4.3

CVE-2009-0146

Multiple buffer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allow remote attackers to cause a denial of service (crash) via a crafted PDF file, related to (1) JBIG2SymbolDict::setBitmap and (2) JBIG2Stream::readSymbolDictSeg.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)
FoolabsXpdf Version0.5a
FoolabsXpdf Version0.7a
FoolabsXpdf Version0.91a
FoolabsXpdf Version0.91b
FoolabsXpdf Version0.91c
FoolabsXpdf Version0.92a
FoolabsXpdf Version0.92b
FoolabsXpdf Version0.92c
FoolabsXpdf Version0.92d
FoolabsXpdf Version0.92e
FoolabsXpdf Version0.93a
FoolabsXpdf Version0.93b
FoolabsXpdf Version0.93c
FoolabsXpdf Version1.00a
GlyphandcogXpdfreader Version <= 3.02
GlyphandcogXpdfreader Version0.2
GlyphandcogXpdfreader Version0.3
GlyphandcogXpdfreader Version0.4
GlyphandcogXpdfreader Version0.5
GlyphandcogXpdfreader Version0.6
GlyphandcogXpdfreader Version0.7
GlyphandcogXpdfreader Version0.80
GlyphandcogXpdfreader Version0.90
GlyphandcogXpdfreader Version0.91
GlyphandcogXpdfreader Version0.92
GlyphandcogXpdfreader Version0.93
GlyphandcogXpdfreader Version1.00
GlyphandcogXpdfreader Version1.01
GlyphandcogXpdfreader Version2.00
GlyphandcogXpdfreader Version2.01
GlyphandcogXpdfreader Version2.02
GlyphandcogXpdfreader Version2.03
GlyphandcogXpdfreader Version3.00
GlyphandcogXpdfreader Version3.01
AppleCups Version <= 1.3.9
AppleCups Version1.1
AppleCups Version1.1.1
AppleCups Version1.1.2
AppleCups Version1.1.3
AppleCups Version1.1.4
AppleCups Version1.1.5
AppleCups Version1.1.5-1
AppleCups Version1.1.5-2
AppleCups Version1.1.6
AppleCups Version1.1.6-1
AppleCups Version1.1.6-2
AppleCups Version1.1.6-3
AppleCups Version1.1.7
AppleCups Version1.1.8
AppleCups Version1.1.9
AppleCups Version1.1.9-1
AppleCups Version1.1.10
AppleCups Version1.1.10-1
AppleCups Version1.1.11
AppleCups Version1.1.12
AppleCups Version1.1.13
AppleCups Version1.1.14
AppleCups Version1.1.15
AppleCups Version1.1.16
AppleCups Version1.1.17
AppleCups Version1.1.18
AppleCups Version1.1.19
AppleCups Version1.1.19 Updaterc1
AppleCups Version1.1.19 Updaterc2
AppleCups Version1.1.19 Updaterc3
AppleCups Version1.1.19 Updaterc4
AppleCups Version1.1.19 Updaterc5
AppleCups Version1.1.20
AppleCups Version1.1.20 Updaterc1
AppleCups Version1.1.20 Updaterc2
AppleCups Version1.1.20 Updaterc3
AppleCups Version1.1.20 Updaterc4
AppleCups Version1.1.20 Updaterc5
AppleCups Version1.1.20 Updaterc6
AppleCups Version1.1.21
AppleCups Version1.1.21 Updaterc1
AppleCups Version1.1.21 Updaterc2
AppleCups Version1.1.22
AppleCups Version1.1.22 Updaterc1
AppleCups Version1.1.22 Updaterc2
AppleCups Version1.1.23
AppleCups Version1.1.23 Updaterc1
AppleCups Version1.2.0
AppleCups Version1.2.1
AppleCups Version1.2.2
AppleCups Version1.2.3
AppleCups Version1.2.4
AppleCups Version1.2.5
AppleCups Version1.2.6
AppleCups Version1.2.7
AppleCups Version1.2.8
AppleCups Version1.2.9
AppleCups Version1.2.10
AppleCups Version1.2.11
AppleCups Version1.2.12
AppleCups Version1.3.0
AppleCups Version1.3.1
AppleCups Version1.3.2
AppleCups Version1.3.3
AppleCups Version1.3.4
AppleCups Version1.3.5
AppleCups Version1.3.6
AppleCups Version1.3.7
AppleCups Version1.3.8
AppleCups Version1.3.10
AppleCups Version1.3.11
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2.17% 0.829
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4.3 8.6 2.9
AV:N/AC:M/Au:N/C:N/I:N/A:P
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.