Lucene search

K
ubuntucveUbuntu.comUB:CVE-2009-0146
HistoryApr 23, 2009 - 12:00 a.m.

CVE-2009-0146

2009-04-2300:00:00
ubuntu.com
ubuntu.com
14

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

EPSS

0.028

Percentile

90.6%

Multiple buffer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and earlier,
CUPS 1.3.9 and earlier, and other products allow remote attackers to cause
a denial of service (crash) via a crafted PDF file, related to (1)
JBIG2SymbolDict::setBitmap and (2) JBIG2Stream::readSymbolDictSeg.

Notes

Author Note
jdstrand CUPS on Ubuntu uses system pdftops (compiled with --disable-pdftops)
sbeattie ipe uses pdflatex from tetex-bin
OSVersionArchitecturePackageVersionFilename
ubuntu9.04noarchkoffice< 1:1.6.3-7ubuntu6.1UNKNOWN
ubuntu6.06noarchpoppler< 0.5.1-0ubuntu7.5UNKNOWN
ubuntu8.04noarchpoppler< 0.6.4-1ubuntu3.2UNKNOWN
ubuntu8.10noarchpoppler< 0.8.7-1ubuntu0.2UNKNOWN
ubuntu9.04noarchpoppler< 0.10.5-1ubuntu2UNKNOWN
ubuntu9.10noarchpoppler< 0.10.5-1ubuntu2UNKNOWN
ubuntu10.04noarchpoppler< 0.10.5-1ubuntu2UNKNOWN
ubuntu10.10noarchpoppler< 0.10.5-1ubuntu2UNKNOWN
ubuntu11.04noarchpoppler< 0.10.5-1ubuntu2UNKNOWN
ubuntu11.10noarchpoppler< 0.10.5-1ubuntu2UNKNOWN
Rows per page:
1-10 of 211

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

EPSS

0.028

Percentile

90.6%