First published: Tue Mar 17 2009(Updated: )
A security flaw was found in the JBIG2 decoder (possibility of freeing of uninitialized memory). An attacker could use this flaw to potentially cause a denial of service (application crash). Acknowledgements: Red Hat would like to thank Braden Thomas and Drew Yao of the Apple Product Security team for responsibly reporting this flaw.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Xpdf | =0.91c | |
Xpdf | =0.91b | |
Xpdf | =0.93b | |
Xpdf | =1.00a | |
Xpdf | =0.91a | |
Xpdf | =0.92e | |
Xpdf | =0.5a | |
Xpdf | =0.92b | |
Xpdf | =0.93c | |
Xpdf | =0.92c | |
Xpdf | =0.7a | |
Xpdf | =0.93a | |
Xpdf | =0.92d | |
Xpdf | =0.92a | |
Glyph & Cog XpdfReader | =0.2 | |
Glyph & Cog XpdfReader | =0.3 | |
Glyph & Cog XpdfReader | =0.4 | |
Glyph & Cog XpdfReader | =0.5 | |
Glyph & Cog XpdfReader | =0.6 | |
Glyph & Cog XpdfReader | =0.80 | |
Glyph & Cog XpdfReader | =0.90 | |
Glyph & Cog XpdfReader | =1.00 | |
Glyph & Cog XpdfReader | =1.01 | |
Glyph & Cog XpdfReader | =2.00 | |
Glyph & Cog XpdfReader | =2.01 | |
Glyph & Cog XpdfReader | =2.03 | |
Glyph & Cog XpdfReader | =3.00 | |
Glyph & Cog XpdfReader | =3.01 | |
Glyph & Cog XpdfReader | =0.7 | |
Glyph & Cog XpdfReader | =0.91 | |
Glyph & Cog XpdfReader | =0.92 | |
Glyph & Cog XpdfReader | =0.93 | |
Glyph & Cog XpdfReader | =2.02 | |
Glyph & Cog XpdfReader | <=3.02 | |
Poppler Utilities | =0.7.3 | |
Poppler Utilities | =0.3.2 | |
Poppler Utilities | =0.10.3 | |
Poppler Utilities | =0.4.0 | |
Poppler Utilities | =0.8.5 | |
Poppler Utilities | =0.9.3 | |
Poppler Utilities | =0.10.1 | |
Poppler Utilities | =0.10.0 | |
Poppler Utilities | =0.7.1 | |
Poppler Utilities | =0.6.1 | |
Poppler Utilities | =0.3.1 | |
Poppler Utilities | =0.5.2 | |
Poppler Utilities | =0.5.91 | |
Poppler Utilities | =0.6.0 | |
Poppler Utilities | =0.3.3 | |
Poppler Utilities | =0.4.2 | |
Poppler Utilities | =0.10.4 | |
Poppler Utilities | =0.9.2 | |
Poppler Utilities | =0.6.4 | |
Poppler Utilities | =0.1.2 | |
Poppler Utilities | =0.8.0 | |
Poppler Utilities | =0.8.3 | |
Poppler Utilities | =0.7.0 | |
Poppler Utilities | =0.7.2 | |
Poppler Utilities | =0.5.0 | |
Poppler Utilities | =0.8.6 | |
Poppler Utilities | =0.5.9 | |
Poppler Utilities | =0.5.90 | |
Poppler Utilities | =0.6.3 | |
Poppler Utilities | =0.2.0 | |
Poppler Utilities | =0.8.4 | |
Poppler Utilities | =0.5.4 | |
Poppler Utilities | =0.1.1 | |
Poppler Utilities | =0.9.0 | |
Poppler Utilities | =0.4.1 | |
