Lucene search

PRIOn knowledge basePRION:CVE-2009-1188

HistoryApr 23, 2009 - 7:30 p.m.

Integer overflow

2009-04-2319:30:00

PRIOn knowledge base

www.prio-n.com

8.1 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.235 Low

EPSS

Percentile

96.4%

JSON

Integer overflow in the JBIG2 decoding feature in the SplashBitmap::SplashBitmap function in SplashBitmap.cc in Xpdf 3.x before 3.02pl4 and Poppler before 0.10.6, as used in GPdf and kdegraphics KPDF, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document.

CPENameOperatorVersion
popplereq0.7.3
popplereq0.3.2
popplereq0.10.3
popplereq0.4.0
popplereq0.8.5
popplereq0.9.3
popplereq0.10.1
popplereq0.10.0
popplereq0.7.1
popplereq0.6.1

Name	Operator	Version
poppler	eq	0.7.3
poppler	eq	0.3.2
poppler	eq	0.10.3
poppler	eq	0.4.0
poppler	eq	0.8.5
poppler	eq	0.9.3
poppler	eq	0.10.1
poppler	eq	0.10.0
poppler	eq	0.7.1
poppler	eq	0.6.1

Rows per page:

1-10 of 481

References

bugs.gentoo.org/show_bug.cgi?id=263028

poppler.freedesktop.org/releases.html

secunia.com/advisories/34746

secunia.com/advisories/35064

secunia.com/advisories/35618

secunia.com/advisories/37028

secunia.com/advisories/37037

secunia.com/advisories/37043

secunia.com/advisories/37053

secunia.com/advisories/37077

secunia.com/advisories/37079

secunia.com/advisories/39327

secunia.com/advisories/39938

wiki.rpath.com/Advisories:rPSA-2009-0059

www.debian.org/security/2010/dsa-2028

www.debian.org/security/2010/dsa-2050

www.kb.cert.org/vuls/id/196617

www.mandriva.com/security/advisories?name=MDVSA-2010:087

www.mandriva.com/security/advisories?name=MDVSA-2011:175

www.redhat.com/support/errata/RHSA-2009-0480.html

www.securityfocus.com/archive/1/502761/100/0/threaded

www.securityfocus.com/bid/34568

www.vupen.com/english/advisories/2009/1076

www.vupen.com/english/advisories/2009/2928

www.vupen.com/english/advisories/2010/0802

www.vupen.com/english/advisories/2010/1040

www.vupen.com/english/advisories/2010/1220

bugs.launchpad.net/ubuntu/+source/poppler/+bug/361875

bugzilla.redhat.com/show_bug.cgi?id=495907

bugzilla.redhat.com/show_bug.cgi?id=526915

exchange.xforce.ibmcloud.com/vulnerabilities/50185

lists.fedoraproject.org/pipermail/package-announce/2010-February/035340.html

lists.fedoraproject.org/pipermail/package-announce/2010-February/035399.html

lists.fedoraproject.org/pipermail/package-announce/2010-February/035408.html

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9957

rhn.redhat.com/errata/RHSA-2009-1501.html

rhn.redhat.com/errata/RHSA-2009-1502.html

rhn.redhat.com/errata/RHSA-2009-1503.html

rhn.redhat.com/errata/RHSA-2009-1512.html

www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html

www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html

www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html

8.1 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.235 Low

EPSS

Percentile

96.4%

JSON

Related for PRION:CVE-2009-1188