Lucene search
Ubuntu.comUB:CVE-2009-1188HistoryApr 23, 2009 - 12:00 a.m.
CVE-2009-1188
2009-04-2300:00:00
ubuntu.com
ubuntu.com
12
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.235 Low
EPSS
Percentile
96.6%
Integer overflow in the JBIG2 decoding feature in the
SplashBitmap::SplashBitmap function in SplashBitmap.cc in Xpdf 3.x before
3.02pl4 and Poppler before 0.10.6, as used in GPdf and kdegraphics KPDF,
allows remote attackers to execute arbitrary code or cause a denial of
service (application crash) via a crafted PDF document.
Notes
| Author | Note |
|---|---|
| jdstrand | CUPS on Ubuntu uses system pdftops (compiled with --disable-pdftops) |
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 17.10 | noarch | poppler | <Β 0.10.5-1ubuntu2 | UNKNOWN |
| ubuntu | 18.04 | noarch | poppler | <Β 0.10.5-1ubuntu2 | UNKNOWN |
| ubuntu | 18.10 | noarch | poppler | <Β 0.10.5-1ubuntu2 | UNKNOWN |
| ubuntu | 6.06 | noarch | poppler | <Β 0.5.1-0ubuntu7.5 | UNKNOWN |
| ubuntu | 19.04 | noarch | poppler | <Β 0.10.5-1ubuntu2 | UNKNOWN |
| ubuntu | 19.10 | noarch | poppler | <Β 0.10.5-1ubuntu2 | UNKNOWN |
| ubuntu | 20.04 | noarch | poppler | <Β 0.10.5-1ubuntu2 | UNKNOWN |
| ubuntu | 20.10 | noarch | poppler | <Β 0.10.5-1ubuntu2 | UNKNOWN |
| ubuntu | 8.04 | noarch | poppler | <Β 0.6.4-1ubuntu3.2 | UNKNOWN |
| ubuntu | 21.04 | noarch | poppler | <Β 0.10.5-1ubuntu2 | UNKNOWN |
Related
cve
cve
CVE-2009-1188
2009-04-23 19:30:00
CVE-2009-3603
2009-10-21 17:30:00
veracode
veracode
Arbitrary Code Execution
2020-04-10 00:32:09
cvelist
cvelist
CVE-2009-1188
2009-04-23 19:11:00
CVE-2009-3603
2009-10-21 17:00:00
prion
prion
Integer overflow
2009-04-23 19:30:00
Integer overflow
2009-10-21 17:30:00
debiancve
debiancve
CVE-2009-1188
2009-04-23 19:30:00
CVE-2009-3603
2009-10-21 17:30:00
nvd
nvd
CVE-2009-1188
2009-04-23 19:30:00
CVE-2009-3603
2009-10-21 17:30:00
ubuntucve
ubuntucve
CVE-2009-3603
2009-10-21 00:00:00
oraclelinux
oraclelinux
kdegraphics security update
2009-10-15 00:00:00
gpdf security update
2009-10-15 00:00:00
xpdf security update
2009-10-15 00:00:00
nessus
nessus
Oracle Linux 4 : gpdf (ELSA-2009-1503)
2013-07-12 00:00:00
RHEL 4 : kdegraphics (RHSA-2009:1512)
2009-10-16 00:00:00
CentOS 4 : gpdf (CESA-2009:1503)
2010-01-06 00:00:00
centos
centos
kdegraphics security update
2009-10-16 13:29:57
gpdf security update
2009-10-16 13:29:50
xpdf security update
2009-10-16 13:29:40
openvas
openvas
RedHat Security Advisory RHSA-2009:1503
2009-10-19 00:00:00
CentOS Security Advisory CESA-2009:1512 (kdegraphics)
2009-10-19 00:00:00
RedHat Security Advisory RHSA-2009:1503
2009-10-19 00:00:00
redhat
redhat
(RHSA-2009:1503) Important: gpdf security update
2009-10-15 00:00:00
(RHSA-2009:1512) Important: kdegraphics security update
2009-10-15 00:00:00
(RHSA-2009:1501) Important: xpdf security update
2009-10-15 00:00:00
fedora
fedora
[SECURITY] Fedora 12 Update: pdfedit-0.4.3-4.fc12
2010-02-20 00:25:46
[SECURITY] Fedora 11 Update: pdfedit-0.4.3-4.fc11
2010-02-20 00:24:10
[SECURITY] Fedora 13 Update: pdfedit-0.4.3-4.fc13
2010-02-20 00:11:55
osv
osv
xpdf - several vulnerabilities
2010-04-05 00:00:00
kdegraphics - several vulnerabilities
2010-05-24 00:00:00
debian
debian
[SECURITY] [DSA 2028-1] New xpdf packages fix several vulnerabilities
2010-04-05 15:23:30
[SECURITY] [DSA 2050-1] New kdegraphics packages fix several vulnerabilities
2010-05-24 15:38:34
altlinux
altlinux
Security fix for the ALT Linux 5 package poppler5 version 0.10.6-alt1
2009-04-20 00:00:00
Security fix for the ALT Linux 5 package xpdf version 3.02-alt5
2009-04-22 00:00:00
cert
cert
ubuntu
ubuntu
poppler vulnerabilities
2009-04-16 00:00:00
seebug
seebug
Xpdf JBIG2ε€ηε€δΈͺηΌε²εΊζΊ’εΊεζη»ζε‘ζΌζ΄
2009-04-18 00:00:00
securityvulns
securityvulns
poppler library multiple security vulnerabilities
2009-04-18 00:00:00
gentoo
gentoo
Poppler: Multiple vulnerabilities
2013-10-06 00:00:00
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.235 Low
EPSS
Percentile
96.6%
Related for UB:CVE-2009-1188