Poppler Utilities | =0.5.3 | |
Poppler Utilities | <=0.10.5 | |
Poppler Utilities | =0.4.4 | |
Poppler Utilities | =0.8.7 | |
Poppler Utilities | =0.9.1 | |
Poppler Utilities | =0.3.0 | |
Poppler Utilities | =0.1 | |
Poppler Utilities | =0.6.2 | |
Poppler Utilities | =0.10.2 | |
Poppler Utilities | =0.4.3 | |
Poppler Utilities | =0.8.1 | |
Poppler Utilities | =0.5.1 | |
Poppler Utilities | =0.8.2 | |
CUPS | =1.1.20 | |
CUPS | =1.1.5-2 | |
CUPS | =1.1.14 | |
CUPS | =1.1.6-1 | |
CUPS | =1.1.18 | |
CUPS | =1.1.12 | |
CUPS | =1.3.11 | |
CUPS | =1.1.5-1 | |
CUPS | =1.3.3 | |
CUPS | =1.1.22 | |
CUPS | =1.2.0 | |
CUPS | =1.1.16 | |
CUPS | =1.3.1 | |
CUPS | =1.1.23-rc1 | |
CUPS | =1.1.20-rc1 | |
CUPS | =1.1.15 | |
CUPS | =1.1.17 | |
CUPS | =1.1.20-rc6 | |
CUPS | =1.2.4 | |
CUPS | =1.1.19-rc1 | |
CUPS | =1.3.2 | |
CUPS | =1.1.22-rc1 | |
CUPS | =1.1.7 | |
CUPS | =1.1.6-2 | |
CUPS | =1.1.3 | |
CUPS | =1.2.3 | |
CUPS | =1.1.21 | |
CUPS | =1.2.9 | |
CUPS | =1.2.10 | |
CUPS | =1.1.4 | |
CUPS | =1.1.23 | |
CUPS | =1.2.6 | |
CUPS | =1.3.8 | |
CUPS | =1.1.20-rc4 | |
CUPS | =1.1.19 | |
CUPS | =1.1 | |
CUPS | =1.3.4 | |
CUPS | =1.1.8 | |
CUPS | =1.1.5 | |
CUPS | =1.2.1 | |
CUPS | =1.1.2 | |
CUPS | =1.3.10 | |
CUPS | =1.1.13 | |
CUPS | =1.1.19-rc4 | |
CUPS | =1.1.9-1 | |
CUPS | =1.2.12 | |
CUPS | =1.1.21-rc2 | |
CUPS | =1.2.7 | |
CUPS | =1.1.6-3 | |
CUPS | =1.1.20-rc5 | |
CUPS | =1.1.9 | |
CUPS | =1.3.7 | |
CUPS | =1.1.19-rc5 | |
CUPS | <=1.3.9 | |
CUPS | =1.1.1 | |
CUPS | =1.2.8 | |
CUPS | =1.2.2 | |
CUPS | =1.1.10 | |
CUPS | =1.2.11 | |
CUPS | =1.1.22-rc2 | |
CUPS | =1.1.21-rc1 | |
CUPS | =1.1.11 | |
CUPS | =1.1.19-rc3 | |
CUPS | =1.1.6 | |
CUPS | =1.1.10-1 | |
CUPS | =1.3.0 | |
CUPS | =1.3.5 | |
CUPS | =1.3.6 | |
CUPS | =1.1.20-rc2 | |
CUPS | =1.1.20-rc3 | |
CUPS | =1.2.5 | |
CUPS | =1.1.19-rc2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2009-0166 has a medium severity rating due to the potential for denial of service caused by the JBIG2 decoder flaw.
To fix CVE-2009-0166, users should update to the latest patched version of affected software that addresses this vulnerability.
CVE-2009-0166 affects various versions of Xpdf, Glyph & Cog XpdfReader, and Poppler prior to version 0.10.5.
Yes, CVE-2009-0166 can potentially cause application crashes due to the freeing of uninitialized memory in the JBIG2 decoder.
CVE-2009-0166 is not limited to a specific operating system but affects multiple implementations of the decoding libraries across different platforms.