CVE-2009-0166

Severity

43%

Complexity

86%

Confidentiality

48%

The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers a free of uninitialized memory.

The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers a free of uninitialized memory.

CVSS 2.0 Base Score 4.3. CVSS Attack Vector: network. CVSS Attack Complexity: medium. CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:N/A:P).

Overview

First reported 15 years ago

2009-04-23 17:30:00

Last updated 5 years ago

2019-03-06 16:30:00

Affected Software

Glyph & Cog XpdfReader 0.2

0.2

Glyph & Cog XpdfReader 0.3

0.3

Glyph & Cog XpdfReader 0.4

0.4

Glyph & Cog XpdfReader 0.5

0.5

Glyph & Cog XpdfReader 0.6

0.6

Glyph & Cog XpdfReader 0.7

0.7

Glyph & Cog XpdfReader 0.80

0.80

Glyph & Cog XpdfReader 0.90

0.90

Glyph & Cog XpdfReader 0.91

0.91

Glyph & Cog XpdfReader 0.92

0.92

Glyph & Cog XpdfReader 0.93

0.93

Glyph & Cog XpdfReader 1.00

1.00

Glyph & Cog XpdfReader 1.01

1.01

Glyph & Cog XpdfReader 2.00

2.00

Glyph & Cog XpdfReader 2.01

2.01

Glyph & Cog XpdfReader 2.02

2.02

Glyph & Cog XpdfReader 2.03

2.03

Glyph & Cog XpdfReader 3.00

3.00

Glyph & Cog XpdfReader 3.01

3.01

Apple CUPS 1.1

1.1

Apple CUPS 1.1.1

1.1.1

Apple CUPS 1.1.2

1.1.2

Apple CUPS 1.1.3

1.1.3

Apple CUPS 1.1.4

1.1.4

Apple CUPS 1.1.5

1.1.5

Apple CUPS 1.1.5-1

1.1.5-1

Apple CUPS 1.1.5-2

1.1.5-2

Apple CUPS 1.1.6

1.1.6

Apple CUPS 1.1.6-1

1.1.6-1

Apple CUPS 1.1.6-2

1.1.6-2

Apple CUPS 1.1.6-3

1.1.6-3

Apple CUPS 1.1.7

1.1.7

Apple CUPS 1.1.8

1.1.8

Apple CUPS 1.1.9

1.1.9

Apple CUPS 1.1.9-1

1.1.9-1

Apple CUPS 1.1.10

1.1.10

Apple CUPS 1.1.10-1

1.1.10-1

Apple CUPS 1.1.11

1.1.11

Apple CUPS 1.1.12

1.1.12

Apple CUPS 1.1.13

1.1.13

Apple CUPS 1.1.14

1.1.14

Apple CUPS 1.1.15

1.1.15

Apple CUPS 1.1.16

1.1.16

Apple CUPS 1.1.17

1.1.17

Apple CUPS 1.18

1.1.18

Apple CUPS 1.1.19

1.1.19

Apple CUPS 1.1.19 release candidate 1

1.1.19

Apple CUPS 1.1.19 release candidate 2

1.1.19

Apple CUPS 1.1.19 release candidate 3

1.1.19

Apple CUPS 1.1.19 release candidate 4

1.1.19

Apple CUPS 1.1.19 release candidate 5

1.1.19

Apple CUPS 1.1.20

1.1.20

Apple CUPS 1.1.20 release candidate 1

1.1.20

Apple CUPS 1.1.20 release candidate 2

1.1.20

Apple CUPS 1.1.20 release candidate 3

1.1.20

Apple CUPS 1.1.20 release candidate 4

1.1.20

Apple CUPS 1.1.20 release candidate 5

1.1.20

Apple CUPS 1.1.20 release candidate 6

1.1.20

Apple CUPS 1.1.21

1.1.21

Apple CUPS 1.1.21 release candidate 1

1.1.21

Apple CUPS 1.1.21 release candidate 2

1.1.21

Apple CUPS 1.1.22

1.1.22

Apple CUPS 1.1.22 release candidate 1

1.1.22

Apple CUPS 1.1.22 release candidate 2

1.1.22

Apple CUPS 1.1.23

1.1.23

Apple CUPS 1.1.23 release candidate 1

1.1.23

Apple CUPS 1.2.0

1.2.0

Apple CUPS 1.2.1

1.2.1

Apple CUPS 1.2.2

1.2.2

Apple CUPS 1.2.3

1.2.3

Apple CUPS 1.2.4

1.2.4

Apple CUPS 1.2.5

1.2.5

Apple CUPS 1.2.6

1.2.6

Apple CUPS 1.2.7

1.2.7

Apple CUPS 1.2.8

1.2.8

Apple CUPS 1.2.9

1.2.9

Apple CUPS 1.2.10

1.2.10

Apple CUPS 1.2.11

1.2.11

Apple CUPS 1.2.12

1.2.12

Apple CUPS 1.3.0

1.3.0

Apple CUPS 1.3.1

1.3.1

Apple CUPS 1.3.2

1.3.2

Apple CUPS 1.3.3

1.3.3

Apple CUPS 1.3.4

1.3.4

Apple CUPS 1.3.5

1.3.5

Apple CUPS 1.3.6

1.3.6

Apple CUPS 1.3.7

1.3.7

Apple CUPS 1.3.8

1.3.8

Apple Cups

Apple CUPS 1.3.10

1.3.10

Apple CUPS 1.3.11

1.3.11

References

SUSE-SA:2009:024

SUSE-SR:2009:010

SUSE-SR:2009:012

RHSA-2009:0458

Patch

34291

Vendor Advisory

34481

Vendor Advisory

34755

Vendor Advisory

34756

Vendor Advisory

34852

Vendor Advisory

34959

Vendor Advisory

34963

Vendor Advisory

34991

Vendor Advisory

35037

Vendor Advisory

35064

Vendor Advisory

35065

Vendor Advisory

35618

Vendor Advisory

35685

Vendor Advisory

GLSA-200904-20

SSA:2009-129-01

http://wiki.rpath.com/Advisories:rPSA-2009-0061

DSA-1790

Patch

DSA-1793

Patch

MDVSA-2009:101

MDVSA-2010:087

RHSA-2009:0429

Patch

RHSA-2009:0430

Patch

RHSA-2009:0431

Patch

RHSA-2009:0480

Patch

20090417 rPSA-2009-0061-1 cups

34568

Patch

1022073

ADV-2009-1065

Vendor Advisory

ADV-2009-1066

Patch, Vendor Advisory

ADV-2009-1077

Vendor Advisory

ADV-2010-1040

Vendor Advisory

https://bugzilla.redhat.com/show_bug.cgi?id=490625

oval:org.mitre.oval:def:9778

FEDORA-2009-6972

FEDORA-2009-6973

FEDORA-2009-6982

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.