What is the severity of CVE-2009-0147?

CVE-2009-0147 has a severity rating that could lead to denial of service due to application crashes.

How do I fix CVE-2009-0147?

To fix CVE-2009-0147, update your Xpdf or Glyph & Cog XpdfReader to the latest version that addresses this vulnerability.

What versions of Xpdf are affected by CVE-2009-0147?

Xpdf versions 0.5a, 0.7a, 0.91a, 0.91b, 0.91c, 0.92a, 0.92b, 0.92c, 0.92d, 0.92e, 0.93a, 0.93b, 0.93c, and 1.00a are affected by CVE-2009-0147.

Can CVE-2009-0147 be exploited remotely?

Yes, CVE-2009-0147 can be exploited remotely via specially-crafted PDF files.

What is the impact of CVE-2009-0147 on users?

The impact of CVE-2009-0147 on users includes potential crashes of applications using the vulnerable Xpdf components when processing malicious PDF files.

Vulnerability/
CVE-2009-0147

medium

4.3

CWE

190 189

17/3/2009

23/4/2009

11/5/2023

CVE-2009-0147: Integer Overflow

First published: Tue Mar 17 2009(Updated: )

Multiple integer overflows and one integer signedness error were found in the JBIG2 decoder. An attacker could use these flaws to cause a denial of service (application crash) via specially-crafted PDF file. Acknowledgements: Red Hat would like to thank Braden Thomas and Drew Yao of the Apple Product Security team for responsibly reporting these flaws.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Xpdf	=0.5a
Xpdf	=0.7a
Xpdf	=0.91a
Xpdf	=0.91b
Xpdf	=0.91c
Xpdf	=0.92a
Xpdf	=0.92b
Xpdf	=0.92c
Xpdf	=0.92d
Xpdf	=0.92e
Xpdf	=0.93a
Xpdf	=0.93b
Xpdf	=0.93c
Xpdf	=1.00a
Glyph & Cog XpdfReader	<=3.02
Glyph & Cog XpdfReader	=0.2
Glyph & Cog XpdfReader	=0.3
Glyph & Cog XpdfReader	=0.4
Glyph & Cog XpdfReader	=0.5
Glyph & Cog XpdfReader	=0.6
Glyph & Cog XpdfReader	=0.7
Glyph & Cog XpdfReader	=0.80
Glyph & Cog XpdfReader	=0.90
Glyph & Cog XpdfReader	=0.91
Glyph & Cog XpdfReader	=0.92
Glyph & Cog XpdfReader	=0.93
Glyph & Cog XpdfReader	=1.00
Glyph & Cog XpdfReader	=1.01
Glyph & Cog XpdfReader	=2.00
Glyph & Cog XpdfReader	=2.01
Glyph & Cog XpdfReader	=2.02
Glyph & Cog XpdfReader	=2.03
Glyph & Cog XpdfReader	=3.00
Glyph & Cog XpdfReader	=3.01
CUPS	<=1.3.9
CUPS	=1.1
CUPS	=1.1.1
CUPS	=1.1.2
CUPS	=1.1.3
CUPS	=1.1.4
CUPS	=1.1.5
CUPS	=1.1.5-1
CUPS	=1.1.5-2
CUPS	=1.1.6
CUPS	=1.1.6-1
CUPS	=1.1.6-2
CUPS	=1.1.6-3
CUPS	=1.1.7
CUPS	=1.1.8
CUPS	=1.1.9
CUPS	=1.1.9-1
CUPS	=1.1.10
CUPS	=1.1.10-1
CUPS	=1.1.11
CUPS	=1.1.12
CUPS	=1.1.13
CUPS	=1.1.14
CUPS	=1.1.15
CUPS	=1.1.16
CUPS	=1.1.17
CUPS	=1.1.18
CUPS	=1.1.19
CUPS	=1.1.19-rc1
CUPS	=1.1.19-rc2
CUPS	=1.1.19-rc3
CUPS	=1.1.19-rc4
CUPS	=1.1.19-rc5
CUPS	=1.1.20
CUPS	=1.1.20-rc1
CUPS	=1.1.20-rc2
CUPS	=1.1.20-rc3
CUPS	=1.1.20-rc4
CUPS	=1.1.20-rc5
CUPS	=1.1.20-rc6
CUPS	=1.1.21
CUPS	=1.1.21-rc1
CUPS	=1.1.21-rc2
CUPS	=1.1.22
CUPS	=1.1.22-rc1
CUPS	=1.1.22-rc2
CUPS	=1.1.23
CUPS	=1.1.23-rc1
CUPS	=1.2.0
CUPS	=1.2.1
CUPS	=1.2.2
CUPS	=1.2.3
CUPS	=1.2.4
CUPS	=1.2.5
CUPS	=1.2.6
CUPS	=1.2.7
CUPS	=1.2.8
CUPS	=1.2.9
CUPS	=1.2.10
CUPS	=1.2.11
CUPS	=1.2.12
CUPS	=1.3.0
CUPS	=1.3.1
CUPS	=1.3.2
CUPS	=1.3.3
CUPS	=1.3.4
CUPS	=1.3.5
CUPS	=1.3.6
CUPS	=1.3.7
CUPS	=1.3.8
CUPS	=1.3.10
CUPS	=1.3.11

