Published: 23/04/2009 Updated: 06/03/2019

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

VMScore: 605

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Heap-based buffer overflow in Xpdf 3.02pl2 and previous versions, CUPS 1.3.9, and probably other products, allows remote malicious users to execute arbitrary code via a PDF file with crafted JBIG2 symbol dictionary segments.

Vulnerable Product	Search on Vulmon	Subscribe to Product
glyphandcog xpdfreader
glyphandcog xpdfreader 0.90
glyphandcog xpdfreader 0.6
foolabs xpdf 0.5a
foolabs xpdf 0.92c
foolabs xpdf 0.92d
glyphandcog xpdfreader 2.02
glyphandcog xpdfreader 2.00
glyphandcog xpdfreader 3.00
apple cups 1.3.9
glyphandcog xpdfreader 0.4
glyphandcog xpdfreader 0.3
glyphandcog xpdfreader 0.92
glyphandcog xpdfreader 0.91
foolabs xpdf 0.92e
glyphandcog xpdfreader 1.00
glyphandcog xpdfreader 1.01
foolabs xpdf 0.93b
glyphandcog xpdfreader 0.93
glyphandcog xpdfreader 0.80
foolabs xpdf 0.7a
glyphandcog xpdfreader 0.5
foolabs xpdf 0.91a
foolabs xpdf 0.92a
foolabs xpdf 0.92b
glyphandcog xpdfreader 2.01
foolabs xpdf 0.93a
glyphandcog xpdfreader 0.2
glyphandcog xpdfreader 0.7
foolabs xpdf 0.91c
foolabs xpdf 0.91b
foolabs xpdf 0.93c
foolabs xpdf 1.00a
glyphandcog xpdfreader 2.03
foolabs xpdf 3.0.1

PDF import support has been disabled in KWord due to many security vulnerabilities that could be used by an attacker to run programs as your login ...

Synopsis Important: xpdf security update Type/Severity Security Advisory: Important Topic An updated xpdf package that fixes multiple security issues is nowavailable for Red Hat Enterprise Linux 3 and 4This update has been rated as having important security impact by the RedHat Security Response Team ...

Synopsis Important: gpdf security update Type/Severity Security Advisory: Important Topic An updated gpdf package that fixes multiple security issues is nowavailable for Red Hat Enterprise Linux 4This update has been rated as having important security impact by the RedHat Security Response Team D ...

Synopsis Important: cups security update Type/Severity Security Advisory: Important Topic Updated cups packages that fix multiple security issues are now availablefor Red Hat Enterprise Linux 4 and 5This update has been rated as having important security impact by the RedHat Security Response Team ...

Synopsis Important: poppler security update Type/Severity Security Advisory: Important Topic Updated poppler packages that fix multiple security issues are nowavailable for Red Hat Enterprise Linux 5This update has been rated as having important security impact by the RedHat Security Response Team ...

Synopsis Important: kdegraphics security update Type/Severity Security Advisory: Important Topic Updated kdegraphics packages that fix multiple security issues are nowavailable for Red Hat Enterprise Linux 4 and 5This update has been rated as having important security impact by the RedHat Security Response ...

CWE-119 http://secunia.com/secunia_research/2009-18/http://secunia.com/secunia_research/2009-17/http://secunia.com/advisories/34481 http://secunia.com/advisories/34291 http://secunia.com/advisories/34756 http://rhn.redhat.com/errata/RHSA-2009-0458.html http://secunia.com/advisories/34963 http://www.securityfocus.com/bid/34791 http://www.redhat.com/support/errata/RHSA-2009-0480.html http://secunia.com/advisories/35064 http://www.vupen.com/english/advisories/2010/1040 http://www.mandriva.com/security/advisories?name=MDVSA-2010:087 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10076 http://www.securityfocus.com/archive/1/502762/100/0/threaded http://www.securityfocus.com/archive/1/502759/100/0/threaded https://usn.ubuntu.com/973-1/https://nvd.nist.gov

CVE-2009-0195

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect