CVE-2009-1182

Опубликовано: 23 апр. 2009

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

Multiple buffer overflows in the JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allow remote attackers to execute arbitrary code via a crafted PDF file.

Ссылки

http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html
http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html
http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html
http://poppler.freedesktop.org/releases.html
http://rhn.redhat.com/errata/RHSA-2009-0458.html
Vendor Advisory
http://secunia.com/advisories/34291
Vendor Advisory
http://secunia.com/advisories/34481
Vendor Advisory
http://secunia.com/advisories/34746
Vendor Advisory
http://secunia.com/advisories/34755
Vendor Advisory
http://secunia.com/advisories/34756
Vendor Advisory
http://secunia.com/advisories/34852
Vendor Advisory
http://secunia.com/advisories/34959
Vendor Advisory
http://secunia.com/advisories/34963
Vendor Advisory
http://secunia.com/advisories/34991
Vendor Advisory
http://secunia.com/advisories/35037
Vendor Advisory
http://secunia.com/advisories/35064
Vendor Advisory
http://secunia.com/advisories/35065
Vendor Advisory
http://secunia.com/advisories/35618
Vendor Advisory
http://secunia.com/advisories/35685
Vendor Advisory
http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.578477

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:foolabs:xpdf:0.5a:*:*:*:*:*:*:*

cpe:2.3:a:foolabs:xpdf:0.7a:*:*:*:*:*:*:*

cpe:2.3:a:foolabs:xpdf:0.91a:*:*:*:*:*:*:*

cpe:2.3:a:foolabs:xpdf:0.91b:*:*:*:*:*:*:*

cpe:2.3:a:foolabs:xpdf:0.91c:*:*:*:*:*:*:*

cpe:2.3:a:foolabs:xpdf:0.92a:*:*:*:*:*:*:*

cpe:2.3:a:foolabs:xpdf:0.92b:*:*:*:*:*:*:*

cpe:2.3:a:foolabs:xpdf:0.92c:*:*:*:*:*:*:*

cpe:2.3:a:foolabs:xpdf:0.92d:*:*:*:*:*:*:*

cpe:2.3:a:foolabs:xpdf:0.92e:*:*:*:*:*:*:*

cpe:2.3:a:foolabs:xpdf:0.93a:*:*:*:*:*:*:*

cpe:2.3:a:foolabs:xpdf:0.93b:*:*:*:*:*:*:*

cpe:2.3:a:foolabs:xpdf:0.93c:*:*:*:*:*:*:*

cpe:2.3:a:foolabs:xpdf:1.00a:*:*:*:*:*:*:*

cpe:2.3:a:glyphandcog:xpdfreader:*:*:*:*:*:*:*:*

Версия до 3.02 (включая)

cpe:2.3:a:glyphandcog:xpdfreader:0.2:*:*:*:*:*:*:*

cpe:2.3:a:glyphandcog:xpdfreader:0.3:*:*:*:*:*:*:*

cpe:2.3:a:glyphandcog:xpdfreader:0.4:*:*:*:*:*:*:*

cpe:2.3:a:glyphandcog:xpdfreader:0.5:*:*:*:*:*:*:*

cpe:2.3:a:glyphandcog:xpdfreader:0.6:*:*:*:*:*:*:*

cpe:2.3:a:glyphandcog:xpdfreader:0.7:*:*:*:*:*:*:*

cpe:2.3:a:glyphandcog:xpdfreader:0.80:*:*:*:*:*:*:*

cpe:2.3:a:glyphandcog:xpdfreader:0.90:*:*:*:*:*:*:*

cpe:2.3:a:glyphandcog:xpdfreader:0.91:*:*:*:*:*:*:*

cpe:2.3:a:glyphandcog:xpdfreader:0.92:*:*:*:*:*:*:*

cpe:2.3:a:glyphandcog:xpdfreader:0.93:*:*:*:*:*:*:*

cpe:2.3:a:glyphandcog:xpdfreader:1.00:*:*:*:*:*:*:*

cpe:2.3:a:glyphandcog:xpdfreader:1.01:*:*:*:*:*:*:*

cpe:2.3:a:glyphandcog:xpdfreader:2.00:*:*:*:*:*:*:*

cpe:2.3:a:glyphandcog:xpdfreader:2.01:*:*:*:*:*:*:*

cpe:2.3:a:glyphandcog:xpdfreader:2.02:*:*:*:*:*:*:*

cpe:2.3:a:glyphandcog:xpdfreader:2.03:*:*:*:*:*:*:*

cpe:2.3:a:glyphandcog:xpdfreader:3.00:*:*:*:*:*:*:*

cpe:2.3:a:glyphandcog:xpdfreader:3.01:*:*:*:*:*:*:*

Конфигурация 2

Одно из

cpe:2.3:a:poppler:poppler:*:*:*:*:*:*:*:*

Версия до 0.10.5 (включая)

cpe:2.3:a:poppler:poppler:0.1:*:*:*:*:*:*:*

cpe:2.3:a:poppler:poppler:0.1.1:*:*:*:*:*:*:*

cpe:2.3:a:poppler:poppler:0.1.2:*:*:*:*:*:*:*

cpe:2.3:a:poppler:poppler:0.2.0:*:*:*:*:*:*:*

cpe:2.3:a:poppler:poppler:0.3.0:*:*:*:*:*:*:*

cpe:2.3:a:poppler:poppler:0.3.1:*:*:*:*:*:*:*

cpe:2.3:a:poppler:poppler:0.3.2:*:*:*:*:*:*:*

cpe:2.3:a:poppler:poppler:0.3.3:*:*:*:*:*:*:*

cpe:2.3:a:poppler:poppler:0.4.0:*:*:*:*:*:*:*

cpe:2.3:a:poppler:poppler:0.4.1:*:*:*:*:*:*:*

cpe:2.3:a:poppler:poppler:0.4.2:*:*:*:*:*:*:*

cpe:2.3:a:poppler:poppler:0.4.3:*:*:*:*:*:*:*

cpe:2.3:a:poppler:poppler:0.4.4:*:*:*:*:*:*:*

cpe:2.3:a:poppler:poppler:0.5.0:*:*:*:*:*:*:*

cpe:2.3:a:poppler:poppler:0.5.1:*:*:*:*:*:*:*

cpe:2.3:a:poppler:poppler:0.5.2:*:*:*:*:*:*:*

cpe:2.3:a:poppler:poppler:0.5.3:*:*:*:*:*:*:*

cpe:2.3:a:poppler:poppler:0.5.4:*:*:*:*:*:*:*

cpe:2.3:a:poppler:poppler:0.5.9:*:*:*:*:*:*:*

cpe:2.3:a:poppler:poppler:0.5.90:*:*:*:*:*:*:*

cpe:2.3:a:poppler:poppler:0.5.91:*:*:*:*:*:*:*

cpe:2.3:a:poppler:poppler:0.6.0:*:*:*:*:*:*:*

cpe:2.3:a:poppler:poppler:0.6.1:*:*:*:*:*:*:*

cpe:2.3:a:poppler:poppler:0.6.2:*:*:*:*:*:*:*

cpe:2.3:a:poppler:poppler:0.6.3:*:*:*:*:*:*:*

cpe:2.3:a:poppler:poppler:0.6.4:*:*:*:*:*:*:*

cpe:2.3:a:poppler:poppler:0.7.0:*:*:*:*:*:*:*

cpe:2.3:a:poppler:poppler:0.7.1:*:*:*:*:*:*:*

cpe:2.3:a:poppler:poppler:0.7.2:*:*:*:*:*:*:*

cpe:2.3:a:poppler:poppler:0.7.3:*:*:*:*:*:*:*

cpe:2.3:a:poppler:poppler:0.8.0:*:*:*:*:*:*:*

cpe:2.3:a:poppler:poppler:0.8.1:*:*:*:*:*:*:*

cpe:2.3:a:poppler:poppler:0.8.2:*:*:*:*:*:*:*

cpe:2.3:a:poppler:poppler:0.8.3:*:*:*:*:*:*:*

cpe:2.3:a:poppler:poppler:0.8.4:*:*:*:*:*:*:*

cpe:2.3:a:poppler:poppler:0.8.5:*:*:*:*:*:*:*

cpe:2.3:a:poppler:poppler:0.8.6:*:*:*:*:*:*:*

cpe:2.3:a:poppler:poppler:0.8.7:*:*:*:*:*:*:*

cpe:2.3:a:poppler:poppler:0.9.0:*:*:*:*:*:*:*

cpe:2.3:a:poppler:poppler:0.9.1:*:*:*:*:*:*:*

cpe:2.3:a:poppler:poppler:0.9.2:*:*:*:*:*:*:*

cpe:2.3:a:poppler:poppler:0.9.3:*:*:*:*:*:*:*

cpe:2.3:a:poppler:poppler:0.10.0:*:*:*:*:*:*:*

cpe:2.3:a:poppler:poppler:0.10.1:*:*:*:*:*:*:*

cpe:2.3:a:poppler:poppler:0.10.2:*:*:*:*:*:*:*

cpe:2.3:a:poppler:poppler:0.10.3:*:*:*:*:*:*:*

cpe:2.3:a:poppler:poppler:0.10.4:*:*:*:*:*:*:*

Конфигурация 3

Одно из

cpe:2.3:a:apple:cups:*:*:*:*:*:*:*:*

Версия до 1.3.9 (включая)

