Vulnerability Name:

CVE-2009-0146 (CCN-50118)

Assigned:2009-04-16
Published:2009-04-16
Updated:2019-03-06
Summary:Multiple buffer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allow remote attackers to cause a denial of service (crash) via a crafted PDF file, related to (1) JBIG2SymbolDict::setBitmap and (2) JBIG2Stream::readSymbolDictSeg.
CVSS v3 Severity:7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): Low
CVSS v2 Severity:4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P)
3.2 Low (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
6.8 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)
5.0 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
6.8 Medium (REDHAT CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)
5.0 Medium (REDHAT Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
Vulnerability Type:CWE-119
Vulnerability Consequences:Gain Access
References:Source: CCN
Type: Gentoo Bugzilla Bug 263028


Source: CONFIRM
Type: UNKNOWN
http://bugs.gentoo.org/show_bug.cgi?id=263028

Source: MITRE
Type: CNA
CVE-2009-0146

Source: APPLE
Type: UNKNOWN
APPLE-SA-2009-06-17-1

Source: APPLE
Type: UNKNOWN
APPLE-SA-2009-05-12

Source: SUSE
Type: UNKNOWN
SUSE-SA:2009:024

Source: SUSE
Type: UNKNOWN
SUSE-SR:2009:010

Source: SUSE
Type: UNKNOWN
SUSE-SR:2009:012

Source: CCN
Type: RHSA-2009-0429
Important: cups security update

Source: CCN
Type: RHSA-2009-0430
Important: xpdf security update

Source: CCN
Type: RHSA-2009-0431
Important: kdegraphics security update

Source: CCN
Type: RHSA-2009-0458
Important: gpdf security update

Source: REDHAT
Type: UNKNOWN
RHSA-2009:0458

Source: CCN
Type: RHSA-2009-0480
Important: poppler security update

Source: CCN
Type: RHSA-2010-0399
Moderate: tetex security update

Source: CCN
Type: RHSA-2010-0400
Moderate: tetex security update

Source: CCN
Type: SA34291
Xpdf JBIG2 Processing Multiple Vulnerabilities

Source: SECUNIA
Type: Vendor Advisory
34291

Source: CCN
Type: SA34481
CUPS Multiple Vulnerabilities

Source: SECUNIA
Type: Vendor Advisory
34481

Source: SECUNIA
Type: Vendor Advisory
34755

Source: SECUNIA
Type: UNKNOWN
34756

Source: SECUNIA
Type: Vendor Advisory
34852

Source: SECUNIA
Type: Vendor Advisory
34959

Source: SECUNIA
Type: UNKNOWN
34963

Source: SECUNIA
Type: Vendor Advisory
34991

Source: SECUNIA
Type: UNKNOWN
35037

Source: SECUNIA
Type: Vendor Advisory
35064

Source: SECUNIA
Type: Vendor Advisory
35065

Source: CCN
Type: SA35074
Apple Mac OS X Security Update Fixes Multiple Vulnerabilities

Source: SECUNIA
Type: Vendor Advisory
35074

Source: SECUNIA
Type: Vendor Advisory
35618

Source: SECUNIA
Type: Vendor Advisory
35685

Source: CCN
Type: SA40966
KOffice PDF Import Filter Multiple Vulnerabilities

Source: GENTOO
Type: UNKNOWN
GLSA-200904-20

Source: CCN
Type: SECTRACK ID: 1022073
Xpdf Buffer Overflows and Memory Errors Let Remote Users Execute Arbitrary Code

Source: SLACKWARE
Type: UNKNOWN
SSA:2009-129-01

Source: CCN
Type: SourceForge.net: Files
PDFedit, File Release Notes and Changelog, Release Name: 0.4.3

Source: CCN
Type: Apple Web site
About the security content of Security Update 2009-002 / Mac OS X v10.5.7

Source: CONFIRM
Type: UNKNOWN
http://support.apple.com/kb/HT3549

Source: CONFIRM
Type: UNKNOWN
http://support.apple.com/kb/HT3639

Source: CCN
Type: ASA-2009-147
xpdf security update (RHSA-2009-0430)

Source: CCN
Type: ASA-2009-148
kdegraphics security update (RHSA-2009-0431)

Source: CCN
Type: ASA-2009-159
gpdf security update (RHSA-2009-0458)

Source: CCN
Type: ASA-2009-163
cups security update (RHSA-2009-0429)

Source: CCN
Type: ASA-2009-175
poppler security update (RHSA-2009-0480)

