "34746", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/34746" }, { "name": "RHSA-2009:0429", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html" }, { "name": "1022073", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id?1022073" }, { "name": "oval:org.mitre.oval:def:11892", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11892" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2009-04-16T00:00:00", "descriptions": [ { "lang": "en", "value": "Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to execute arbitrary code via a crafted PDF file." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-09-28T12:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "DSA-1793", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2009/dsa-1793" }, { "name": "34963", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/34963" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.apple.com/kb/HT3639" }, { "name": "DSA-1790", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2009/dsa-1790" }, { "name": "35037", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/35037" }, { "name": "ADV-2009-1077", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2009/1077" }, { "name": "ADV-2009-1621", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2009/1621" }, { "name": "35064", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/35064" }, { "name": "ADV-2009-1066", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2009/1066" }, { "name": "34481", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/34481" }, { "name": "SSA:2009-129-01", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE" ], "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477" }, { "name": "APPLE-SA-2009-06-08-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html" }, { "name": "RHSA-2009:0431", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html" }, { "name": "ADV-2009-1065", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2009/1065" }, { "name": "RHSA-2009:0430", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html" }, { "name": "ADV-2009-1522", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2009/1522" }, { "name": "FEDORA-2009-6972", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html" }, { "name": "35618", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/35618" }, { "name": "APPLE-SA-2009-06-17-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html" }, { "name": "35065", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/35065" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=495889" }, { "name": "RHSA-2009:0480", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://poppler.freedesktop.org/releases.html" }, { "name": "34568", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/34568" }, { "name": "MDVSA-2011:175", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175" }, { "name": "VU#196617", "tags": [ "third-party-advisory", "x_refsource_CERT-VN" ], "url": "http://www.kb.cert.org/vuls/id/196617" }, { "name": "ADV-2010-1040", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2010/1040" }, { "name": "SUSE-SA:2009:024", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html" }, { "name": "RHSA-2009:0458", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html" }, { "name": "FEDORA-2009-6982", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html" }, { "name": "34991", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/34991" }, { "name": "35379", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/35379" }, { "name": "MDVSA-2009:101", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101" }, { "name": "MDVSA-2010:087", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087" }, { "name": "SUSE-SR:2009:010", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html" }, { "name": "35685", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/35685" }, { "name": "ADV-2009-1076", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2009/1076" }, { "name": "34756", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/34756" }, { "name": "34291", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/34291" }, { "name": "34755", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/34755" }, { "name": "34852", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/34852" }, { "name": "SUSE-SR:2009:012", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html" }, { "name": "FEDORA-2009-6973", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html" }, { "name": "34959", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/34959" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.apple.com/kb/HT3613" }, { "name": "34746", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/34746" }, { "name": "RHSA-2009:0429", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html" }, { "name": "1022073", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id?1022073" }, { "name": "oval:org.mitre.oval:def:11892", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11892" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2009-1179", "datePublished": "2009-04-23T17:00:00", "dateReserved": "2009-03-31T00:00:00", "dateUpdated": "2024-08-07T05:04:49.216Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2009-1187 (GCVE-0-2009-1187)
Vulnerability from cvelistv5
Published
2009-04-23 19:11
Modified
2024-08-07 05:04
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Integer overflow in the JBIG2 decoding feature in Poppler before 0.10.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to CairoOutputDev (CairoOutputDev.cc).
