6.8

CVE-2009-1180

The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to execute arbitrary code via a crafted PDF file that triggers a free of invalid data.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
FoolabsXpdf Version0.5a
FoolabsXpdf Version0.7a
FoolabsXpdf Version0.91a
FoolabsXpdf Version0.91b
FoolabsXpdf Version0.91c
FoolabsXpdf Version0.92a
FoolabsXpdf Version0.92b
FoolabsXpdf Version0.92c
FoolabsXpdf Version0.92d
FoolabsXpdf Version0.92e
FoolabsXpdf Version0.93a
FoolabsXpdf Version0.93b
FoolabsXpdf Version0.93c
FoolabsXpdf Version1.00a
GlyphandcogXpdfreader Version <= 3.02
GlyphandcogXpdfreader Version0.2
GlyphandcogXpdfreader Version0.3
GlyphandcogXpdfreader Version0.4
GlyphandcogXpdfreader Version0.5
GlyphandcogXpdfreader Version0.6
GlyphandcogXpdfreader Version0.7
GlyphandcogXpdfreader Version0.80
GlyphandcogXpdfreader Version0.90
GlyphandcogXpdfreader Version0.91
GlyphandcogXpdfreader Version0.92
GlyphandcogXpdfreader Version0.93
GlyphandcogXpdfreader Version1.00
GlyphandcogXpdfreader Version1.01
GlyphandcogXpdfreader Version2.00
GlyphandcogXpdfreader Version2.01
GlyphandcogXpdfreader Version2.02
GlyphandcogXpdfreader Version2.03
GlyphandcogXpdfreader Version3.00
GlyphandcogXpdfreader Version3.01
PopplerPoppler Version <= 0.10.5
PopplerPoppler Version0.1
PopplerPoppler Version0.1.1
PopplerPoppler Version0.1.2
PopplerPoppler Version0.2.0
PopplerPoppler Version0.3.0
PopplerPoppler Version0.3.1
PopplerPoppler Version0.3.2
PopplerPoppler Version0.3.3
PopplerPoppler Version0.4.0
PopplerPoppler Version0.4.1
PopplerPoppler Version0.4.2
PopplerPoppler Version0.4.3
PopplerPoppler Version0.4.4
PopplerPoppler Version0.5.0
PopplerPoppler Version0.5.1
PopplerPoppler Version0.5.2
PopplerPoppler Version0.5.3
PopplerPoppler Version0.5.4
PopplerPoppler Version0.5.9
PopplerPoppler Version0.5.90
PopplerPoppler Version0.5.91
PopplerPoppler Version0.6.0
PopplerPoppler Version0.6.1
PopplerPoppler Version0.6.2
PopplerPoppler Version0.6.3
PopplerPoppler Version0.6.4
PopplerPoppler Version0.7.0
PopplerPoppler Version0.7.1
PopplerPoppler Version0.7.2
PopplerPoppler Version0.7.3
PopplerPoppler Version0.8.0
PopplerPoppler Version0.8.1
PopplerPoppler Version0.8.2
PopplerPoppler Version0.8.3
PopplerPoppler Version0.8.4
PopplerPoppler Version0.8.5
PopplerPoppler Version0.8.6
PopplerPoppler Version0.8.7
PopplerPoppler Version0.9.0
PopplerPoppler Version0.9.1
PopplerPoppler Version0.9.2
PopplerPoppler Version0.9.3
PopplerPoppler Version0.10.0
PopplerPoppler Version0.10.1
PopplerPoppler Version0.10.2
PopplerPoppler Version0.10.3
PopplerPoppler Version0.10.4
AppleCups Version <= 1.3.9
AppleCups Version1.1
AppleCups Version1.1.1
AppleCups Version1.1.2
AppleCups Version1.1.3
AppleCups Version1.1.4
AppleCups Version1.1.5
AppleCups Version1.1.5-1
AppleCups Version1.1.5-2
AppleCups Version1.1.6
AppleCups Version1.1.6-1
AppleCups Version1.1.6-2
AppleCups Version1.1.6-3
AppleCups Version1.1.7
AppleCups Version1.1.8
AppleCups Version1.1.9
AppleCups Version1.1.9-1
AppleCups Version1.1.10
AppleCups Version1.1.10-1
AppleCups Version1.1.11
AppleCups Version1.1.12
AppleCups Version1.1.13
AppleCups Version1.1.14
AppleCups Version1.1.15
AppleCups Version1.1.16
AppleCups Version1.1.17
AppleCups Version1.1.18
AppleCups Version1.1.19
AppleCups Version1.1.19 Updaterc1
AppleCups Version1.1.19 Updaterc2
AppleCups Version1.1.19 Updaterc3
AppleCups Version1.1.19 Updaterc4
AppleCups Version1.1.19 Updaterc5
AppleCups Version1.1.20
AppleCups Version1.1.20 Updaterc1
AppleCups Version1.1.20 Updaterc2
