CVE-2009-0800: Input Validation
First published: Wed Apr 15 2009(Updated: )
Multiple "input validation flaws" in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allow remote attackers to execute arbitrary code via a crafted PDF file.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Foolabs Xpdf | =0.91c | |
| Foolabs Xpdf | =0.91b | |
| Foolabs Xpdf | =0.93b | |
| Foolabs Xpdf | =1.00a | |
| Foolabs Xpdf | =0.91a | |
| Foolabs Xpdf | =0.92e | |
| Foolabs Xpdf | =0.5a | |
| Foolabs Xpdf | =0.92b | |
| Foolabs Xpdf | =0.93c | |
| Foolabs Xpdf | =0.92c | |
| Foolabs Xpdf | =0.7a | |
| Foolabs Xpdf | =0.93a | |
| Foolabs Xpdf | =0.92d | |
| Foolabs Xpdf | =0.92a | |
| Glyphandcog Xpdfreader | =0.2 | |
| Glyphandcog Xpdfreader | =0.3 | |
| Glyphandcog Xpdfreader | =0.4 | |
| Glyphandcog Xpdfreader | =0.5 | |
| Glyphandcog Xpdfreader | =0.6 | |
| Glyphandcog Xpdfreader | =0.80 | |
| Glyphandcog Xpdfreader | =0.90 | |
| Glyphandcog Xpdfreader | =1.00 | |
| Glyphandcog Xpdfreader | =1.01 | |
| Glyphandcog Xpdfreader | =2.00 | |
| Glyphandcog Xpdfreader | =2.01 | |
| Glyphandcog Xpdfreader | =2.03 | |
| Glyphandcog Xpdfreader | =3.00 | |
| Glyphandcog Xpdfreader | =3.01 | |
| Glyphandcog Xpdfreader | =0.7 | |
| Glyphandcog Xpdfreader | =0.91 | |
| Glyphandcog Xpdfreader | =0.92 | |
| Glyphandcog Xpdfreader | =0.93 | |
| Glyphandcog Xpdfreader | =2.02 | |
| Glyphandcog Xpdfreader | <=3.02 | |
| Poppler Poppler | =0.7.3 | |
| Poppler Poppler | =0.3.2 | |
| Poppler Poppler | =0.10.3 | |
| Poppler Poppler | =0.4.0 | |
| Poppler Poppler | =0.8.5 | |
| Poppler Poppler | =0.9.3 | |
| Poppler Poppler | =0.10.1 | |
| Poppler Poppler | =0.10.0 | |
| Poppler Poppler | =0.7.1 | |
| Poppler Poppler | =0.6.1 | |
| Poppler Poppler | =0.3.1 | |
| Poppler Poppler | =0.5.2 | |
| Poppler Poppler | =0.5.91 | |
| Poppler Poppler | =0.6.0 | |
| Poppler Poppler | =0.3.3 | |
| Poppler Poppler | =0.4.2 | |
| Poppler Poppler | =0.10.4 | |
| Poppler Poppler | =0.9.2 | |
| Poppler Poppler | =0.6.4 | |
| Poppler Poppler | =0.1.2 | |
| Poppler Poppler | =0.8.0 | |
| Poppler Poppler | =0.8.3 | |
| Poppler Poppler | =0.7.0 | |
| Poppler Poppler | =0.7.2 | |
| Poppler Poppler | =0.5.0 | |
| Poppler Poppler | =0.8.6 | |
| Poppler Poppler | =0.5.9 | |
| Poppler Poppler | =0.5.90 | |
| Poppler Poppler | =0.6.3 | |
| Poppler Poppler | =0.2.0 | |
| Poppler Poppler | =0.8.4 | |
| Poppler Poppler | =0.5.4 | |
| Poppler Poppler | =0.1.1 | |
| Poppler Poppler | =0.9.0 | |
| Poppler Poppler | =0.4.1 | |
| Poppler Poppler | =0.5.3 | |
| Poppler Poppler | <=0.10.5 | |
| Poppler Poppler | =0.4.4 | |
| Poppler Poppler | =0.8.7 | |
| Poppler Poppler | =0.9.1 | |
| Poppler Poppler | =0.3.0 | |
| Poppler Poppler | =0.1 | |
| Poppler Poppler | =0.6.2 | |
| Poppler Poppler | =0.10.2 | |
| Poppler Poppler | =0.4.3 | |
| Poppler Poppler | =0.8.1 | |
| Poppler Poppler | =0.5.1 | |
| Poppler Poppler | =0.8.2 | |
| Apple Cups | =1.1.20 | |
| Apple Cups | =1.1.5-2 | |
| Apple Cups | =1.1.14 | |
| Apple Cups | =1.1.6-1 | |
| Apple Cups | =1.1.18 | |
| Apple Cups | =1.1.12 | |
| Apple Cups | =1.3.11 | |
| Apple Cups | =1.1.5-1 | |
| Apple Cups | =1.3.3 | |
| Apple Cups | =1.1.22 | |