References
► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T05:04:49.269Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://bugs.gentoo.org/show_bug.cgi?id=263028#c16" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://bugs.launchpad.net/ubuntu/+source/poppler/+bug/361875" }, { "name": "35064", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/35064" }, { "name": "FEDORA-2009-6972", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html" }, { "name": "poppler-jbig2-cairooutputdev-code-excution(50184)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50184" }, { "name": "35618", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/35618" }, { "name": "RHSA-2009:0480", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://poppler.freedesktop.org/releases.html" }, { "name": "34568", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/34568" }, { "name": "MDVSA-2011:175", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175" }, { "name": "VU#196617", "tags": [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred" ], "url": "http://www.kb.cert.org/vuls/id/196617" }, { "name": "ADV-2010-1040", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2010/1040" }, { "name": "FEDORA-2009-6982", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://wiki.rpath.com/Advisories:rPSA-2009-0059" }, { "name": "MDVSA-2010:087", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087" }, { "name": "ADV-2009-1076", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2009/1076" }, { "name": "oval:org.mitre.oval:def:10292", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10292" }, { "name": "20090417 rPSA-2009-0059-1 poppler", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/502761/100/0/threaded" }, { "name": "FEDORA-2009-6973", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html" }, { "name": "34746", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/34746" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2009-04-16T00:00:00", "descriptions": [ { "lang": "en", "value": "Integer overflow in the JBIG2 decoding feature in Poppler before 0.10.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to CairoOutputDev (CairoOutputDev.cc)." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-10T18:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "http://bugs.gentoo.org/show_bug.cgi?id=263028#c16" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://bugs.launchpad.net/ubuntu/+source/poppler/+bug/361875" }, { "name": "35064", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/35064" }, { "name": "FEDORA-2009-6972", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html" }, { "name": "poppler-jbig2-cairooutputdev-code-excution(50184)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50184" }, { "name": "35618", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/35618" }, { "name": "RHSA-2009:0480", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://poppler.freedesktop.org/releases.html" }, { "name": "34568", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/34568" }, { "name": "MDVSA-2011:175", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175" }, { "name": "VU#196617", "tags": [ "third-party-advisory", "x_refsource_CERT-VN" ], "url": "http://www.kb.cert.org/vuls/id/196617" }, { "name": "ADV-2010-1040", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2010/1040" }, { "name": "FEDORA-2009-6982", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://wiki.rpath.com/Advisories:rPSA-2009-0059" }, { "name": "MDVSA-2010:087", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087" }, { "name": "ADV-2009-1076", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2009/1076" }, { "name": "oval:org.mitre.oval:def:10292", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10292" }, { "name": "20090417 rPSA-2009-0059-1 poppler", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/502761/100/0/threaded" }, { "name": "FEDORA-2009-6973", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html" }, { "name": "34746", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/34746" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2009-1187", "datePublished": "2009-04-23T19:11:00", "dateReserved": "2009-03-31T00:00:00", "dateUpdated": "2024-08-07T05:04:49.269Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2009-0800 (GCVE-0-2009-0800)
Vulnerability from cvelistv5
Published
2009-04-23 17:00
Modified
2024-08-07 04:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple "input validation flaws" in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allow remote attackers to execute arbitrary code via a crafted PDF file.
References
► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T04:48:52.150Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "DSA-1793", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2009/dsa-1793" }, { "name": "34963", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/34963" }, { "name": "DSA-1790", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2009/dsa-1790" }, { "name": "35037", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/35037" }, { "name": "ADV-2009-1077", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2009/1077" }, { "name": "35064", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/35064" }, { "name": "ADV-2009-1066", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2009/1066" }, { "name": "34481", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/34481" }, { "name": "SSA:2009-129-01", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE", "x_transferred" ], "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477" }, { "name": "RHSA-2009:0431", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html" }, { "name": "ADV-2009-1065", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2009/1065" }, { "name": "RHSA-2009:0430", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html" }, { "name": "FEDORA-2009-6972", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html" }, { "name": "35618", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/35618" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=495887" }, { "name": "35065", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/35065" }, { "name": "RHSA-2009:0480", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://poppler.freedesktop.org/releases.html" }, { "name": "34568", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/34568" }, { "name": "MDVSA-2011:175", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175" }, { "name": "VU#196617", "tags": [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred" ], "url": "http://www