CVE-2009-1179

Severity

68%

Complexity

86%

Confidentiality

106%

Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to execute arbitrary code via a crafted PDF file.

Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to execute arbitrary code via a crafted PDF file.

CVSS 2.0 Base Score 6.8. CVSS Attack Vector: network. CVSS Attack Complexity: medium. CVSS Vector: (AV:N/AC:M/Au:N/C:P/I:P/A:P).

Overview

First reported 16 years ago

2009-04-23 17:30:00

Last updated 6 years ago

2019-03-06 16:30:00

Affected Software

Glyph & Cog XpdfReader 0.2

0.2

Glyph & Cog XpdfReader 0.3

0.3

Glyph & Cog XpdfReader 0.4

0.4

Glyph & Cog XpdfReader 0.5

0.5

Glyph & Cog XpdfReader 0.6

0.6

Glyph & Cog XpdfReader 0.7

0.7

Glyph & Cog XpdfReader 0.80

0.80

Glyph & Cog XpdfReader 0.90

0.90

Glyph & Cog XpdfReader 0.91

0.91

Glyph & Cog XpdfReader 0.92

0.92

Glyph & Cog XpdfReader 0.93

0.93

Glyph & Cog XpdfReader 1.00

1.00

Glyph & Cog XpdfReader 1.01

1.01

Glyph & Cog XpdfReader 2.00

2.00

Glyph & Cog XpdfReader 2.01

2.01

Glyph & Cog XpdfReader 2.02

2.02

Glyph & Cog XpdfReader 2.03

2.03

Glyph & Cog XpdfReader 3.00

3.00

Glyph & Cog XpdfReader 3.01

3.01

Apple CUPS 1.1

1.1

Apple CUPS 1.1.1

1.1.1

Apple CUPS 1.1.2

1.1.2

Apple CUPS 1.1.3

1.1.3

Apple CUPS 1.1.4

1.1.4

Apple CUPS 1.1.5

1.1.5

Apple CUPS 1.1.5-1

1.1.5-1

Apple CUPS 1.1.5-2

1.1.5-2

Apple CUPS 1.1.6

1.1.6

Apple CUPS 1.1.6-1

1.1.6-1

Apple CUPS 1.1.6-2

1.1.6-2

Apple CUPS 1.1.6-3

1.1.6-3

Apple CUPS 1.1.7

1.1.7

Apple CUPS 1.1.8

1.1.8

Apple CUPS 1.1.9

1.1.9

Apple CUPS 1.1.9-1

1.1.9-1

Apple CUPS 1.1.10

1.1.10

Apple CUPS 1.1.10-1

1.1.10-1

Apple CUPS 1.1.11

1.1.11

Apple CUPS 1.1.12

1.1.12

Apple CUPS 1.1.13

1.1.13

Apple CUPS 1.1.14

1.1.14

Apple CUPS 1.1.15

1.1.15

Apple CUPS 1.1.16

1.1.16

Apple CUPS 1.1.17

1.1.17

Apple CUPS 1.18

1.1.18

Apple CUPS 1.1.19

1.1.19

Apple CUPS 1.1.19 release candidate 1

1.1.19

Apple CUPS 1.1.19 release candidate 2

1.1.19

Apple CUPS 1.1.19 release candidate 3

1.1.19

Apple CUPS 1.1.19 release candidate 4

1.1.19

Apple CUPS 1.1.19 release candidate 5

1.1.19

Apple CUPS 1.1.20

1.1.20

Apple CUPS 1.1.20 release candidate 1

1.1.20

Apple CUPS 1.1.20 release candidate 2

1.1.20

Apple CUPS 1.1.20 release candidate 3

1.1.20

Apple CUPS 1.1.20 release candidate 4

1.1.20

Apple CUPS 1.1.20 release candidate 5

1.1.20

Apple CUPS 1.1.20 release candidate 6

1.1.20

Apple CUPS 1.1.21

1.1.21

Apple CUPS 1.1.21 release candidate 1

1.1.21

Apple CUPS 1.1.21 release candidate 2

1.1.21

Apple CUPS 1.1.22

1.1.22

Apple CUPS 1.1.22 release candidate 1

1.1.22

Apple CUPS 1.1.22 release candidate 2

1.1.22

Apple CUPS 1.1.23

1.1.23

Apple CUPS 1.1.23 release candidate 1

1.1.23

Apple CUPS 1.2.0

1.2.0

Apple CUPS 1.2.1

1.2.1

Apple CUPS 1.2.2

1.2.2

Apple CUPS 1.2.3

1.2.3

Apple CUPS 1.2.4

1.2.4

Apple CUPS 1.2.5

1.2.5

Apple CUPS 1.2.6

1.2.6

Apple CUPS 1.2.7

1.2.7

Apple CUPS 1.2.8

1.2.8

Apple CUPS 1.2.9

1.2.9

Apple CUPS 1.2.10

1.2.10

Apple CUPS 1.2.11

1.2.11

Apple CUPS 1.2.12

1.2.12

Apple CUPS 1.3.0

1.3.0

Apple CUPS 1.3.1

1.3.1

Apple CUPS 1.3.2

1.3.2

Apple CUPS 1.3.3

1.3.3

Apple CUPS 1.3.4

1.3.4

Apple CUPS 1.3.5

1.3.5

Apple CUPS 1.3.6

1.3.6

Apple CUPS 1.3.7

1.3.7

Apple CUPS 1.3.8

1.3.8

Apple Cups

Apple CUPS 1.3.10

1.3.10

Apple CUPS 1.3.11

1.3.11

References

APPLE-SA-2009-06-08-1

APPLE-SA-2009-06-17-1

SUSE-SA:2009:024

SUSE-SR:2009:010

SUSE-SR:2009:012

http://poppler.freedesktop.org/releases.html

RHSA-2009:0458

34291

Vendor Advisory

34481

Vendor Advisory

34746

Vendor Advisory

34755

Vendor Advisory

34756

Vendor Advisory

34852

Vendor Advisory

34959

Vendor Advisory

34963

Vendor Advisory

34991

Vendor Advisory

35037

Vendor Advisory

35064

Vendor Advisory

35065

Vendor Advisory

35379

Vendor Advisory

35618

Vendor Advisory

35685

Vendor Advisory

SSA:2009-129-01

http://support.apple.com/kb/HT3613

http://support.apple.com/kb/HT3639

DSA-1790

DSA-1793

VU#196617

US Government Resource

MDVSA-2009:101

MDVSA-2010:087

MDVSA-2011:175

RHSA-2009:0429

RHSA-2009:0430

Patch

RHSA-2009:0431

RHSA-2009:0480

34568

1022073

ADV-2009-1065

Vendor Advisory

ADV-2009-1066

Vendor Advisory

ADV-2009-1076

Vendor Advisory

ADV-2009-1077

Vendor Advisory

ADV-2009-1522

Vendor Advisory

ADV-2009-1621

Vendor Advisory

ADV-2010-1040

Vendor Advisory

https://bugzilla.redhat.com/show_bug.cgi?id=495889

oval:org.mitre.oval:def:11892

FEDORA-2009-6972

FEDORA-2009-6973

FEDORA-2009-6982

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.