Source: CONFIRM
Type: UNKNOWN
http://wiki.rpath.com/Advisories:rPSA-2009-0059

Source: CONFIRM
Type: UNKNOWN
http://wiki.rpath.com/Advisories:rPSA-2009-0061

Source: CCN
Type: CUPS Web site
CUPS

Source: DEBIAN
Type: UNKNOWN
DSA-1790

Source: DEBIAN
Type: UNKNOWN
DSA-1793

Source: DEBIAN
Type: DSA-1790
xpdf -- multiple vulnerabilities

Source: DEBIAN
Type: DSA-1793
kdegraphics -- multiple vulnerabilities

Source: CCN
Type: Xpdf Web page
Xpdf

Source: CCN
Type: GLSA-200904-20
CUPS: Multiple vulnerabilities

Source: MANDRIVA
Type: UNKNOWN
MDVSA-2009:101

Source: MANDRIVA
Type: UNKNOWN
MDVSA-2010:087

Source: REDHAT
Type: UNKNOWN
RHSA-2009:0429

Source: REDHAT
Type: Patch
RHSA-2009:0430

Source: REDHAT
Type: UNKNOWN
RHSA-2009:0431

Source: REDHAT
Type: UNKNOWN
RHSA-2009:0480

Source: BUGTRAQ
Type: UNKNOWN
20090417 rPSA-2009-0061-1 cups

Source: BUGTRAQ
Type: UNKNOWN
20090417 rPSA-2009-0059-1 poppler

Source: BID
Type: UNKNOWN
34568

Source: CCN
Type: BID-34568
Xpdf JBIG2 Processing Multiple Security Vulnerabilities

Source: SECTRACK
Type: UNKNOWN
1022073

Source: CCN
Type: USN-759-1
poppler vulnerabilities

Source: CERT
Type: US Government Resource
TA09-133A

Source: VUPEN
Type: Vendor Advisory
ADV-2009-1065

Source: VUPEN
Type: Vendor Advisory
ADV-2009-1066

Source: VUPEN
Type: Vendor Advisory
ADV-2009-1077

Source: VUPEN
Type: Vendor Advisory
ADV-2009-1297

Source: VUPEN
Type: Vendor Advisory
ADV-2009-1621

Source: VUPEN
Type: Vendor Advisory
ADV-2010-1040

Source: CCN
Type: Red Hat Bugzilla Bug 490612
CVE-2009-0146 xpdf: Multiple buffer overflows in JBIG2 decoder (setBitmap, readSymbolDictSeg) (CVE-2009-0195)

Source: CONFIRM
Type: UNKNOWN
https://bugzilla.redhat.com/show_bug.cgi?id=490612

Source: XF
Type: UNKNOWN
multiple-jbig2-bo(50118)

Source: CCN
Type: Ubuntu Security Notice USN-973-1
koffice vulnerabilities

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:9632

Source: FEDORA
Type: UNKNOWN
FEDORA-2009-6972

Source: FEDORA
Type: UNKNOWN
FEDORA-2009-6973

Source: FEDORA
Type: UNKNOWN
FEDORA-2009-6982

Source: SUSE
Type: SUSE-SA:2009:024
cups security problems

Source: SUSE
Type: SUSE-SR:2009:010
SUSE Security Summary Report

Source: SUSE
Type: SUSE-SR:2009:012
SUSE Security Summary Report

Vulnerable Configuration:Configuration 1:
  • cpe:/a:foolabs:xpdf:0.5a:*:*:*:*:*:*:*
  • OR cpe:/a:foolabs:xpdf:0.7a:*:*:*:*:*:*:*
  • OR cpe:/a:foolabs:xpdf:0.91a:*:*:*:*:*:*:*
  • OR cpe:/a:foolabs:xpdf:0.91b:*:*:*:*:*:*:*
  • OR cpe:/a:foolabs:xpdf:0.91c:*:*:*:*:*:*:*
  • OR cpe:/a:foolabs:xpdf:0.92a:*:*:*:*:*:*:*
  • OR cpe:/a:foolabs:xpdf:0.92b:*:*:*:*:*:*:*
  • OR cpe:/a:foolabs:xpdf:0.92c:*:*:*:*:*:*:*
  • OR cpe:/a:foolabs:xpdf:0.92d:*:*:*:*:*:*:*
  • OR cpe:/a:foolabs:xpdf:0.92e:*:*:*:*:*:*:*
  • OR cpe:/a:foolabs:xpdf:0.93a:*:*:*:*:*:*:*
  • OR cpe:/a:foolabs:xpdf:0.93b:*:*:*:*:*:*:*
  • OR cpe:/a:foolabs:xpdf:0.93c:*:*:*:*:*:*:*
  • OR cpe:/a:foolabs:xpdf:1.00a:*:*:*:*:*:*:*
  • OR cpe:/a:glyphandcog:xpdfreader:0.2:*:*:*:*:*:*:*
  • OR cpe:/a:glyphandcog:xpdfreader:0.3:*:*:*:*:*:*:*
  • OR cpe:/a:glyphandcog:xpdfreader:0.4:*:*:*:*:*:*:*
  • OR cpe:/a:glyphandcog:xpdfreader:0.5:*:*:*:*:*:*:*
  • OR cpe:/a:glyphandcog:xpdfreader:0.6:*:*:*:*:*:*:*
  • OR cpe:/a:glyphandcog:xpdfreader:0.7:*:*:*:*:*:*:*
  • OR cpe:/a:glyphandcog:xpdfreader:0.80:*:*:*:*:*:*:*
  • OR cpe:/a:glyphandcog:xpdfreader:0.90:*:*:*:*:*:*:*
  • OR cpe:/a:glyphandcog:xpdfreader:0.91:*:*:*:*:*:*:*
  • OR cpe:/a:glyphandcog:xpdfreader:0.92:*:*:*:*:*:*:*
  • OR cpe:/a:glyphandcog:xpdfreader:0.93:*:*:*:*:*:*:*
  • OR cpe:/a:glyphandcog:xpdfreader:1.00:*:*:*:*:*:*:*
  • OR cpe:/a:glyphandcog:xpdfreader:1.01:*:*:*:*:*:*:*
  • OR cpe:/a:glyphandcog:xpdfreader:2.00:*:*:*:*:*:*:*
  • OR cpe:/a:glyphandcog:xpdfreader:2.01:*:*:*:*:*:*:*
  • OR cpe:/a:glyphandcog:xpdfreader:2.02:*:*:*:*:*:*:*
  • OR cpe:/a:glyphandcog:xpdfreader:2.03:*:*:*:*:*:*:*
  • OR cpe:/a:glyphandcog:xpdfreader:3.00:*:*:*:*:*:*:*
  • OR cpe:/a:glyphandcog:xpdfreader:3.01:*:*:*:*:*:*:*
  • OR cpe:/a:glyphandcog:xpdfreader:*:*:*:*:*:*:*:* (Version <= 3.02)