.kb.cert.org/vuls/id/196617" }, { "name": "ADV-2010-1040", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2010/1040" }, { "name": "SUSE-SA:2009:024", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html" }, { "name": "RHSA-2009:0458", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html" }, { "name": "FEDORA-2009-6982", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html" }, { "name": "34991", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/34991" }, { "name": "MDVSA-2009:101", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101" }, { "name": "MDVSA-2010:087", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087" }, { "name": "SUSE-SR:2009:010", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html" }, { "name": "35685", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/35685" }, { "name": "ADV-2009-1076", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2009/1076" }, { "name": "34756", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/34756" }, { "name": "34291", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/34291" }, { "name": "34755", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/34755" }, { "name": "34852", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/34852" }, { "name": "SUSE-SR:2009:012", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html" }, { "name": "FEDORA-2009-6973", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html" }, { "name": "34959", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/34959" }, { "name": "oval:org.mitre.oval:def:11323", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11323" }, { "name": "34746", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/34746" }, { "name": "RHSA-2009:0429", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html" }, { "name": "1022073", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id?1022073" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2009-04-16T00:00:00", "descriptions": [ { "lang": "en", "value": "Multiple \"input validation flaws\" in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allow remote attackers to execute arbitrary code via a crafted PDF file." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-09-28T12:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "DSA-1793", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2009/dsa-1793" }, { "name": "34963", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/34963" }, { "name": "DSA-1790", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2009/dsa-1790" }, { "name": "35037", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/35037" }, { "name": "ADV-2009-1077", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2009/1077" }, { "name": "35064", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/35064" }, { "name": "ADV-2009-1066", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2009/1066" }, { "name": "34481", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/34481" }, { "name": "SSA:2009-129-01", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE" ], "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477" }, { "name": "RHSA-2009:0431", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html" }, { "name": "ADV-2009-1065", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2009/1065" }, { "name": "RHSA-2009:0430", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html" }, { "name": "FEDORA-2009-6972", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html" }, { "name": "35618", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/35618" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=495887" }, { "name": "35065", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/35065" }, { "name": "RHSA-2009:0480", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://poppler.freedesktop.org/releases.html" }, { "name": "34568", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/34568" }, { "name": "MDVSA-2011:175", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175" }, { "name": "VU#196617", "tags": [ "third-party-advisory", "x_refsource_CERT-VN" ], "url": "http://www.kb.cert.org/vuls/id/196617" }, { "name": "ADV-2010-1040", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2010/1040" }, { "name": "SUSE-SA:2009:024", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html" }, { "name": "RHSA-2009:0458", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html" }, { "name": "FEDORA-2009-6982", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html" }, { "name": "34991", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/34991" }, { "name": "MDVSA-2009:101", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101" }, { "name": "MDVSA-2010:087", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087" }, { "name": "SUSE-SR:2009:010", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html" }, { "name": "35685", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/35685" }, { "name": "ADV-2009-1076", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2009/1076" }, { "name": "34756", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/34756" }, { "name": "34291", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/34291" }, { "name": "34755", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/34755" }, { "name": "34852", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/34852" }, { "name": "SUSE-SR:2009:012", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html" }, { "name": "FEDORA-2009-6973", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html" }, { "name": "34959", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/34959" }, { "name": "oval:org.mitre.oval:def:11323", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11323" }, { "name": "34746", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/34746" }, { "name": "RHSA-2009:0429", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html" }, { "name": "1022073", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id?1022073" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2009-0800", "datePublished": "2009-04-23T17:00:00", "dateReserved": "2009-03-04T00:00:00", "dateUpdated": "2024-08-07T04:48:52.150Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2009-3608 (GCVE-0-2009-3608)
Vulnerability from cvelistv5
Published
2009-10-21 17:00
Modified
2024-08-07 06:31
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Integer overflow in the ObjectStream::ObjectStream function in XRef.cc in Xpdf 3.x before 3.02pl4 and Poppler before 0.12.1, as used in GPdf, kdegraphics KPDF, CUPS pdftops, and teTeX, might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow.
