7.5
CVE-2009-1182
- EPSS 7.35%
- Veröffentlicht 23.04.2009 17:30:01
- Zuletzt bearbeitet 16.06.2026 23:06:41
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
Multiple buffer overflows in the JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allow remote attackers to execute arbitrary code via a crafted PDF file.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Glyphandcog ≫ Xpdfreader Version <= 3.02
Glyphandcog ≫ Xpdfreader Version0.2
Glyphandcog ≫ Xpdfreader Version0.3
Glyphandcog ≫ Xpdfreader Version0.4
Glyphandcog ≫ Xpdfreader Version0.5
Glyphandcog ≫ Xpdfreader Version0.6
Glyphandcog ≫ Xpdfreader Version0.7
Glyphandcog ≫ Xpdfreader Version0.80
Glyphandcog ≫ Xpdfreader Version0.90
Glyphandcog ≫ Xpdfreader Version0.91
Glyphandcog ≫ Xpdfreader Version0.92
Glyphandcog ≫ Xpdfreader Version0.93
Glyphandcog ≫ Xpdfreader Version1.00
Glyphandcog ≫ Xpdfreader Version1.01
Glyphandcog ≫ Xpdfreader Version2.00
Glyphandcog ≫ Xpdfreader Version2.01
Glyphandcog ≫ Xpdfreader Version2.02
Glyphandcog ≫ Xpdfreader Version2.03
Glyphandcog ≫ Xpdfreader Version3.00
Glyphandcog ≫ Xpdfreader Version3.01
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 7.35% | 0.936 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html
http://secunia.com/advisories/35065
http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html
http://secunia.com/advisories/35685
http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html
http://rhn.redhat.com/errata/RHSA-2009-0458.html
http://secunia.com/advisories/34291
http://secunia.com/advisories/34481
http://secunia.com/advisories/34755
http://secunia.com/advisories/34756
http://secunia.com/advisories/34852
http://secunia.com/advisories/34959
http://secunia.com/advisories/34963
http://secunia.com/advisories/34991
http://secunia.com/advisories/35037
http://secunia.com/advisories/35064
http://secunia.com/advisories/35618
http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.578477
http://www.debian.org/security/2009/dsa-1790
http://www.debian.org/security/2009/dsa-1793
http://www.mandriva.com/security/advisories?name=MDVSA-2009:101
http://www.mandriva.com/security/advisories?name=MDVSA-2010:087
http://www.redhat.com/support/errata/RHSA-2009-0429.html
http://www.redhat.com/support/errata/RHSA-2009-0430.html
http://www.redhat.com/support/errata/RHSA-2009-0431.html
http://www.redhat.com/support/errata/RHSA-2009-0480.html
http://www.securityfocus.com/bid/34568
http://www.securitytracker.com/id?1022073
http://www.vupen.com/english/advisories/2009/1065
http://www.vupen.com/english/advisories/2009/1066
http://www.vupen.com/english/advisories/2009/1077
http://www.vupen.com/english/advisories/2010/1040
https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html
https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html
https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html
http://poppler.freedesktop.org/releases.html
http://secunia.com/advisories/34746
http://www.kb.cert.org/vuls/id/196617
http://www.mandriva.com/security/advisories?name=MDVSA-2011:175
http://www.vupen.com/english/advisories/2009/1076
https://bugzilla.redhat.com/show_bug.cgi?id=495896
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10735