cpe:2.3:a:apple:cups:1.1:*:*:*:*:*:*:*

cpe:2.3:a:apple:cups:1.1.1:*:*:*:*:*:*:*

cpe:2.3:a:apple:cups:1.1.2:*:*:*:*:*:*:*

cpe:2.3:a:apple:cups:1.1.3:*:*:*:*:*:*:*

cpe:2.3:a:apple:cups:1.1.4:*:*:*:*:*:*:*

cpe:2.3:a:apple:cups:1.1.5:*:*:*:*:*:*:*

cpe:2.3:a:apple:cups:1.1.5-1:*:*:*:*:*:*:*

cpe:2.3:a:apple:cups:1.1.5-2:*:*:*:*:*:*:*

cpe:2.3:a:apple:cups:1.1.6:*:*:*:*:*:*:*

cpe:2.3:a:apple:cups:1.1.6-1:*:*:*:*:*:*:*

cpe:2.3:a:apple:cups:1.1.6-2:*:*:*:*:*:*:*

cpe:2.3:a:apple:cups:1.1.6-3:*:*:*:*:*:*:*

cpe:2.3:a:apple:cups:1.1.7:*:*:*:*:*:*:*

cpe:2.3:a:apple:cups:1.1.8:*:*:*:*:*:*:*

cpe:2.3:a:apple:cups:1.1.9:*:*:*:*:*:*:*

cpe:2.3:a:apple:cups:1.1.9-1:*:*:*:*:*:*:*

cpe:2.3:a:apple:cups:1.1.10:*:*:*:*:*:*:*

cpe:2.3:a:apple:cups:1.1.10-1:*:*:*:*:*:*:*

cpe:2.3:a:apple:cups:1.1.11:*:*:*:*:*:*:*

cpe:2.3:a:apple:cups:1.1.12:*:*:*:*:*:*:*

cpe:2.3:a:apple:cups:1.1.13:*:*:*:*:*:*:*

cpe:2.3:a:apple:cups:1.1.14:*:*:*:*:*:*:*

cpe:2.3:a:apple:cups:1.1.15:*:*:*:*:*:*:*

cpe:2.3:a:apple:cups:1.1.16:*:*:*:*:*:*:*

cpe:2.3:a:apple:cups:1.1.17:*:*:*:*:*:*:*

cpe:2.3:a:apple:cups:1.1.18:*:*:*:*:*:*:*

cpe:2.3:a:apple:cups:1.1.19:*:*:*:*:*:*:*

cpe:2.3:a:apple:cups:1.1.19:rc1:*:*:*:*:*:*

cpe:2.3:a:apple:cups:1.1.19:rc2:*:*:*:*:*:*

cpe:2.3:a:apple:cups:1.1.19:rc3:*:*:*:*:*:*

cpe:2.3:a:apple:cups:1.1.19:rc4:*:*:*:*:*:*

cpe:2.3:a:apple:cups:1.1.19:rc5:*:*:*:*:*:*

cpe:2.3:a:apple:cups:1.1.20:*:*:*:*:*:*:*

cpe:2.3:a:apple:cups:1.1.20:rc1:*:*:*:*:*:*

cpe:2.3:a:apple:cups:1.1.20:rc2:*:*:*:*:*:*

cpe:2.3:a:apple:cups:1.1.20:rc3:*:*:*:*:*:*

cpe:2.3:a:apple:cups:1.1.20:rc4:*:*:*:*:*:*

cpe:2.3:a:apple:cups:1.1.20:rc5:*:*:*:*:*:*

cpe:2.3:a:apple:cups:1.1.20:rc6:*:*:*:*:*:*

cpe:2.3:a:apple:cups:1.1.21:*:*:*:*:*:*:*

cpe:2.3:a:apple:cups:1.1.21:rc1:*:*:*:*:*:*

cpe:2.3:a:apple:cups:1.1.21:rc2:*:*:*:*:*:*

cpe:2.3:a:apple:cups:1.1.22:*:*:*:*:*:*:*

cpe:2.3:a:apple:cups:1.1.22:rc1:*:*:*:*:*:*

cpe:2.3:a:apple:cups:1.1.22:rc2:*:*:*:*:*:*

cpe:2.3:a:apple:cups:1.1.23:*:*:*:*:*:*:*

cpe:2.3:a:apple:cups:1.1.23:rc1:*:*:*:*:*:*

cpe:2.3:a:apple:cups:1.2.0:*:*:*:*:*:*:*

cpe:2.3:a:apple:cups:1.2.1:*:*:*:*:*:*:*

cpe:2.3:a:apple:cups:1.2.2:*:*:*:*:*:*:*

cpe:2.3:a:apple:cups:1.2.3:*:*:*:*:*:*:*

cpe:2.3:a:apple:cups:1.2.4:*:*:*:*:*:*:*

cpe:2.3:a:apple:cups:1.2.5:*:*:*:*:*:*:*

cpe:2.3:a:apple:cups:1.2.6:*:*:*:*:*:*:*

cpe:2.3:a:apple:cups:1.2.7:*:*:*:*:*:*:*

cpe:2.3:a:apple:cups:1.2.8:*:*:*:*:*:*:*

cpe:2.3:a:apple:cups:1.2.9:*:*:*:*:*:*:*

cpe:2.3:a:apple:cups:1.2.10:*:*:*:*:*:*:*

cpe:2.3:a:apple:cups:1.2.11:*:*:*:*:*:*:*

cpe:2.3:a:apple:cups:1.2.12:*:*:*:*:*:*:*

cpe:2.3:a:apple:cups:1.3.0:*:*:*:*:*:*:*

cpe:2.3:a:apple:cups:1.3.1:*:*:*:*:*:*:*

cpe:2.3:a:apple:cups:1.3.2:*:*:*:*:*:*:*

cpe:2.3:a:apple:cups:1.3.3:*:*:*:*:*:*:*

cpe:2.3:a:apple:cups:1.3.4:*:*:*:*:*:*:*

cpe:2.3:a:apple:cups:1.3.5:*:*:*:*:*:*:*

cpe:2.3:a:apple:cups:1.3.6:*:*:*:*:*:*:*

cpe:2.3:a:apple:cups:1.3.7:*:*:*:*:*:*:*

cpe:2.3:a:apple:cups:1.3.8:*:*:*:*:*:*:*

cpe:2.3:a:apple:cups:1.3.10:*:*:*:*:*:*:*

cpe:2.3:a:apple:cups:1.3.11:*:*:*:*:*:*:*

EPSS

Процентиль: 88%

0.03762

Низкий

7.5 High

CVSS2

Дефекты

CWE-119

Связанные уязвимости

CVE-2009-1182

ubuntu

около 16 лет назад

CVE-2009-1182

redhat

около 16 лет назад

CVE-2009-1182

debian

около 16 лет назад

Multiple buffer overflows in the JBIG2 MMR decoder in Xpdf 3.02pl2 and ...

GHSA-rc72-3q8m-vx43

github

около 3 лет назад

BDU:2015-08481

fstec

около 16 лет назад

Уязвимости операционной системы CentOS, позволяющие удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

EPSS

Процентиль: 88%

0.03762

Низкий

7.5 High

CVSS2

Дефекты

CWE-119