    • Configuration 2:
  • cpe:/a:apple:cups:1.1:*:*:*:*:*:*:*
  • OR cpe:/a:apple:cups:1.1.1:*:*:*:*:*:*:*
  • OR cpe:/a:apple:cups:1.1.2:*:*:*:*:*:*:*
  • OR cpe:/a:apple:cups:1.1.3:*:*:*:*:*:*:*
  • OR cpe:/a:apple:cups:1.1.4:*:*:*:*:*:*:*
  • OR cpe:/a:apple:cups:1.1.5:*:*:*:*:*:*:*
  • OR cpe:/a:apple:cups:1.1.5-1:*:*:*:*:*:*:*
  • OR cpe:/a:apple:cups:1.1.5-2:*:*:*:*:*:*:*
  • OR cpe:/a:apple:cups:1.1.6:*:*:*:*:*:*:*
  • OR cpe:/a:apple:cups:1.1.6-1:*:*:*:*:*:*:*
  • OR cpe:/a:apple:cups:1.1.6-2:*:*:*:*:*:*:*
  • OR cpe:/a:apple:cups:1.1.6-3:*:*:*:*:*:*:*
  • OR cpe:/a:apple:cups:1.1.7:*:*:*:*:*:*:*
  • OR cpe:/a:apple:cups:1.1.8:*:*:*:*:*:*:*
  • OR cpe:/a:apple:cups:1.1.9:*:*:*:*:*:*:*
  • OR cpe:/a:apple:cups:1.1.9-1:*:*:*:*:*:*:*
  • OR cpe:/a:apple:cups:1.1.10:*:*:*:*:*:*:*
  • OR cpe:/a:apple:cups:1.1.10-1:*:*:*:*:*:*:*
  • OR cpe:/a:apple:cups:1.1.11:*:*:*:*:*:*:*
  • OR cpe:/a:apple:cups:1.1.12:*:*:*:*:*:*:*
  • OR cpe:/a:apple:cups:1.1.13:*:*:*:*:*:*:*
  • OR cpe:/a:apple:cups:1.1.14:*:*:*:*:*:*:*
  • OR cpe:/a:apple:cups:1.1.15:*:*:*:*:*:*:*
  • OR cpe:/a:apple:cups:1.1.16:*:*:*:*:*:*:*
  • OR cpe:/a:apple:cups:1.1.17:*:*:*:*:*:*:*
  • OR cpe:/a:apple:cups:1.1.18:*:*:*:*:*:*:*
  • OR cpe:/a:apple:cups:1.1.19:*:*:*:*:*:*:*
  • OR cpe:/a:apple:cups:1.1.19:rc1:*:*:*:*:*:*
  • OR cpe:/a:apple:cups:1.1.19:rc2:*:*:*:*:*:*
  • OR cpe:/a:apple:cups:1.1.19:rc3:*:*:*:*:*:*
  • OR cpe:/a:apple:cups:1.1.19:rc4:*:*:*:*:*:*
  • OR cpe:/a:apple:cups:1.1.19:rc5:*:*:*:*:*:*
  • OR cpe:/a:apple:cups:1.1.20:*:*:*:*:*:*:*
  • OR cpe:/a:apple:cups:1.1.20:rc1:*:*:*:*:*:*
  • OR cpe:/a:apple:cups:1.1.20:rc2:*:*:*:*:*:*
  • OR cpe:/a:apple:cups:1.1.20:rc3:*:*:*:*:*:*
  • OR cpe:/a:apple:cups:1.1.20:rc4:*:*:*:*:*:*
  • OR cpe:/a:apple:cups:1.1.20:rc5:*:*:*:*:*:*
  • OR cpe:/a:apple:cups:1.1.20:rc6:*:*:*:*:*:*
  • OR cpe:/a:apple:cups:1.1.21:*:*:*:*:*:*:*
  • OR cpe:/a:apple:cups:1.1.21:rc1:*:*:*:*:*:*
  • OR cpe:/a:apple:cups:1.1.21:rc2:*:*:*:*:*:*
  • OR cpe:/a:apple:cups:1.1.22:*:*:*:*:*:*:*
  • OR cpe:/a:apple:cups:1.1.22:rc1:*:*:*:*:*:*
  • OR cpe:/a:apple:cups:1.1.22:rc2:*:*:*:*:*:*
  • OR cpe:/a:apple:cups:1.1.23:*:*:*:*:*:*:*
  • OR cpe:/a:apple:cups:1.1.23:rc1:*:*:*:*:*:*
  • OR cpe:/a:apple:cups:1.2.0:*:*:*:*:*:*:*
  • OR cpe:/a:apple:cups:1.2.1:*:*:*:*:*:*:*
  • OR cpe:/a:apple:cups:1.2.2:*:*:*:*:*:*:*
  • OR cpe:/a:apple:cups:1.2.3:*:*:*:*:*:*:*
  • OR cpe:/a:apple:cups:1.2.4:*:*:*:*:*:*:*
  • OR cpe:/a:apple:cups:1.2.5:*:*:*:*:*:*:*
  • OR cpe:/a:apple:cups:1.2.6:*:*:*:*:*:*:*
  • OR cpe:/a:apple:cups:1.2.7:*:*:*:*:*:*:*
  • OR cpe:/a:apple:cups:1.2.8:*:*:*:*:*:*:*
  • OR cpe:/a:apple:cups:1.2.9:*:*:*:*:*:*:*
  • OR cpe:/a:apple:cups:1.2.10:*:*:*:*:*:*:*
  • OR cpe:/a:apple:cups:1.2.11:*:*:*:*:*:*:*
  • OR cpe:/a:apple:cups:1.2.12:*:*:*:*:*:*:*
  • OR cpe:/a:apple:cups:1.3.0:*:*:*:*:*:*:*
  • OR cpe:/a:apple:cups:1.3.1:*:*:*:*:*:*:*
  • OR cpe:/a:apple:cups:1.3.2:*:*:*:*:*:*:*
  • OR cpe:/a:apple:cups:1.3.3:*:*:*:*:*:*:*
  • OR cpe:/a:apple:cups:1.3.4:*:*:*:*:*:*:*
  • OR cpe:/a:apple:cups:1.3.5:*:*:*:*:*:*:*
  • OR cpe:/a:apple:cups:1.3.6:*:*:*:*:*:*:*
  • OR cpe:/a:apple:cups:1.3.7:*:*:*:*:*:*:*
  • OR cpe:/a:apple:cups:1.3.8:*:*:*:*:*:*:*
  • OR cpe:/a:apple:cups:*:*:*:*:*:*:*:* (Version <= 1.3.9)
  • OR cpe:/a:apple:cups:1.3.10:*:*:*:*:*:*:*
  • OR cpe:/a:apple:cups:1.3.11:*:*:*:*:*:*:*

    • Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:4:*:*:*:*:*:*:*

    • Configuration RedHat 2:
  • cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*

    • Configuration RedHat 3:
  • cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*

    • Configuration RedHat 4:
  • cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*

    • Configuration RedHat 5:
  • cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*

    • Configuration RedHat 6:
  • cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*

    • Configuration RedHat 7:
  • cpe:/o:redhat:enterprise_linux:5::client:*:*:*:*:*

    • Configuration RedHat 8:
  • cpe:/o:redhat:enterprise_linux:5::client_workstation:*:*:*:*:*

    • Configuration RedHat 9:
  • cpe:/o:redhat:enterprise_linux:5::server:*:*:*:*:*

    • Configuration RedHat 10:
  • cpe:/a:redhat:rhel_productivity:5:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/o:apple:mac_os_x:10.5:*:*:*:*:*:*:*
  • OR cpe:/a:glyphandcog:xpdfreader:3.02:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x_server:10.5:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.4.11:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.5.1:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x_server:10.4.11:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x_server:10.5.1:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.5.2:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x_server:10.5.2:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x_server:10.5.3:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.5.3:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.5.4:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x_server:10.5.4:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.5.5:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x_server:10.5.5:*:*:*:*:*:*:*
  • OR cpe:/a:apple:cups:1.3.9:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.5.6:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x_server:10.5.6:*:*:*:*:*:*:*
  • OR cpe:/a:glyphandcog:xpdfreader:0.90:*:*:*:*:*:*:*
  • OR cpe:/a:glyphandcog:xpdfreader:0.80:*:*:*:*:*:*:*
  • OR cpe:/a:foolabs:xpdf:0.7a:*:*:*:*:*:*:*
  • OR cpe:/a:glyphandcog:xpdfreader:0.4:*:*:*:*:*:*:*
  • OR cpe:/a:glyphandcog:xpdfreader:0.3:*:*:*:*:*:*:*
  • OR cpe:/a:glyphandcog:xpdfreader:0.2:*:*:*:*:*:*:*
  • OR cpe:/a:glyphandcog:xpdfreader:0.7:*:*:*:*:*:*:*
  • OR cpe:/a:glyphandcog:xpdfreader:0.6:*:*:*:*:*:*:*
  • OR cpe:/a:foolabs:xpdf:0.5a:*:*:*:*:*:*:*
  • OR cpe:/a:foolabs:xpdf:0.5:a:*:*:*:*:*:*
  • OR cpe:/a:foolabs:xpdf:0.91a:*:*:*:*:*:*:*
  • OR cpe:/a:glyphandcog:xpdfreader:0.92:*:*:*:*:*:*:*
  • OR cpe:/a:glyphandcog:xpdfreader:0.91:*:*:*:*:*:*:*
  • OR cpe:/a:foolabs:xpdf:0.91c:*:*:*:*:*:*:*
  • OR cpe:/a:foolabs:xpdf:0.91b:*:*:*:*:*:*:*
  • OR cpe:/a:foolabs:xpdf:0.92c:*:*:*:*:*:*:*
  • OR cpe:/a:foolabs:xpdf:0.92d:*:*:*:*:*:*:*
  • OR cpe:/a:foolabs:xpdf:0.92a:*:*:*:*:*:*:*
  • OR cpe:/a:foolabs:xpdf:0.92b:*:*:*:*:*:*:*
  • OR cpe:/a:foolabs:xpdf:0.92e:*:*:*:*:*:*:*
  • OR cpe:/a:foolabs:xpdf:1.00:a:*:*:*:*:*:*
  • OR cpe:/a:glyphandcog:xpdfreader:1.01:*:*:*:*:*:*:*
  • OR cpe:/a:foolabs:xpdf:0.93c:*:*:*:*:*:*:*
  • OR cpe:/a:foolabs:xpdf:1.00a:*:*:*:*:*:*:*
  • OR cpe:/a:glyphandcog:xpdfreader:2.02:*:*:*:*:*:*:*
  • OR cpe:/a:glyphandcog:xpdfreader:2.00:*:*:*:*:*:*:*
  • OR cpe:/a:glyphandcog:xpdfreader:2.01:*:*:*:*:*:*:*
  • OR cpe:/a:foolabs:xpdf:0.93a:*:*:*:*:*:*:*
  • OR cpe:/a:foolabs:xpdf:0.93b:*:*:*:*:*:*:*
  • OR cpe:/a:foolabs:xpdf:0.93:b:*:*:*:*:*:*
  • OR cpe:/a:glyphandcog:xpdfreader:2.03:*:*:*:*:*:*:*
  • OR cpe:/a:foolabs:xpdf:3.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:glyphandcog:xpdfreader:3.00:*:*:*:*:*:*:*
  • AND
  • cpe:/o:gentoo:linux:*:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::ws:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::as:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::desktop:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*
  • OR cpe:/o:novell:linux_desktop:9:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*
  • OR cpe:/a:mandrakesoft:mandrake_multi_network_firewall:2.0:*:*:*:*:*:*:*
  • OR cpe:/o:canonical:ubuntu:6.06::lts:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0::x86_64:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0::x86_64:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:client_workstation:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2008.0::x86-64:*:*:*:*:*
  • OR cpe:/o:debian:debian_linux:4.0:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:client:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2008.0:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2008.1:x86_64:*:*:*:*:*:*
  • OR cpe:/a:novell:open_enterprise_server:*:*:*:*:*:*:*:*
  • OR cpe:/o:opensuse:opensuse:10.3:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2008.1:*:*:*:*:*:*:*
  • OR cpe:/o:canonical:ubuntu:8.04::lts:*:*:*:*:*
  • OR cpe:/o:opensuse:opensuse:11.0:*:*:*:*:*:*:*
  • OR cpe:/o:novell:suse_linux_enterprise_server:10:sp2:itanium_ia64:*:*:*:*:*
  • OR cpe:/o:mandriva:linux:2009.0:*:*:*:*:*:*:*
  • OR cpe:/o:mandriva:linux:2009.0:-:x86_64:*:*:*:*:*
  • OR cpe:/o:debian:debian_linux:5.0:*:*:*:*:*:*:*
  • OR cpe:/o:mandriva:enterprise_server:5:*:*:*:*:*:*:*
  • OR cpe:/o:mandriva:enterprise_server:5:*:*:*:x86_64:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:20090146
    V
    		CVE-2009-0146
    2022-06-30
    oval:org.opensuse.security:def:112497
    P
    		kdegraphics3-3.5.10-1.5 on GA media (Moderate)
    2022-01-17
    oval:org.opensuse.security:def:32207
    P
    		Security update for util-linux (Moderate)
    2021-10-19
    oval:org.opensuse.security:def:29435
    P
    		Security update for MozillaFirefox (Important)
    2021-10-15
    oval:org.opensuse.security:def:105990
    P
    		kdegraphics3-3.5.10-1.5 on GA media (Moderate)
    2021-10-01
    oval:org.opensuse.security:def:31208
    P
    		Security update for the Linux Kernel (Live Patch 36 for SLE 12 SP3) (Important)
    2021-06-18
    oval:org.opensuse.security:def:32073
    P
    		Security update for sudo (Important)
    2021-04-20
    oval:org.opensuse.security:def:42061
    P
    		Security update for qemu (Important)
    2021-04-16
    oval:org.opensuse.security:def:31732
    P
    		Security update for krb5-appl (Important)
    2021-02-19
    oval:org.opensuse.security:def:31340
    P
    		Security update for wpa_supplicant (Important)
    2021-02-15
    oval:org.opensuse.security:def:29399
    P
    		Security update for MozillaFirefox (Important)
    2021-01-29
    oval:org.opensuse.security:def:25981
    P
    		Security update for PackageKit (Low)
    2020-12-22
    oval:org.opensuse.security:def:35654
    P
    		xpdf-tools-3.02-138.26.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:25547
    P
    		Security update for curl (Important)
    2020-12-01
    oval:org.opensuse.security:def:26619
    P
    		ntp on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:28183
    P
    		Security update for various KMPs (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:28717
    P
    		Security update for kdebase4-workspace
    2020-12-01
    oval:org.opensuse.security:def:31134
    P
    		Security update for kvm (Important)
    2020-12-01
    oval:org.opensuse.security:def:31837
    P
    		Security update for bind (Important)
    2020-12-01
    oval:org.opensuse.security:def:31987
    P
    		Security update for java-1_7_1-ibm (Important)
    2020-12-01
    oval:org.opensuse.security:def:32600
    P
    		quagga on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25631
    P
    		Security update for tar (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26654
    P
    		xpdf-tools on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:28267
    P
    		Security update for mercurial (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:28761
    P
    		Security update for libqt4
    2020-12-01
    oval:org.opensuse.security:def:31876
    P
    		Security update for dhcp (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31988
    P
    		Security update for java-1_7_1-ibm (Important)
    2020-12-01
    oval:org.opensuse.security:def:32656
    P
