Multiple "input validation flaws" in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allow remote attackers to execute arbitrary code via a crafted PDF file.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
History
21 Nov 2024, 01:00
Type | Values Removed | Values Added |
---|---|---|
References | () http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html - | |
References | () http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html - | |
References | () http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html - | |
References | () http://poppler.freedesktop.org/releases.html - | |
References | () http://rhn.redhat.com/errata/RHSA-2009-0458.html - | |
References | () http://secunia.com/advisories/34291 - Vendor Advisory | |
References | () http://secunia.com/advisories/34481 - Vendor Advisory | |
References | () http://secunia.com/advisories/34746 - Vendor Advisory | |
References | () http://secunia.com/advisories/34755 - Vendor Advisory | |
References | () http://secunia.com/advisories/34756 - Vendor Advisory | |
References | () http://secunia.com/advisories/34852 - Vendor Advisory | |
References | () http://secunia.com/advisories/34959 - Vendor Advisory | |
References | () http://secunia.com/advisories/34963 - Vendor Advisory | |
References | () http://secunia.com/advisories/34991 - Vendor Advisory | |
References | () http://secunia.com/advisories/35037 - Vendor Advisory | |
References | () http://secunia.com/advisories/35064 - Vendor Advisory | |
References | () http://secunia.com/advisories/35065 - Vendor Advisory | |
References | () http://secunia.com/advisories/35618 - Vendor Advisory | |
References | () http://secunia.com/advisories/35685 - | |
References | () http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.578477 - | |
References | () http://www.debian.org/security/2009/dsa-1790 - | |
References | () http://www.debian.org/security/2009/dsa-1793 - | |
References | () http://www.kb.cert.org/vuls/id/196617 - US Government Resource | |
References | () http://www.mandriva.com/security/advisories?name=MDVSA-2009:101 - | |
References | () http://www.mandriva.com/security/advisories?name=MDVSA-2010:087 - | |
References | () http://www.mandriva.com/security/advisories?name=MDVSA-2011:175 - | |
References | () http://www.redhat.com/support/errata/RHSA-2009-0429.html - | |
References | () http://www.redhat.com/support/errata/RHSA-2009-0430.html - | |
References | () http://www.redhat.com/support/errata/RHSA-2009-0431.html - | |
References | () http://www.redhat.com/support/errata/RHSA-2009-0480.html - | |
References | () http://www.securityfocus.com/bid/34568 - | |
References | () http://www.securitytracker.com/id?1022073 - | |
References | () http://www.vupen.com/english/advisories/2009/1065 - Vendor Advisory | |
References | () http://www.vupen.com/english/advisories/2009/1066 - Vendor Advisory | |
References | () http://www.vupen.com/english/advisories/2009/1076 - Vendor Advisory | |
References | () http://www.vupen.com/english/advisories/2009/1077 - Vendor Advisory | |
References | () http://www.vupen.com/english/advisories/2010/1040 - Vendor Advisory | |
References | () https://bugzilla.redhat.com/show_bug.cgi?id=495887 - | |
References | () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11323 - | |
References | () https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html - | |
References | () https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html - | |
References | () https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html - |
Information
Published : 2009-04-23 17:30
Updated : 2024-11-21 01:00
NVD link : CVE-2009-0800
Mitre link : CVE-2009-0800
CVE.ORG link : CVE-2009-0800
JSON object : View
Products Affected
foolabs
- xpdf
glyphandcog
- xpdfreader
apple
- cups
poppler
- poppler
CWE
CWE-20
Improper Input Validation