References
► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T06:31:10.520Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "39938", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/39938" }, { "name": "RHSA-2009:1504", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://rhn.redhat.com/errata/RHSA-2009-1504.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl4.patch" }, { "name": "DSA-1941", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2009/dsa-1941" }, { "name": "MDVSA-2009:287", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:287" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=526637" }, { "name": "[oss-security] 20091201 Re: Need more information on recent poppler issues", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2009/12/01/6" }, { "name": "37028", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/37028" }, { "name": "FEDORA-2010-1377", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035408.html" }, { "name": "FEDORA-2009-10823", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00750.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://poppler.freedesktop.org/" }, { "name": "RHSA-2009:1501", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://rhn.redhat.com/errata/RHSA-2009-1501.html" }, { "name": "37079", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/37079" }, { "name": "SUSE-SR:2009:018", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html" }, { "name": "DSA-2028", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2010/dsa-2028" }, { "name": "DSA-2050", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2010/dsa-2050" }, { "name": "[oss-security] 20091130 Need more information on recent poppler issues", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2009/12/01/1" }, { "name": "37159", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/37159" }, { "name": "37054", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/37054" }, { "name": "FEDORA-2010-1805", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035340.html" }, { "name": "1021706", "tags": [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1" }, { "name": "FEDORA-2009-10845", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00784.html" }, { "name": "RHSA-2009:1512", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://rhn.redhat.com/errata/RHSA-2009-1512.html" }, { "name": "37114", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/37114" }, { "name": "37077", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/37077" }, { "name": "1023029", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://securitytracker.com/id?1023029" }, { "name": "RHSA-2009:1503", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://rhn.redhat.com/errata/RHSA-2009-1503.html" }, { "name": "ADV-2009-2926", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2009/2926" }, { "name": "MDVSA-2011:175", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175" }, { "name": "37037", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/37037" }, { "name": "USN-850-3", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/USN-850-3" }, { "name": "ADV-2010-0802", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2010/0802" }, { "name": "RHSA-2009:1502", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://rhn.redhat.com/errata/RHSA-2009-1502.html" }, { "name": "FEDORA-2010-1842", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035399.html" }, { "name": "xpdf-objectstream-bo(53794)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53794" }, { "name": "ADV-2009-2928", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2009/2928" }, { "name": "RHSA-2009:1513", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://rhn.redhat.com/errata/RHSA-2009-1513.html" }, { "name": "37034", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/37034" }, { "name": "[oss-security] 20091130 Re: Need more information on recent poppler issues", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2009/12/01/5" }, { "name": "ADV-2009-2924", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2009/2924" }, { "name": "37051", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/37051" }, { "name": "274030", "tags": [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1" }, { "name": "ADV-2010-1220", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2010/1220" }, { "name": "USN-850-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/USN-850-1" }, { "name": "37053", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/37053" }, { "name": "37061", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/37061" }, { "name": "39327", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/39327" }, { "name": "37043", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/37043" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://www.ocert.org/advisories/ocert-2009-016.html" }, { "name": "oval:org.mitre.oval:def:9536", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9536" }, { "name": "36703", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/36703" }, { "name": "ADV-2009-2925", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2009/2925" }, { "name": "MDVSA-2009:334", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:334" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2009-10-15T00:00:00", "descriptions": [ { "lang": "en", "value": "Integer overflow in the ObjectStream::ObjectStream function in XRef.cc in Xpdf 3.x before 3.02pl4 and Poppler before 0.12.1, as used in GPdf, kdegraphics KPDF, CUPS pdftops, and teTeX, might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-09-18T12:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "39938", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/39938" }, { "name": "RHSA-2009:1504", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://rhn.redhat.com/errata/RHSA-2009-1504.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl4.patch" }, { "name": "DSA-1941", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2009/dsa-1941" }, { "name": "MDVSA-2009:287", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:287" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=526637" }, { "name": "[oss-security] 20091201 Re: Need more information on recent poppler issues", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://www.openwall.com/lists/oss-security/2009/12/01/6" }, { "name": "37028", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/37028" }, { "name": "FEDORA-2010-1377", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035408.html" }, { "name": "FEDORA-2009-10823", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00750.