5

CVE-2009-1188

Integer overflow in the JBIG2 decoding feature in the SplashBitmap::SplashBitmap function in SplashBitmap.cc in Xpdf 3.x before 3.02pl4 and Poppler before 0.10.6, as used in GPdf and kdegraphics KPDF, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
PopplerPoppler Version <= 0.10.5
PopplerPoppler Version0.1
PopplerPoppler Version0.1.1
PopplerPoppler Version0.1.2
PopplerPoppler Version0.2.0
PopplerPoppler Version0.3.0
PopplerPoppler Version0.3.1
PopplerPoppler Version0.3.2
PopplerPoppler Version0.3.3
PopplerPoppler Version0.4.0
PopplerPoppler Version0.4.1
PopplerPoppler Version0.4.2
PopplerPoppler Version0.4.3
PopplerPoppler Version0.4.4
PopplerPoppler Version0.5.0
PopplerPoppler Version0.5.1
PopplerPoppler Version0.5.2
PopplerPoppler Version0.5.3
PopplerPoppler Version0.5.4
PopplerPoppler Version0.5.9
PopplerPoppler Version0.5.90
PopplerPoppler Version0.5.91
PopplerPoppler Version0.6.0
PopplerPoppler Version0.6.1
PopplerPoppler Version0.6.2
PopplerPoppler Version0.6.3
PopplerPoppler Version0.6.4
PopplerPoppler Version0.7.0
PopplerPoppler Version0.7.1
PopplerPoppler Version0.7.2
PopplerPoppler Version0.7.3
PopplerPoppler Version0.8.0
PopplerPoppler Version0.8.1
PopplerPoppler Version0.8.2
PopplerPoppler Version0.8.3
PopplerPoppler Version0.8.4
PopplerPoppler Version0.8.5
PopplerPoppler Version0.8.6
PopplerPoppler Version0.8.7
PopplerPoppler Version0.9.0
PopplerPoppler Version0.9.1
PopplerPoppler Version0.9.2
PopplerPoppler Version0.9.3
PopplerPoppler Version0.10.0
PopplerPoppler Version0.10.1
PopplerPoppler Version0.10.2
PopplerPoppler Version0.10.3
PopplerPoppler Version0.10.4
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 7.23% 0.935
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:N/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://wiki.rpath.com/Advisories:rPSA-2009-0059
http://www.securityfocus.com/archive/1/502761/100/0/threaded
http://secunia.com/advisories/35064
http://secunia.com/advisories/35618
http://www.mandriva.com/security/advisories?name=MDVSA-2010:087
http://www.redhat.com/support/errata/RHSA-2009-0480.html
http://www.securityfocus.com/bid/34568
http://www.vupen.com/english/advisories/2010/1040
https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html
https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html
https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html
http://poppler.freedesktop.org/releases.html
http://secunia.com/advisories/34746
http://www.kb.cert.org/vuls/id/196617
US Government Resource
http://www.mandriva.com/security/advisories?name=MDVSA-2011:175
http://www.vupen.com/english/advisories/2009/1076
http://bugs.gentoo.org/show_bug.cgi?id=263028#c16
Patch
https://bugs.launchpad.net/ubuntu/+source/poppler/+bug/361875
http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035340.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035399.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035408.html
http://secunia.com/advisories/37028
http://secunia.com/advisories/37037
http://secunia.com/advisories/37043
http://secunia.com/advisories/37053
http://secunia.com/advisories/37077
http://secunia.com/advisories/37079
http://secunia.com/advisories/39327
http://secunia.com/advisories/39938
http://www.debian.org/security/2010/dsa-2028
http://www.debian.org/security/2010/dsa-2050
http://www.vupen.com/english/advisories/2009/2928
http://www.vupen.com/english/advisories/2010/0802
http://www.vupen.com/english/advisories/2010/1220
https://bugzilla.redhat.com/show_bug.cgi?id=495907
https://bugzilla.redhat.com/show_bug.cgi?id=526915
https://exchange.xforce.ibmcloud.com/vulnerabilities/50185
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9957
https://rhn.redhat.com/errata/RHSA-2009-1501.html
https://rhn.redhat.com/errata/RHSA-2009-1502.html
https://rhn.redhat.com/errata/RHSA-2009-1503.html
https://rhn.redhat.com/errata/RHSA-2009-1512.html