Remedy

http://www.redhat.com/support/errata/RHSA-2009-0430.html

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2009-0147?
CVE-2009-0147 has a severity rating that could lead to denial of service due to application crashes.
How do I fix CVE-2009-0147?
To fix CVE-2009-0147, update your Xpdf or Glyph & Cog XpdfReader to the latest version that addresses this vulnerability.
What versions of Xpdf are affected by CVE-2009-0147?
Xpdf versions 0.5a, 0.7a, 0.91a, 0.91b, 0.91c, 0.92a, 0.92b, 0.92c, 0.92d, 0.92e, 0.93a, 0.93b, 0.93c, and 1.00a are affected by CVE-2009-0147.
Can CVE-2009-0147 be exploited remotely?
Yes, CVE-2009-0147 can be exploited remotely via specially-crafted PDF files.
What is the impact of CVE-2009-0147 on users?
The impact of CVE-2009-0147 on users includes potential crashes of applications using the vulnerable Xpdf components when processing malicious PDF files.

collector/redhat-bugzilla
alias/CVE-2009-0147
agent/type
agent/first-publish-date
agent/last-modified-date
agent/remedy
agent/severity
agent/weakness
agent/references
agent/author
agent/description
agent/event
agent/softwarecombine
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
collector/nvd-historical
vendor/foolabs
canonical/xpdf
version/xpdf/0.5a
version/xpdf/0.7a
version/xpdf/0.91a
version/xpdf/0.91b
version/xpdf/0.91c
version/xpdf/0.92a
version/xpdf/0.92b
version/xpdf/0.92c
version/xpdf/0.92d
version/xpdf/0.92e
version/xpdf/0.93a
version/xpdf/0.93b
version/xpdf/0.93c
version/xpdf/1.00a
vendor/glyphandcog
canonical/glyph & cog xpdfreader
version/glyph & cog xpdfreader/3.02
version/glyph & cog xpdfreader/0.2
version/glyph & cog xpdfreader/0.3
version/glyph & cog xpdfreader/0.4
version/glyph & cog xpdfreader/0.5
version/glyph & cog xpdfreader/0.6
version/glyph & cog xpdfreader/0.7
version/glyph & cog xpdfreader/0.80
version/glyph & cog xpdfreader/0.90
version/glyph & cog xpdfreader/0.91
version/glyph & cog xpdfreader/0.92
version/glyph & cog xpdfreader/0.93
version/glyph & cog xpdfreader/1.00
version/glyph & cog xpdfreader/1.01
version/glyph & cog xpdfreader/2.00
version/glyph & cog xpdfreader/2.01
version/glyph & cog xpdfreader/2.02
version/glyph & cog xpdfreader/2.03
version/glyph & cog xpdfreader/3.00
version/glyph & cog xpdfreader/3.01
vendor/apple
canonical/cups
version/cups/1.3.9
version/cups/1.1
version/cups/1.1.1
version/cups/1.1.2
version/cups/1.1.3
version/cups/1.1.4
version/cups/1.1.5
version/cups/1.1.5-1
version/cups/1.1.5-2
version/cups/1.1.6
version/cups/1.1.6-1
version/cups/1.1.6-2
version/cups/1.1.6-3
version/cups/1.1.7
version/cups/1.1.8
version/cups/1.1.9
version/cups/1.1.9-1
version/cups/1.1.10
version/cups/1.1.10-1
version/cups/1.1.11
version/cups/1.1.12
version/cups/1.1.13
version/cups/1.1.14
version/cups/1.1.15
version/cups/1.1.16
version/cups/1.1.17
version/cups/1.1.18
version/cups/1.1.19
version/cups/1.1.19-rc1
version/cups/1.1.19-rc2
version/cups/1.1.19-rc3
version/cups/1.1.19-rc4
version/cups/1.1.19-rc5
version/cups/1.1.20
version/cups/1.1.20-rc1
version/cups/1.1.20-rc2
version/cups/1.1.20-rc3
version/cups/1.1.20-rc4
version/cups/1.1.20-rc5
version/cups/1.1.20-rc6
version/cups/1.1.21
version/cups/1.1.21-rc1
version/cups/1.1.21-rc2
version/cups/1.1.22
version/cups/1.1.22-rc1
version/cups/1.1.22-rc2
version/cups/1.1.23
version/cups/1.1.23-rc1
version/cups/1.2.0
version/cups/1.2.1
version/cups/1.2.2
version/cups/1.2.3
version/cups/1.2.4
version/cups/1.2.5
version/cups/1.2.6
version/cups/1.2.7
version/cups/1.2.8
version/cups/1.2.9
version/cups/1.2.10
version/cups/1.2.11
version/cups/1.2.12
version/cups/1.3.0
version/cups/1.3.1
version/cups/1.3.2
version/cups/1.3.3
version/cups/1.3.4
version/cups/1.3.5
version/cups/1.3.6
version/cups/1.3.7
version/cups/1.3.8
version/cups/1.3.10
version/cups/1.3.11