[Forgot Password]
Login  Register Subscribe

23631

 
 

126173

 
 

98218

 
 

909

 
 

79224

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML

CVE-2009-1182

Date: (C)2009-04-23   (M)2017-11-18 


Multiple buffer overflows in the JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allow remote attackers to execute arbitrary code via a crafted PDF file.

CVSS Score: 7.5Access Vector: NETWORK
Exploit Score: 10.0Access Complexity: LOW
Impact Score: 6.4Authentication: NONE
 Confidentiality: PARTIAL
 Integrity: PARTIAL
 Availability: PARTIAL





Reference:
SECTRACK-1022073
SECUNIA-34291
SECUNIA-34481
BID-34568
SECUNIA-34746
SECUNIA-34755
SECUNIA-34756
SECUNIA-34852
SECUNIA-34959
SECUNIA-34963
SECUNIA-34991
SECUNIA-35037
SECUNIA-35064
SECUNIA-35065
SECUNIA-35618
SECUNIA-35685
ADV-2009-1065
ADV-2009-1066
ADV-2009-1076
ADV-2009-1077
ADV-2010-1040
DSA-1790
DSA-1793
FEDORA-2009-6972
FEDORA-2009-6973
FEDORA-2009-6982
MDVSA-2009:101
MDVSA-2010:087
MDVSA-2011:175
RHSA-2009:0429
RHSA-2009:0430
RHSA-2009:0431
RHSA-2009:0458
RHSA-2009:0480
SSA:2009-129-01
SUSE-SA:2009:024
SUSE-SR:2009:010
SUSE-SR:2009:012
VU#196617
http://poppler.freedesktop.org/releases.html
https://bugzilla.redhat.com/show_bug.cgi?id=495896

CPE    92
cpe:/a:foolabs:xpdf:0.7
cpe:/a:foolabs:xpdf:0.6
cpe:/a:foolabs:xpdf:0.5
cpe:/a:foolabs:xpdf:0.4
...
CWE    1
CWE-119
OVAL    53
oval:org.secpod.oval:def:200493
oval:org.secpod.oval:def:500569
oval:org.secpod.oval:def:300796
oval:org.secpod.oval:def:300799
...

© 2013 SecPod Technologies