Lucene search

K
ubuntucveUbuntu.comUB:CVE-2009-0195
HistoryApr 23, 2009 - 12:00 a.m.

CVE-2009-0195

2009-04-2300:00:00
ubuntu.com
ubuntu.com
16

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

EPSS

0.428

Percentile

97.4%

Heap-based buffer overflow in Xpdf 3.02pl2 and earlier, CUPS 1.3.9, and
probably other products, allows remote attackers to execute arbitrary code
via a PDF file with crafted JBIG2 symbol dictionary segments.

Notes

Author Note
mdeslaur Probably the same issue as CVE-2009-0146 fixed by usn-759-1 even though the CVE is not listed in it
sbeattie ipe uses system pdflatex
ccdm94 poppler 0.67.0 and forward uses xpdf 3.03+.
OSVersionArchitecturePackageVersionFilename
ubuntu9.04noarchkoffice< 1:1.6.3-7ubuntu6.1UNKNOWN
ubuntu17.10noarchpoppler< 0.10.5-1ubuntu2UNKNOWN
ubuntu18.04noarchpoppler< 0.10.5-1ubuntu2UNKNOWN
ubuntu18.10noarchpoppler< 0.10.5-1ubuntu2UNKNOWN
ubuntu6.06noarchpoppler< 0.5.1-0ubuntu7.5UNKNOWN
ubuntu19.04noarchpoppler< 0.10.5-1ubuntu2UNKNOWN
ubuntu19.10noarchpoppler< 0.10.5-1ubuntu2UNKNOWN
ubuntu20.04noarchpoppler< 0.10.5-1ubuntu2UNKNOWN
ubuntu20.10noarchpoppler< 0.10.5-1ubuntu2UNKNOWN
ubuntu8.04noarchpoppler< 0.6.4-1ubuntu3.2UNKNOWN
Rows per page:
1-10 of 351

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

EPSS

0.428

Percentile

97.4%