Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2009-3606

Опубликовано: 21 окт. 2009
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 9.3

Описание

Integer overflow in the PSOutputDev::doImageL1Sep function in Xpdf before 3.02pl4, and Poppler 0.x, as used in kdegraphics KPDF, might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow.

РелизСтатусПримечание
artful

DNE

bionic

DNE

cosmic

DNE

dapper

ignored

end of life
devel

DNE

disco

DNE

eoan

DNE

esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

DNE

Показывать по

РелизСтатусПримечание
artful

ignored

end of life
bionic

ignored

end of standard support, was needs-triage
cosmic

ignored

end of life
dapper

ignored

end of life
devel

needs-triage

disco

ignored

end of life
eoan

ignored

end of life
esm-apps/bionic

needs-triage

esm-apps/focal

needs-triage

esm-apps/jammy

needs-triage

Показывать по

РелизСтатусПримечание
artful

DNE

bionic

DNE

cosmic

DNE

dapper

not-affected

linked to poppler
devel

DNE

disco

DNE

eoan

DNE

esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

DNE

Показывать по

РелизСтатусПримечание
artful

DNE

bionic

DNE

cosmic

DNE

dapper

ignored

end of life
devel

DNE

disco

DNE

eoan

DNE

esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

DNE

Показывать по

РелизСтатусПримечание
artful

ignored

end of life
bionic

not-affected

does not use xpdf anymore
cosmic

ignored

end of life
dapper

ignored

end of life
devel

not-affected

does not use xpdf anymore
disco

ignored

end of life
eoan

ignored

end of life
esm-apps/bionic

not-affected

does not use xpdf anymore
esm-apps/focal

not-affected

does not use xpdf anymore
esm-apps/jammy

not-affected

does not use xpdf anymore

Показывать по

РелизСтатусПримечание
artful

DNE

bionic

DNE

cosmic

DNE

dapper

ignored

end of life
devel

DNE

disco

DNE

eoan

DNE

esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

DNE

Показывать по

РелизСтатусПримечание
artful

DNE

bionic

DNE

cosmic

DNE

dapper

ignored

end of life
devel

DNE

disco

DNE

eoan

DNE

esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

DNE

Показывать по

РелизСтатусПримечание
artful

not-affected

bionic

not-affected

cosmic

not-affected

dapper

released

0.5.1-0ubuntu7.6
devel

not-affected

disco

not-affected

eoan

not-affected

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was not-affected]
esm-infra/bionic

not-affected

esm-infra/focal

not-affected

Показывать по

РелизСтатусПримечание
artful

DNE

bionic

DNE

cosmic

DNE

dapper

not-affected

linked to poppler
devel

DNE

disco

DNE

eoan

DNE

esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

DNE

Показывать по

РелизСтатусПримечание
artful

not-affected

linked to poppler
bionic

not-affected

linked to poppler
cosmic

not-affected

linked to poppler
dapper

DNE

devel

not-affected

linked to poppler
disco

not-affected

linked to poppler
eoan

not-affected

linked to poppler
esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was not-affected [linked to poppler]]
esm-infra/bionic

not-affected

linked to poppler
esm-infra/focal

not-affected

linked to poppler

Показывать по

РелизСтатусПримечание
artful

not-affected

3.02-2
bionic

not-affected

3.02-2
cosmic

not-affected

3.02-2
dapper

ignored

end of life
devel

not-affected

disco

not-affected

3.02-2
eoan

not-affected

3.02-2
esm-apps/bionic

not-affected

3.02-2
esm-apps/jammy

not-affected

esm-apps/noble

not-affected

Показывать по

Ссылки на источники

EPSS

Процентиль: 90%
0.06276
Низкий

9.3 Critical

CVSS2

Связанные уязвимости

redhat логотип

CVE-2009-3606

redhat
больше 15 лет назад

Integer overflow in the PSOutputDev::doImageL1Sep function in Xpdf before 3.02pl4, and Poppler 0.x, as used in kdegraphics KPDF, might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow.

nvd логотип

CVE-2009-3606

nvd
больше 15 лет назад

Integer overflow in the PSOutputDev::doImageL1Sep function in Xpdf before 3.02pl4, and Poppler 0.x, as used in kdegraphics KPDF, might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow.

debian логотип

CVE-2009-3606

debian
больше 15 лет назад

Integer overflow in the PSOutputDev::doImageL1Sep function in Xpdf bef ...

github логотип

GHSA-75g3-x63m-xg86

github
около 3 лет назад

Integer overflow in the PSOutputDev::doImageL1Sep function in Xpdf before 3.02pl4, and Poppler 0.x, as used in kdegraphics KPDF, might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow.

fstec логотип

BDU:2015-02169

fstec
больше 10 лет назад

Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

EPSS

Процентиль: 90%
0.06276
Низкий

9.3 Critical

CVSS2

Уязвимость CVE-2009-3606