    		enscript on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25205
    P
    		Security update for ceph (Important)
    2020-12-01
    oval:org.opensuse.security:def:25782
    P
    		Security update for evolution-data-server (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:28324
    P
    		Security update for perl (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31898
    P
    		Security update for MozillaFirefox, mozilla-nss (Important)
    2020-12-01
    oval:org.opensuse.security:def:31999
    P
    		Security update for xorg-x11-server (Important)
    2020-12-01
    oval:org.opensuse.security:def:32705
    P
    		libarchive2 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25206
    P
    		Security update for tigervnc (Important)
    2020-12-01
    oval:org.opensuse.security:def:25835
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:28408
    P
    		Security update for subversion (Important)
    2020-12-01
    oval:org.opensuse.security:def:31432
    P
    		Security update for php53 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31942
    P
    		Security update for gnome-session (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32744
    P
    		logwatch on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25217
    P
    		Security update for openldap2 (Important)
    2020-12-01
    oval:org.opensuse.security:def:25884
    P
    		Security update for lhasa (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:27977
    P
    		Security update for LibVNCServer (Critical)
    2020-12-01
    oval:org.opensuse.security:def:28560
    P
    		Security update for hplip
    2020-12-01
    oval:org.opensuse.security:def:31489
    P
    		Security update for python (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32580
    P
    		mozilla-xulrunner191 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32766
    P
    		pcsc-ccid on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25281
    P
    		Security update for squid (Important)
    2020-12-01
    oval:org.opensuse.security:def:25923
    P
    		Security update for util-linux (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:27978
    P
    		Security update for MozillaFirefox (Critical)
    2020-12-01
    oval:org.opensuse.security:def:28613
    P
    		Security update for xorg-x11-server
    2020-12-01
    oval:org.opensuse.security:def:31576
    P
    		Security update for sudo (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32619
    P
    		xpdf-tools on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32300
    P
    		Security update for python (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32810
    P
    		xorg-x11-libs-32bit on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25409
    P
    		Security update for apache-commons-httpclient (Important)
    2020-12-01
    oval:org.opensuse.security:def:25937
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:27989
    P
    		Security update for MozillaFirefox, MozillaFirefox-branding-SLED, firefox-gcc5, mozilla-nss (Important)
    2020-12-01
    oval:org.opensuse.security:def:28662
    P
    		Security update for finch
    2020-12-01
    oval:org.opensuse.security:def:31122
    P
    		Security update for kvm
    2020-12-01
    oval:org.opensuse.security:def:32357
    P
    		Security update for squid3 (Important)
    2020-12-01
    oval:org.opensuse.security:def:33448
    P
    		Security update for glib2
    2020-12-01
    oval:org.opensuse.security:def:25490
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:28053
    P
    		Security update for cvs (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:28701
    P
    		Security update for gnutls (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31123
    P
    		Security update for kvm (Important)
    2020-12-01
    oval:org.opensuse.security:def:31788
    P
    		Security update for MozillaFirefox (Important)
    2020-12-01
    oval:org.opensuse.security:def:32444
    P
    		Security update for xen (Important)
    2020-12-01
    oval:org.opensuse.security:def:33487
    P
    		Security update for libpoppler4
    2020-12-01
