[Forgot Password]
Login  Register Subscribe

23631

 
 

117687

 
 

98503

 
 

909

 
 

79281

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML

CVE-2009-0800

Date: (C)2009-04-23   (M)2017-11-18 


Multiple "input validation flaws" in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allow remote attackers to execute arbitrary code via a crafted PDF file.

CVSS Score: 6.8Access Vector: NETWORK
Exploit Score: 8.6Access Complexity: MEDIUM
Impact Score: 6.4Authentication: NONE
 Confidentiality: PARTIAL
 Integrity: PARTIAL
 Availability: PARTIAL





Reference:
SECTRACK-1022073
SECUNIA-34291
SECUNIA-34481
BID-34568
SECUNIA-34746
SECUNIA-34755
SECUNIA-34756
SECUNIA-34852
SECUNIA-34959
SECUNIA-34963
SECUNIA-34991
SECUNIA-35037
SECUNIA-35064
SECUNIA-35065
SECUNIA-35618
SECUNIA-35685
ADV-2009-1065
ADV-2009-1066
ADV-2009-1076
ADV-2009-1077
ADV-2010-1040
DSA-1790
DSA-1793
FEDORA-2009-6972
FEDORA-2009-6973
FEDORA-2009-6982
MDVSA-2009:101
MDVSA-2010:087
MDVSA-2011:175
RHSA-2009:0429
RHSA-2009:0430
RHSA-2009:0431
RHSA-2009:0458
RHSA-2009:0480
SSA:2009-129-01
SUSE-SA:2009:024
SUSE-SR:2009:010
SUSE-SR:2009:012
VU#196617
http://poppler.freedesktop.org/releases.html
https://bugzilla.redhat.com/show_bug.cgi?id=495887

CPE    92
cpe:/a:foolabs:xpdf:0.7
cpe:/a:foolabs:xpdf:0.6
cpe:/a:foolabs:xpdf:0.5
cpe:/a:foolabs:xpdf:0.4
...
CWE    1
CWE-20
OVAL    54
oval:org.secpod.oval:def:202793
oval:org.secpod.oval:def:202792
oval:org.secpod.oval:def:200493
oval:org.secpod.oval:def:202798
...

© 2013 SecPod Technologies