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://poppler.freedesktop.org/" }, { "name": "RHSA-2009:1501", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://rhn.redhat.com/errata/RHSA-2009-1501.html" }, { "name": "37079", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/37079" }, { "name": "SUSE-SR:2009:018", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html" }, { "name": "DSA-2028", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2010/dsa-2028" }, { "name": "DSA-2050", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2010/dsa-2050" }, { "name": "[oss-security] 20091130 Need more information on recent poppler issues", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://www.openwall.com/lists/oss-security/2009/12/01/1" }, { "name": "37159", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/37159" }, { "name": "37054", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/37054" }, { "name": "FEDORA-2010-1805", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035340.html" }, { "name": "1021706", "tags": [ "vendor-advisory", "x_refsource_SUNALERT" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1" }, { "name": "FEDORA-2009-10845", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00784.html" }, { "name": "RHSA-2009:1512", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://rhn.redhat.com/errata/RHSA-2009-1512.html" }, { "name": "37114", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/37114" }, { "name": "37077", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/37077" }, { "name": "1023029", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://securitytracker.com/id?1023029" }, { "name": "RHSA-2009:1503", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://rhn.redhat.com/errata/RHSA-2009-1503.html" }, { "name": "ADV-2009-2926", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2009/2926" }, { "name": "MDVSA-2011:175", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175" }, { "name": "37037", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/37037" }, { "name": "USN-850-3", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/USN-850-3" }, { "name": "ADV-2010-0802", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2010/0802" }, { "name": "RHSA-2009:1502", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://rhn.redhat.com/errata/RHSA-2009-1502.html" }, { "name": "FEDORA-2010-1842", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035399.html" }, { "name": "xpdf-objectstream-bo(53794)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53794" }, { "name": "ADV-2009-2928", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2009/2928" }, { "name": "RHSA-2009:1513", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://rhn.redhat.com/errata/RHSA-2009-1513.html" }, { "name": "37034", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/37034" }, { "name": "[oss-security] 20091130 Re: Need more information on recent poppler issues", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://www.openwall.com/lists/oss-security/2009/12/01/5" }, { "name": "ADV-2009-2924", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2009/2924" }, { "name": "37051", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/37051" }, { "name": "274030", "tags": [ "vendor-advisory", "x_refsource_SUNALERT" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1" }, { "name": "ADV-2010-1220", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2010/1220" }, { "name": "USN-850-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/USN-850-1" }, { "name": "37053", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/37053" }, { "name": "37061", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/37061" }, { "name": "39327", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/39327" }, { "name": "37043", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/37043" }, { "tags": [ "x_refsource_MISC" ], "url": "http://www.ocert.org/advisories/ocert-2009-016.html" }, { "name": "oval:org.mitre.oval:def:9536", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9536" }, { "name": "36703", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/36703" }, { "name": "ADV-2009-2925", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2009/2925" }, { "name": "MDVSA-2009:334", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:334" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2009-3608", "datePublished": "2009-10-21T17:00:00", "dateReserved": "2009-10-09T00:00:00", "dateUpdated": "2024-08-07T06:31:10.520Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2017-2818 (GCVE-0-2017-2818)
Vulnerability from cvelistv5
Published
2017-07-12 17:00
Modified
2024-09-17 04:29
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- heap overflow
Summary
An exploitable heap overflow vulnerability exists in the image rendering functionality of Poppler 0.53.0. A specifically crafted PDF can cause an overly large number of color components during image rendering, resulting in heap corruption. An attacker controlled PDF file can be used to trigger this vulnerability.
References
► | URL | Tags | ||||||
---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T14:02:07.753Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "99497", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/99497" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2017-0319" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Poppler", "vendor": "Poppler", "versions": [ { "status": "affected", "version": "0.53.0" } ] } ], "datePublic": "2017-07-11T00:00:00", "descriptions": [ { "lang": "en", "value": "An exploitable heap overflow vulnerability exists in the image rendering functionality of Poppler 0.53.0. A specifically crafted PDF can cause an overly large number of color components during image rendering, resulting in heap corruption. An attacker controlled PDF file can be used to trigger this vulnerability." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "description": "heap overflow", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-04-19T18:22:47", "orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b", "shortName": "talos" }, "references": [ { "name": "99497", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/99497" }, { "tags": [ "x_refsource_MISC" ], "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2017-0319" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "talos-cna@cisco.com", "DATE_PUBLIC": "2017-07-11T00:00:00", "ID": "CVE-2017-2818", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Poppler", "version": { "version_data": [ { "version_value": "0.53.0" } ] } } ] }, "vendor_name": "Poppler" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "An exploitable heap overflow vulnerability exists in the image rendering functionality of Poppler 0.53.0. A specifically crafted PDF can cause an overly large number of color components during image rendering, resulting in heap corruption. An attacker controlled PDF file can be used to trigger this vulnerability." } ] }, "impact": { "cvss": { "baseScore": 7.5, "baseSeverity": "High", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "heap overflow" } ] } ] }, "references": { "reference_data": [ { "name": "99497", "refsource": "BID", "url": "http://www.securityfocus.com/bid/99497" }, { "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2017-0319", "refsource": "MISC", "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2017-0319" } ] } } } }, "cveMetadata": { "assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b", "assignerShortName": "talos", "cveId": "CVE-2017-2818", "datePublished": "2017-07-12T17:00:00Z", "dateReserved": "2016-12-01T00:00:00", "dateUpdated": "2024-09-17T04:29:31.861Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }