What is the severity of CVE-2009-1187?

CVE-2009-1187 is classified as a high severity vulnerability due to its potential to cause denial of service and arbitrary code execution.

How do I fix CVE-2009-1187?

To fix CVE-2009-1187, upgrade Poppler to version 0.10.6 or later, which contains the necessary patches.

What are the vulnerable versions of Poppler related to CVE-2009-1187?

Vulnerable versions of Poppler related to CVE-2009-1187 include any version prior to 0.10.6.

What type of attack does CVE-2009-1187 relate to?

CVE-2009-1187 relates to an integer overflow attack that can lead to a crash or potential arbitrary code execution.

Where does CVE-2009-1187 affect Poppler?

CVE-2009-1187 affects the JBIG2 decoding feature within the Poppler library, specifically within CairoOutputDev.

Vulnerability/
CVE-2009-1187

medium

CWE

189 190

23/4/2009

7/8/2024

CVE-2009-1187: Integer Overflow

First published: Thu Apr 23 2009(Updated: )

Integer overflow in the JBIG2 decoding feature in Poppler before 0.10.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to CairoOutputDev (CairoOutputDev.cc).

Credit: secalert@redhat.com

Affected Software	Affected Version	How to fix
Poppler Poppler	=0.7.3
Poppler Poppler	=0.3.2
Poppler Poppler	=0.10.3
Poppler Poppler	=0.4.0
Poppler Poppler	=0.8.5
Poppler Poppler	=0.9.3
Poppler Poppler	=0.10.1
Poppler Poppler	=0.10.0
Poppler Poppler	=0.7.1
Poppler Poppler	=0.6.1
Poppler Poppler	=0.3.1
Poppler Poppler	=0.5.2
Poppler Poppler	=0.5.91
Poppler Poppler	=0.6.0
Poppler Poppler	=0.3.3
Poppler Poppler	=0.4.2
Poppler Poppler	=0.10.4
Poppler Poppler	=0.9.2
Poppler Poppler	=0.6.4
Poppler Poppler	=0.1.2
Poppler Poppler	=0.8.0
Poppler Poppler	=0.8.3
Poppler Poppler	=0.7.0
Poppler Poppler	=0.7.2
Poppler Poppler	=0.5.0
Poppler Poppler	=0.8.6
Poppler Poppler	=0.5.9
Poppler Poppler	=0.5.90
Poppler Poppler	=0.6.3
Poppler Poppler	=0.2.0
Poppler Poppler	=0.8.4
Poppler Poppler	=0.5.4
Poppler Poppler	=0.1.1
Poppler Poppler	=0.9.0
Poppler Poppler	=0.4.1
Poppler Poppler	=0.5.3
Poppler Poppler	<=0.10.5
Poppler Poppler	=0.4.4
Poppler Poppler	=0.8.7
Poppler Poppler	=0.9.1
Poppler Poppler	=0.3.0
Poppler Poppler	=0.1
Poppler Poppler	=0.6.2
Poppler Poppler	=0.10.2
Poppler Poppler	=0.4.3
Poppler Poppler	=0.8.1
Poppler Poppler	=0.5.1
Poppler Poppler	=0.8.2

Remedy

http://bugs.gentoo.org/show_bug.cgi?id=263028#c16

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2009-1187?
CVE-2009-1187 is classified as a high severity vulnerability due to its potential to cause denial of service and arbitrary code execution.
How do I fix CVE-2009-1187?
To fix CVE-2009-1187, upgrade Poppler to version 0.10.6 or later, which contains the necessary patches.
What are the vulnerable versions of Poppler related to CVE-2009-1187?
Vulnerable versions of Poppler related to CVE-2009-1187 include any version prior to 0.10.6.
What type of attack does CVE-2009-1187 relate to?
CVE-2009-1187 relates to an integer overflow attack that can lead to a crash or potential arbitrary code execution.
Where does CVE-2009-1187 affect Poppler?
CVE-2009-1187 affects the JBIG2 decoding feature within the Poppler library, specifically within CairoOutputDev.

collector/nvd-historical
collector/nvd-index
agent/references
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/remedy
agent/author
agent/last-modified-date
agent/weakness
agent/severity
agent/type
agent/description
agent/first-publish-date
agent/event
agent/tags
agent/source
vendor/poppler
canonical/poppler poppler
version/poppler poppler/0.7.3
version/poppler poppler/0.3.2
version/poppler poppler/0.10.3
version/poppler poppler/0.4.0
version/poppler poppler/0.8.5
version/poppler poppler/0.9.3
version/poppler poppler/0.10.1
version/poppler poppler/0.10.0
version/poppler poppler/0.7.1
version/poppler poppler/0.6.1
version/poppler poppler/0.3.1
version/poppler poppler/0.5.2
version/poppler poppler/0.5.91
version/poppler poppler/0.6.0
version/poppler poppler/0.3.3
version/poppler poppler/0.4.2
version/poppler poppler/0.10.4
version/poppler poppler/0.9.2
version/poppler poppler/0.6.4
version/poppler poppler/0.1.2
version/poppler poppler/0.8.0
version/poppler poppler/0.8.3
version/poppler poppler/0.7.0
version/poppler poppler/0.7.2
version/poppler poppler/0.5.0
version/poppler poppler/0.8.6
version/poppler poppler/0.5.9
version/poppler poppler/0.5.90
version/poppler poppler/0.6.3
version/poppler poppler/0.2.0
version/poppler poppler/0.8.4
version/poppler poppler/0.5.4
version/poppler poppler/0.1.1
version/poppler poppler/0.9.0
version/poppler poppler/0.4.1
version/poppler poppler/0.5.3
version/poppler poppler/0.10.5
version/poppler poppler/0.4.4
version/poppler poppler/0.8.7
version/poppler poppler/0.9.1
version/poppler poppler/0.3.0
version/poppler poppler/0.1
version/poppler poppler/0.6.2
version/poppler poppler/0.10.2
version/poppler poppler/0.4.3
version/poppler poppler/0.8.1
version/poppler poppler/0.5.1
version/poppler poppler/0.8.2

CVE-2009-1187: Integer Overflow

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2009-1187?

How do I fix CVE-2009-1187?

What are the vulnerable versions of Poppler related to CVE-2009-1187?

What type of attack does CVE-2009-1187 relate to?

Where does CVE-2009-1187 affect Poppler?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2009-1187?

How do I fix CVE-2009-1187?

What are the vulnerable versions of Poppler related to CVE-2009-1187?

What type of attack does CVE-2009-1187 relate to?

Where does CVE-2009-1187 affect Poppler?