| Apple Cups | =1.2.0 | |
| Apple Cups | =1.1.16 | |
| Apple Cups | =1.3.1 | |
| Apple Cups | =1.1.23-rc1 | |
| Apple Cups | =1.1.20-rc1 | |
| Apple Cups | =1.1.15 | |
| Apple Cups | =1.1.17 | |
| Apple Cups | =1.1.20-rc6 | |
| Apple Cups | =1.2.4 | |
| Apple Cups | =1.1.19-rc1 | |
| Apple Cups | =1.3.2 | |
| Apple Cups | =1.1.22-rc1 | |
| Apple Cups | =1.1.7 | |
| Apple Cups | =1.1.6-2 | |
| Apple Cups | =1.1.3 | |
| Apple Cups | =1.2.3 | |
| Apple Cups | =1.1.21 | |
| Apple Cups | =1.2.9 | |
| Apple Cups | =1.2.10 | |
| Apple Cups | =1.1.4 | |
| Apple Cups | =1.1.23 | |
| Apple Cups | =1.2.6 | |
| Apple Cups | =1.3.8 | |
| Apple Cups | =1.1.20-rc4 | |
| Apple Cups | =1.1.19 | |
| Apple Cups | =1.1 | |
| Apple Cups | =1.3.4 | |
| Apple Cups | =1.1.8 | |
| Apple Cups | =1.1.5 | |
| Apple Cups | =1.2.1 | |
| Apple Cups | =1.1.2 | |
| Apple Cups | =1.3.10 | |
| Apple Cups | =1.1.13 | |
| Apple Cups | =1.1.19-rc4 | |
| Apple Cups | =1.1.9-1 | |
| Apple Cups | =1.2.12 | |
| Apple Cups | =1.1.21-rc2 | |
| Apple Cups | =1.2.7 | |
| Apple Cups | =1.1.6-3 | |
| Apple Cups | =1.1.20-rc5 | |
| Apple Cups | =1.1.9 | |
| Apple Cups | =1.3.7 | |
| Apple Cups | =1.1.19-rc5 | |
| Apple Cups | <=1.3.9 | |
| Apple Cups | =1.1.1 | |
| Apple Cups | =1.2.8 | |
| Apple Cups | =1.2.2 | |
| Apple Cups | =1.1.10 | |
| Apple Cups | =1.2.11 | |
| Apple Cups | =1.1.22-rc2 | |
| Apple Cups | =1.1.21-rc1 | |
| Apple Cups | =1.1.11 | |
| Apple Cups | =1.1.19-rc3 | |
| Apple Cups | =1.1.6 | |
| Apple Cups | =1.1.10-1 | |
| Apple Cups | =1.3.0 | |
| Apple Cups | =1.3.5 | |
| Apple Cups | =1.3.6 | |
| Apple Cups | =1.1.20-rc2 | |
| Apple Cups | =1.1.20-rc3 | |
| Apple Cups | =1.2.5 | |
| Apple Cups | =1.1.19-rc2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://bugzilla.redhat.com/show_bug.cgi?id=495887
- http://secunia.com/advisories/34755
- http://www.redhat.com/support/errata/RHSA-2009-0430.html
- http://www.vupen.com/english/advisories/2009/1076
- http://secunia.com/advisories/34746
- http://www.securityfocus.com/bid/34568
- http://www.securitytracker.com/id?1022073
- http://poppler.freedesktop.org/releases.html
- http://www.vupen.com/english/advisories/2009/1077
- http://secunia.com/advisories/34481
- http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html
- http://www.vupen.com/english/advisories/2009/1065
- http://secunia.com/advisories/34291
- http://secunia.com/advisories/34852
- http://www.vupen.com/english/advisories/2009/1066
- http://www.redhat.com/support/errata/RHSA-2009-0429.html
- http://www.redhat.com/support/errata/RHSA-2009-0431.html
- http://secunia.com/advisories/34756
- http://www.kb.cert.org/vuls/id/196617
- http://www.mandriva.com/security/advisories?name=MDVSA-2009:101
- http://www.debian.org/security/2009/dsa-1790
- http://secunia.com/advisories/34959
- http://secunia.com/advisories/34963
- http://rhn.redhat.com/errata/RHSA-2009-0458.html
- http://secunia.com/advisories/35037
- http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.578477
- http://secunia.com/advisories/35065
- http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html
- http://www.redhat.com/support/errata/RHSA-2009-0480.html
- http://www.debian.org/security/2009/dsa-1793
