Lucene search

[email protected]NVD:CVE-2009-1179

HistoryApr 23, 2009 - 5:30 p.m.

CVE-2009-1179

2009-04-2317:30:01

CWE-189

[email protected]

web.nvd.nist.gov

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.9 High

AI Score

Confidence

High

0.239 Low

EPSS

Percentile

96.6%

JSON

Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to execute arbitrary code via a crafted PDF file.

Affected configurations

NVD

Node

foolabsxpdfMatch0.5a

foolabsxpdfMatch0.7a

foolabsxpdfMatch0.91a

foolabsxpdfMatch0.91b

foolabsxpdfMatch0.91c

foolabsxpdfMatch0.92a

foolabsxpdfMatch0.92b

foolabsxpdfMatch0.92c

foolabsxpdfMatch0.92d

foolabsxpdfMatch0.92e

foolabsxpdfMatch0.93a

foolabsxpdfMatch0.93b

foolabsxpdfMatch0.93c

foolabsxpdfMatch1.00a

glyphandcogxpdfreaderRange≤3.02

glyphandcogxpdfreaderMatch0.2

glyphandcogxpdfreaderMatch0.3

glyphandcogxpdfreaderMatch0.4

glyphandcogxpdfreaderMatch0.5

glyphandcogxpdfreaderMatch0.6

glyphandcogxpdfreaderMatch0.7

glyphandcogxpdfreaderMatch0.80

glyphandcogxpdfreaderMatch0.90

glyphandcogxpdfreaderMatch0.91

glyphandcogxpdfreaderMatch0.92

glyphandcogxpdfreaderMatch0.93

glyphandcogxpdfreaderMatch1.00

glyphandcogxpdfreaderMatch1.01

glyphandcogxpdfreaderMatch2.00

glyphandcogxpdfreaderMatch2.01

glyphandcogxpdfreaderMatch2.02

glyphandcogxpdfreaderMatch2.03

glyphandcogxpdfreaderMatch3.00

glyphandcogxpdfreaderMatch3.01

Node

popplerpopplerRange≤0.10.5

popplerpopplerMatch0.1

popplerpopplerMatch0.1.1

popplerpopplerMatch0.1.2

popplerpopplerMatch0.2.0

popplerpopplerMatch0.3.0

popplerpopplerMatch0.3.1

popplerpopplerMatch0.3.2

popplerpopplerMatch0.3.3

popplerpopplerMatch0.4.0

popplerpopplerMatch0.4.1

popplerpopplerMatch0.4.2

popplerpopplerMatch0.4.3

popplerpopplerMatch0.4.4

popplerpopplerMatch0.5.0

popplerpopplerMatch0.5.1

popplerpopplerMatch0.5.2

popplerpopplerMatch0.5.3

popplerpopplerMatch0.5.4

popplerpopplerMatch0.5.9

popplerpopplerMatch0.5.90

popplerpopplerMatch0.5.91

popplerpopplerMatch0.6.0

popplerpopplerMatch0.6.1

popplerpopplerMatch0.6.2

popplerpopplerMatch0.6.3

popplerpopplerMatch0.6.4

popplerpopplerMatch0.7.0

popplerpopplerMatch0.7.1

popplerpopplerMatch0.7.2

popplerpopplerMatch0.7.3

popplerpopplerMatch0.8.0

popplerpopplerMatch0.8.1

popplerpopplerMatch0.8.2

popplerpopplerMatch0.8.3

popplerpopplerMatch0.8.4

popplerpopplerMatch0.8.5

popplerpopplerMatch0.8.6

popplerpopplerMatch0.8.7

popplerpopplerMatch0.9.0

popplerpopplerMatch0.9.1

popplerpopplerMatch0.9.2

popplerpopplerMatch0.9.3

popplerpopplerMatch0.10.0

popplerpopplerMatch0.10.1

popplerpopplerMatch0.10.2

popplerpopplerMatch0.10.3

popplerpopplerMatch0.10.4

Node

applecupsRange≤1.3.9

applecupsMatch1.1

applecupsMatch1.1.1

applecupsMatch1.1.2

applecupsMatch1.1.3

applecupsMatch1.1.4

applecupsMatch1.1.5

applecupsMatch1.1.5-1

applecupsMatch1.1.5-2

applecupsMatch1.1.6

applecupsMatch1.1.6-1

applecupsMatch1.1.6-2

applecupsMatch1.1.6-3

applecupsMatch1.1.7

applecupsMatch1.1.8

applecupsMatch1.1.9

applecupsMatch1.1.9-1

applecupsMatch1.1.10

applecupsMatch1.1.10-1

applecupsMatch1.1.11

applecupsMatch1.1.12

applecupsMatch1.1.13

applecupsMatch1.1.14

applecupsMatch1.1.15

applecupsMatch1.1.16

applecupsMatch1.1.17

applecupsMatch1.1.18

applecupsMatch1.1.19

applecupsMatch1.1.19rc1

applecupsMatch1.1.19rc2

applecupsMatch1.1.19rc3