    oval:org.mitre.oval:def:28869
    P
    		RHSA-2009:0480 -- poppler security update (Important)
    2015-08-17
    oval:org.mitre.oval:def:29193
    P
    		RHSA-2009:0431 -- kdegraphics security update (Important)
    2015-08-17
    oval:org.mitre.oval:def:28592
    P
    		RHSA-2009:0429 -- cups security update (Important)
    2015-08-17
    oval:org.mitre.oval:def:13235
    P
    		DSA-1793-1 kdegraphics -- multiple
    2015-02-23
    oval:org.mitre.oval:def:7864
    P
    		DSA-1793 kdegraphics -- multiple vulnerabilities
    2015-02-23
    oval:org.mitre.oval:def:23168
    P
    		ELSA-2010:0400: tetex security update (Moderate)
    2014-07-21
    oval:org.mitre.oval:def:13857
    P
    		USN-759-1 -- poppler vulnerabilities
    2014-06-30
    oval:org.mitre.oval:def:13355
    P
    		USN-973-1 -- koffice vulnerabilities
    2014-06-30
    oval:org.mitre.oval:def:13119
    P
    		DSA-1790-1 xpdf -- multiple
    2014-06-23
    oval:org.mitre.oval:def:7718
    P
    		DSA-1790 xpdf -- multiple vulnerabilities
    2014-06-23
    oval:org.mitre.oval:def:22616
    P
    		ELSA-2009:0431: kdegraphics security update (Important)
    2014-05-26
    oval:org.mitre.oval:def:21858
    P
    		ELSA-2009:0429: cups security update (Important)
    2014-05-26
    oval:org.mitre.oval:def:21897
    P
    		ELSA-2009:0480: poppler security update (Important)
    2014-05-26
    oval:org.mitre.oval:def:22251
    P
    		RHSA-2010:0400: tetex security update (Moderate)
    2014-02-24
    oval:org.mitre.oval:def:9632
    V
    		Multiple buffer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allow remote attackers to cause a denial of service (crash) via a crafted PDF file, related to (1) JBIG2SymbolDict::setBitmap and (2) JBIG2Stream::readSymbolDictSeg.
    2013-04-29
    oval:com.redhat.rhsa:def:20100399
    P
    		RHSA-2010:0399: tetex security update (Moderate)
    2010-05-06
    oval:com.redhat.rhsa:def:20100400
    P
    		RHSA-2010:0400: tetex security update (Moderate)
    2010-05-06
    oval:com.redhat.rhsa:def:20090480
    P
    		RHSA-2009:0480: poppler security update (Important)
    2009-05-13
    oval:org.debian:def:1793
    V
    		multiple vulnerabilities
    2009-05-06
    oval:org.debian:def:1790
    V
    		multiple vulnerabilities
    2009-05-05
    oval:com.redhat.rhsa:def:20090458
    P
    		RHSA-2009:0458: gpdf security update (Important)
    2009-04-30
    oval:com.ubuntu.precise:def:20090146000
    V
    		CVE-2009-0146 on Ubuntu 12.04 LTS (precise) - medium.
    2009-04-23
    oval:com.ubuntu.trusty:def:20090146000
    V
    		CVE-2009-0146 on Ubuntu 14.04 LTS (trusty) - medium.
    2009-04-23
    oval:com.ubuntu.xenial:def:20090146000
    V
    		CVE-2009-0146 on Ubuntu 16.04 LTS (xenial) - medium.
    2009-04-23
    oval:com.ubuntu.xenial:def:200901460000000
    V
    		CVE-2009-0146 on Ubuntu 16.04 LTS (xenial) - medium.
    2009-04-23
    oval:com.redhat.rhsa:def:20090429
    P
    		RHSA-2009:0429: cups security update (Important)
    2009-04-16
    oval:com.redhat.rhsa:def:20090430
    P
    		RHSA-2009:0430: xpdf security update (Important)
    2009-04-16
    oval:com.redhat.rhsa:def:20090431
    P
    		RHSA-2009:0431: kdegraphics security update (Important)
    2009-04-16
    BACK
    foolabs xpdf 0.5a
    foolabs xpdf 0.7a
    foolabs xpdf 0.91a
    foolabs xpdf 0.91b
    foolabs xpdf 0.91c
    foolabs xpdf 0.92a
    foolabs xpdf 0.92b
    foolabs xpdf 0.92c
    foolabs xpdf 0.92d
    foolabs xpdf 0.92e
    foolabs xpdf 0.93a
    foolabs xpdf 0.93b
    foolabs xpdf 0.93c
    foolabs xpdf 1.00a
    glyphandcog xpdfreader 0.2
    glyphandcog xpdfreader 0.3
    glyphandcog xpdfreader 0.4
    glyphandcog xpdfreader 0.5
    glyphandcog xpdfreader 0.6
    glyphandcog xpdfreader 0.7
    glyphandcog xpdfreader 0.80
    glyphandcog xpdfreader 0.90
    glyphandcog xpdfreader 0.91
    glyphandcog xpdfreader 0.92
    glyphandcog xpdfreader 0.93
    glyphandcog xpdfreader 1.00
    glyphandcog xpdfreader 1.01
    glyphandcog xpdfreader 2.00
    glyphandcog xpdfreader 2.01
    glyphandcog xpdfreader 2.02
    glyphandcog xpdfreader 2.03