- http://secunia.com/advisories/34991
- http://secunia.com/advisories/35064
- http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html
- http://secunia.com/advisories/35618
- https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html
- https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html
- https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html
- http://secunia.com/advisories/35685
- http://www.mandriva.com/security/advisories?name=MDVSA-2010:087
- http://www.vupen.com/english/advisories/2010/1040
- http://www.mandriva.com/security/advisories?name=MDVSA-2011:175
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11323
- http://admin.fedoraproject.org/updates/xpdf-3.02-13.fc9
- http://admin.fedoraproject.org/updates/xpdf-3.02-13.fc10
- https://rhn.redhat.com/errata/RHSA-2009-0430.html
- https://rhn.redhat.com/errata/RHSA-2009-0431.html
- https://rhn.redhat.com/errata/RHSA-2009-0429.html
- https://rhn.redhat.com/errata/RHSA-2009-0458.html
- https://rhn.redhat.com/errata/RHSA-2009-0480.html
- https://rhn.redhat.com/errata/RHSA-2010-0399.html
- https://rhn.redhat.com/errata/RHSA-2010-0400.html
- collector/redhat-bugzilla
- alias/CVE-2009-0800
- collector/nvd-historical
- collector/nvd-index
- agent/author
- agent/description
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/references
- agent/severity
- agent/softwarecombine
- agent/tags
- agent/type
- agent/weakness
- vendor/foolabs
- canonical/foolabs xpdf
- version/foolabs xpdf/0.91c
- version/foolabs xpdf/0.91b
- version/foolabs xpdf/0.93b
- version/foolabs xpdf/1.00a
- version/foolabs xpdf/0.91a
- version/foolabs xpdf/0.92e
- version/foolabs xpdf/0.5a
- version/foolabs xpdf/0.92b
- version/foolabs xpdf/0.93c
- version/foolabs xpdf/0.92c
- version/foolabs xpdf/0.7a
- version/foolabs xpdf/0.93a
- version/foolabs xpdf/0.92d
- version/foolabs xpdf/0.92a
- vendor/glyphandcog
- canonical/glyphandcog xpdfreader
- version/glyphandcog xpdfreader/0.2
- version/glyphandcog xpdfreader/0.3
- version/glyphandcog xpdfreader/0.4
- version/glyphandcog xpdfreader/0.5
- version/glyphandcog xpdfreader/0.6
- version/glyphandcog xpdfreader/0.80
- version/glyphandcog xpdfreader/0.90
- version/glyphandcog xpdfreader/1.00
- version/glyphandcog xpdfreader/1.01
- version/glyphandcog xpdfreader/2.00
- version/glyphandcog xpdfreader/2.01
- version/glyphandcog xpdfreader/2.03
- version/glyphandcog xpdfreader/3.00
- version/glyphandcog xpdfreader/3.01
- version/glyphandcog xpdfreader/0.7
- version/glyphandcog xpdfreader/0.91
- version/glyphandcog xpdfreader/0.92
- version/glyphandcog xpdfreader/0.93
- version/glyphandcog xpdfreader/2.02
- version/glyphandcog xpdfreader/3.02
- vendor/poppler
- canonical/poppler poppler
- version/poppler poppler/0.7.3
- version/poppler poppler/0.3.2
- version/poppler poppler/0.10.3
- version/poppler poppler/0.4.0
- version/poppler poppler/0.8.5
- version/poppler poppler/0.9.3
- version/poppler poppler/0.10.1
- version/poppler poppler/0.10.0
- version/poppler poppler/0.7.1
- version/poppler poppler/0.6.1
- version/poppler poppler/0.3.1
- version/poppler poppler/0.5.2
- version/poppler poppler/0.5.91
- version/poppler poppler/0.6.0