applecupsMatch1.1.19rc4

applecupsMatch1.1.19rc5

applecupsMatch1.1.20

applecupsMatch1.1.20rc1

applecupsMatch1.1.20rc2

applecupsMatch1.1.20rc3

applecupsMatch1.1.20rc4

applecupsMatch1.1.20rc5

applecupsMatch1.1.20rc6

applecupsMatch1.1.21

applecupsMatch1.1.21rc1

applecupsMatch1.1.21rc2

applecupsMatch1.1.22

applecupsMatch1.1.22rc1

applecupsMatch1.1.22rc2

applecupsMatch1.1.23

applecupsMatch1.1.23rc1

applecupsMatch1.2.0

applecupsMatch1.2.1

applecupsMatch1.2.2

applecupsMatch1.2.3

applecupsMatch1.2.4

applecupsMatch1.2.5

applecupsMatch1.2.6

applecupsMatch1.2.7

applecupsMatch1.2.8

applecupsMatch1.2.9

applecupsMatch1.2.10

applecupsMatch1.2.11

applecupsMatch1.2.12

applecupsMatch1.3.0

applecupsMatch1.3.1

applecupsMatch1.3.2

applecupsMatch1.3.3

applecupsMatch1.3.4

applecupsMatch1.3.5

applecupsMatch1.3.6

applecupsMatch1.3.7

applecupsMatch1.3.8

applecupsMatch1.3.10

applecupsMatch1.3.11

References

lists.apple.com/archives/security-announce/2009/jun/msg00002.html

lists.apple.com/archives/security-announce/2009/Jun/msg00005.html

lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html

lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html

lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html

poppler.freedesktop.org/releases.html

rhn.redhat.com/errata/RHSA-2009-0458.html

secunia.com/advisories/34291

secunia.com/advisories/34481

secunia.com/advisories/34746

secunia.com/advisories/34755

secunia.com/advisories/34756

secunia.com/advisories/34852

secunia.com/advisories/34959

secunia.com/advisories/34963

secunia.com/advisories/34991

secunia.com/advisories/35037

secunia.com/advisories/35064

secunia.com/advisories/35065

secunia.com/advisories/35379

secunia.com/advisories/35618

secunia.com/advisories/35685

slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.578477

support.apple.com/kb/HT3613

support.apple.com/kb/HT3639

www.debian.org/security/2009/dsa-1790

www.debian.org/security/2009/dsa-1793

www.kb.cert.org/vuls/id/196617

www.mandriva.com/security/advisories?name=MDVSA-2009:101

www.mandriva.com/security/advisories?name=MDVSA-2010:087

www.mandriva.com/security/advisories?name=MDVSA-2011:175

www.redhat.com/support/errata/RHSA-2009-0429.html

www.redhat.com/support/errata/RHSA-2009-0430.html

www.redhat.com/support/errata/RHSA-2009-0431.html

www.redhat.com/support/errata/RHSA-2009-0480.html

www.securityfocus.com/bid/34568

www.securitytracker.com/id?1022073

www.vupen.com/english/advisories/2009/1065

www.vupen.com/english/advisories/2009/1066

www.vupen.com/english/advisories/2009/1076

www.vupen.com/english/advisories/2009/1077

www.vupen.com/english/advisories/2009/1522

www.vupen.com/english/advisories/2009/1621

www.vupen.com/english/advisories/2010/1040

bugzilla.redhat.com/show_bug.cgi?id=495889

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11892

www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html

www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html

www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.9 High

AI Score

Confidence

High

0.239 Low

EPSS

Percentile

96.6%

JSON

Related for NVD:CVE-2009-1179

debiancve2 veracode1 cve2 prion2 cvelist2 ubuntucve2 nvd1 openvas94 cert1 altlinux3 nessus51 fedora6 freebsd1 oraclelinux5 osv2 slackware1 debian4 redhat7 centos6 seebug1 suse1 ubuntu2 securityvulns2