    glyphandcog xpdfreader 3.00
    glyphandcog xpdfreader 3.01
    glyphandcog xpdfreader *
    apple cups 1.1
    apple cups 1.1.1
    apple cups 1.1.2
    apple cups 1.1.3
    apple cups 1.1.4
    apple cups 1.1.5
    apple cups 1.1.5-1
    apple cups 1.1.5-2
    apple cups 1.1.6
    apple cups 1.1.6-1
    apple cups 1.1.6-2
    apple cups 1.1.6-3
    apple cups 1.1.7
    apple cups 1.1.8
    apple cups 1.1.9
    apple cups 1.1.9-1
    apple cups 1.1.10
    apple cups 1.1.10-1
    apple cups 1.1.11
    apple cups 1.1.12
    apple cups 1.1.13
    apple cups 1.1.14
    apple cups 1.1.15
    apple cups 1.1.16
    apple cups 1.1.17
    apple cups 1.1.18
    apple cups 1.1.19
    apple cups 1.1.19 rc1
    apple cups 1.1.19 rc2
    apple cups 1.1.19 rc3
    apple cups 1.1.19 rc4
    apple cups 1.1.19 rc5
    apple cups 1.1.20
    apple cups 1.1.20 rc1
    apple cups 1.1.20 rc2
    apple cups 1.1.20 rc3
    apple cups 1.1.20 rc4
    apple cups 1.1.20 rc5
    apple cups 1.1.20 rc6
    apple cups 1.1.21
    apple cups 1.1.21 rc1
    apple cups 1.1.21 rc2
    apple cups 1.1.22
    apple cups 1.1.22 rc1
    apple cups 1.1.22 rc2
    apple cups 1.1.23
    apple cups 1.1.23 rc1
    apple cups 1.2.0
    apple cups 1.2.1
    apple cups 1.2.2
    apple cups 1.2.3
    apple cups 1.2.4
    apple cups 1.2.5
    apple cups 1.2.6
    apple cups 1.2.7
    apple cups 1.2.8
    apple cups 1.2.9
    apple cups 1.2.10
    apple cups 1.2.11
    apple cups 1.2.12
    apple cups 1.3.0
    apple cups 1.3.1
    apple cups 1.3.2
    apple cups 1.3.3
    apple cups 1.3.4
    apple cups 1.3.5
    apple cups 1.3.6
    apple cups 1.3.7
    apple cups 1.3.8
    apple cups *
    apple cups 1.3.10
    apple cups 1.3.11
    apple mac os x 10.5
    foolabs xpdf 3.02
    apple mac os x server 10.5
    apple mac os x 10.4.11
    apple mac os x 10.5.1
    apple mac os x server 10.4.11
    apple mac os x server 10.5.1
    apple mac os x 10.5.2
    apple mac os x server 10.5.2
    apple mac os x server 10.5.3
    apple mac os x 10.5.3
    apple mac os x 10.5.4
    apple mac os x server 10.5.4
    apple mac os x 10.5.5
    apple mac os x server 10.5.5
    apple cups 1.3.9
    apple mac os x 10.5.6
    apple mac os x server 10.5.6
    foolabs xpdf 0.90
    foolabs xpdf 0.80
    foolabs xpdf 0.7a
    foolabs xpdf 0.4
    foolabs xpdf 0.3
    foolabs xpdf 0.2
    foolabs xpdf 0.7
    foolabs xpdf 0.6
    foolabs xpdf 0.5a
    foolabs xpdf 0.5 a
    foolabs xpdf 0.91a
    foolabs xpdf 0.92
    foolabs xpdf 0.91
    foolabs xpdf 0.91c
    foolabs xpdf 0.91b
    foolabs xpdf 0.92c
    foolabs xpdf 0.92d
    foolabs xpdf 0.92a
    foolabs xpdf 0.92b
    foolabs xpdf 0.92e
    foolabs xpdf 1.00 a
    foolabs xpdf 1.01
    foolabs xpdf 0.93c
    foolabs xpdf 1.00a
    foolabs xpdf 2.02
    foolabs xpdf 2.00
    foolabs xpdf 2.01
    foolabs xpdf 0.93a
    foolabs xpdf 0.93b
    foolabs xpdf 0.93 b
    foolabs xpdf 2.03
    foolabs xpdf 3.0.1
    foolabs xpdf 3.00
    gentoo linux *
    redhat enterprise linux 3
    redhat enterprise linux 3
    redhat enterprise linux 3
    redhat enterprise linux 3
    mandrakesoft mandrake linux corporate server 3.0
    redhat enterprise linux 4
    redhat enterprise linux 4
    novell linux desktop 9
    redhat enterprise linux 4
    redhat enterprise linux 4
    mandrakesoft mandrake multi network firewall 2.0
    canonical ubuntu 6.06
    mandrakesoft mandrake linux corporate server 4.0
    mandrakesoft mandrake linux corporate server 4.0
    mandrakesoft mandrake linux corporate server 3.0
    redhat enterprise linux 5
    redhat enterprise linux 5
    mandrakesoft mandrake linux 2008.0
    debian debian linux 4.0
    redhat enterprise linux 5
    mandrakesoft mandrake linux 2008.0
    mandrakesoft mandrake linux 2008.1 x86_64
    novell open enterprise server *
    novell opensuse 10.3
    mandrakesoft mandrake linux 2008.1
    canonical ubuntu 8.04
    novell opensuse 11.0
    novell suse linux enterprise server 10 sp2
    mandriva linux 2009.0
    mandriva linux 2009.0 -
    debian debian linux 5.0
    mandriva enterprise server 5
    mandriva enterprise server 5