- version/poppler poppler/0.3.3
- version/poppler poppler/0.4.2
- version/poppler poppler/0.10.4
- version/poppler poppler/0.9.2
- version/poppler poppler/0.6.4
- version/poppler poppler/0.1.2
- version/poppler poppler/0.8.0
- version/poppler poppler/0.8.3
- version/poppler poppler/0.7.0
- version/poppler poppler/0.7.2
- version/poppler poppler/0.5.0
- version/poppler poppler/0.8.6
- version/poppler poppler/0.5.9
- version/poppler poppler/0.5.90
- version/poppler poppler/0.6.3
- version/poppler poppler/0.2.0
- version/poppler poppler/0.8.4
- version/poppler poppler/0.5.4
- version/poppler poppler/0.1.1
- version/poppler poppler/0.9.0
- version/poppler poppler/0.4.1
- version/poppler poppler/0.5.3
- version/poppler poppler/0.10.5
- version/poppler poppler/0.4.4
- version/poppler poppler/0.8.7
- version/poppler poppler/0.9.1
- version/poppler poppler/0.3.0
- version/poppler poppler/0.1
- version/poppler poppler/0.6.2
- version/poppler poppler/0.10.2
- version/poppler poppler/0.4.3
- version/poppler poppler/0.8.1
- version/poppler poppler/0.5.1
- version/poppler poppler/0.8.2
- vendor/apple
- canonical/apple cups
- version/apple cups/1.1.20
- version/apple cups/1.1.5-2
- version/apple cups/1.1.14
- version/apple cups/1.1.6-1
- version/apple cups/1.1.18
- version/apple cups/1.1.12
- version/apple cups/1.3.11
- version/apple cups/1.1.5-1
- version/apple cups/1.3.3
- version/apple cups/1.1.22
- version/apple cups/1.2.0
- version/apple cups/1.1.16
- version/apple cups/1.3.1
- version/apple cups/1.1.23-rc1
- version/apple cups/1.1.20-rc1
- version/apple cups/1.1.15
- version/apple cups/1.1.17
- version/apple cups/1.1.20-rc6
- version/apple cups/1.2.4
- version/apple cups/1.1.19-rc1
- version/apple cups/1.3.2
- version/apple cups/1.1.22-rc1
- version/apple cups/1.1.7
- version/apple cups/1.1.6-2
- version/apple cups/1.1.3
- version/apple cups/1.2.3
- version/apple cups/1.1.21
- version/apple cups/1.2.9
- version/apple cups/1.2.10
- version/apple cups/1.1.4
- version/apple cups/1.1.23
- version/apple cups/1.2.6
- version/apple cups/1.3.8
- version/apple cups/1.1.20-rc4
- version/apple cups/1.1.19
- version/apple cups/1.1
- version/apple cups/1.3.4
- version/apple cups/1.1.8
- version/apple cups/1.1.5
- version/apple cups/1.2.1
- version/apple cups/1.1.2
- version/apple cups/1.3.10
- version/apple cups/1.1.13
- version/apple cups/1.1.19-rc4
- version/apple cups/1.1.9-1
- version/apple cups/1.2.12
- version/apple cups/1.1.21-rc2
- version/apple cups/1.2.7
- version/apple cups/1.1.6-3
- version/apple cups/1.1.20-rc5
- version/apple cups/1.1.9
- version/apple cups/1.3.7
- version/apple cups/1.1.19-rc5
- version/apple cups/1.3.9
- version/apple cups/1.1.1
- version/apple cups/1.2.8
- version/apple cups/1.2.2
- version/apple cups/1.1.10
- version/apple cups/1.2.11
- version/apple cups/1.1.22-rc2
- version/apple cups/1.1.21-rc1
- version/apple cups/1.1.11
- version/apple cups/1.1.19-rc3
- version/apple cups/1.1.6
- version/apple cups/1.1.10-1
- version/apple cups/1.3.0
- version/apple cups/1.3.5
- version/apple cups/1.3.6
- version/apple cups/1.1.20-rc2
- version/apple cups/1.1.20-rc3
- version/apple cups/1.2.5
- version/apple cups/1.1.19-rc2