AppleCups Version1.1.20 Updaterc3
AppleCups Version1.1.20 Updaterc4
AppleCups Version1.1.20 Updaterc5
AppleCups Version1.1.20 Updaterc6
AppleCups Version1.1.21
AppleCups Version1.1.21 Updaterc1
AppleCups Version1.1.21 Updaterc2
AppleCups Version1.1.22
AppleCups Version1.1.22 Updaterc1
AppleCups Version1.1.22 Updaterc2
AppleCups Version1.1.23
AppleCups Version1.1.23 Updaterc1
AppleCups Version1.2.0
AppleCups Version1.2.1
AppleCups Version1.2.2
AppleCups Version1.2.3
AppleCups Version1.2.4
AppleCups Version1.2.5
AppleCups Version1.2.6
AppleCups Version1.2.7
AppleCups Version1.2.8
AppleCups Version1.2.9
AppleCups Version1.2.10
AppleCups Version1.2.11
AppleCups Version1.2.12
AppleCups Version1.3.0
AppleCups Version1.3.1
AppleCups Version1.3.2
AppleCups Version1.3.3
AppleCups Version1.3.4
AppleCups Version1.3.5
AppleCups Version1.3.6
AppleCups Version1.3.7
AppleCups Version1.3.8
AppleCups Version1.3.10
AppleCups Version1.3.11
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 5.41% 0.917
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 6.8 8.6 6.4
AV:N/AC:M/Au:N/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html
http://secunia.com/advisories/35065
Vendor Advisory
http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html
http://secunia.com/advisories/35685
Vendor Advisory
http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html
http://rhn.redhat.com/errata/RHSA-2009-0458.html
Patch
http://secunia.com/advisories/34291
Vendor Advisory
http://secunia.com/advisories/34481
Vendor Advisory
http://secunia.com/advisories/34755
Vendor Advisory
http://secunia.com/advisories/34756
Vendor Advisory
http://secunia.com/advisories/34852
Vendor Advisory
http://secunia.com/advisories/34959
Vendor Advisory
http://secunia.com/advisories/34963
Vendor Advisory
http://secunia.com/advisories/34991
Vendor Advisory
http://secunia.com/advisories/35037
Vendor Advisory
http://secunia.com/advisories/35064
Vendor Advisory
http://secunia.com/advisories/35618
Vendor Advisory
http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.578477
http://www.debian.org/security/2009/dsa-1790
Patch
http://www.debian.org/security/2009/dsa-1793
Patch
http://www.mandriva.com/security/advisories?name=MDVSA-2009:101
http://www.mandriva.com/security/advisories?name=MDVSA-2010:087
http://www.redhat.com/support/errata/RHSA-2009-0429.html
Patch
http://www.redhat.com/support/errata/RHSA-2009-0430.html
Patch
http://www.redhat.com/support/errata/RHSA-2009-0431.html
Patch
http://www.redhat.com/support/errata/RHSA-2009-0480.html
Patch
http://www.securityfocus.com/bid/34568
Patch
http://www.securitytracker.com/id?1022073
http://www.vupen.com/english/advisories/2009/1065
Patch
Vendor Advisory
http://www.vupen.com/english/advisories/2009/1066
Patch
Vendor Advisory
http://www.vupen.com/english/advisories/2009/1077
Vendor Advisory
http://www.vupen.com/english/advisories/2010/1040
Vendor Advisory
https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html
https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html
https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html
http://poppler.freedesktop.org/releases.html
Patch
Vendor Advisory
http://secunia.com/advisories/34746
Vendor Advisory
http://www.kb.cert.org/vuls/id/196617
US Government Resource
http://www.mandriva.com/security/advisories?name=MDVSA-2011:175
http://www.vupen.com/english/advisories/2009/1076
Patch
Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=495892
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9926