Vulnerability CVE-2009-0166 - CERT Civis.Net

Vulnerability Name:

CVE-2009-0166 (CCN-50125)

Assigned:

2009-04-16

Published:

2009-04-16

Updated:

2019-03-06

Summary:

The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers a free of uninitialized memory.

CVSS v3 Severity:

5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Low

CVSS v2 Severity:

4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P)
3.2 Low (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

4.3 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P)
3.2 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

4.3 Medium (REDHAT CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P)
3.2 Low (REDHAT Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

Vulnerability Type:

Vulnerability Consequences:

Denial of Service

References:

Source: MITRE
Type: CNA
CVE-2009-0166

Source: SUSE
Type: UNKNOWN
SUSE-SA:2009:024

Source: SUSE
Type: UNKNOWN
SUSE-SR:2009:010

Source: SUSE
Type: UNKNOWN
SUSE-SR:2009:012

Source: CCN
Type: RHSA-2009-0429
Important: cups security update

Source: CCN
Type: RHSA-2009-0430
Important: xpdf security update

Source: CCN
Type: RHSA-2009-0431
Important: kdegraphics security update

Source: CCN
Type: RHSA-2009-0458
Important: gpdf security update

Source: REDHAT
Type: Patch
RHSA-2009:0458

Source: CCN
Type: RHSA-2009-0480
Important: poppler security update

Source: CCN
Type: RHSA-2010-0399
Moderate: tetex security update

Source: CCN
Type: RHSA-2010-0400
Moderate: tetex security update

Source: CCN
Type: SA34291
Xpdf JBIG2 Processing Multiple Vulnerabilities

Source: SECUNIA
Type: Vendor Advisory
34291

Source: CCN
Type: SA34481
CUPS Multiple Vulnerabilities

Source: SECUNIA
Type: Vendor Advisory
34481

Source: SECUNIA
Type: Vendor Advisory
34755

Source: SECUNIA
Type: Vendor Advisory
34756

Source: SECUNIA
Type: Vendor Advisory
34852

Source: SECUNIA
Type: Vendor Advisory
34959

Source: SECUNIA
Type: Vendor Advisory
34963

Source: SECUNIA
Type: Vendor Advisory
34991

Source: SECUNIA
Type: Vendor Advisory
35037

Source: SECUNIA
Type: Vendor Advisory
35064

Source: SECUNIA
Type: Vendor Advisory
35065

Source: SECUNIA
Type: Vendor Advisory
35618

Source: SECUNIA
Type: Vendor Advisory
35685

Source: CCN
Type: SA40966
KOffice PDF Import Filter Multiple Vulnerabilities

Source: GENTOO
Type: UNKNOWN
GLSA-200904-20

Source: CCN
Type: SECTRACK ID: 1022073
Xpdf Buffer Overflows and Memory Errors Let Remote Users Execute Arbitrary Code

Source: SLACKWARE
Type: UNKNOWN
SSA:2009-129-01

Source: CCN
Type: SourceForge.net: Files
PDFedit, File Release Notes and Changelog, Release Name: 0.4.3

Source: CCN
Type: ASA-2009-147
xpdf security update (RHSA-2009-0430)

Source: CCN
Type: ASA-2009-148
kdegraphics security update (RHSA-2009-0431)

Source: CCN
Type: ASA-2009-159
gpdf security update (RHSA-2009-0458)

Source: CCN
Type: ASA-2009-163
cups security update (RHSA-2009-0429)

Source: CCN
Type: ASA-2009-175
poppler security update (RHSA-2009-0480)

Source: CONFIRM
Type: UNKNOWN
http://wiki.rpath.com/Advisories:rPSA-2009-0061

Source: CCN
Type: CUPS Web site
CUPS

Source: DEBIAN
Type: Patch
DSA-1790

Source: DEBIAN
Type: Patch
DSA-1793

Source: DEBIAN
Type: DSA-1790
xpdf -- multiple vulnerabilities

Source: DEBIAN
Type: DSA-1793
kdegraphics -- multiple vulnerabilities

Source: CCN
Type: Xpdf Web page
Xpdf

Source: CCN
Type: GLSA-200904-20
CUPS: Multiple vulnerabilities

Source: MANDRIVA
Type: UNKNOWN
MDVSA-2009:101

Source: MANDRIVA
Type: UNKNOWN
MDVSA-2010:087

Source: REDHAT
Type: Patch
RHSA-2009:0429

Source: REDHAT
Type: Patch
RHSA-2009:0430

Source: REDHAT
Type: Patch
RHSA-2009:0431

Source: REDHAT
Type: Patch
RHSA-2009:0480

Source: BUGTRAQ
Type: UNKNOWN
20090417 rPSA-2009-0061-1 cups

Source: BID
Type: Patch
34568

Source: CCN
Type: BID-34568
Xpdf JBIG2 Processing Multiple Security Vulnerabilities

Source: SECTRACK
Type: UNKNOWN
1022073

Source: CCN
Type: USN-759-1
poppler vulnerabilities

Source: VUPEN
Type: Vendor Advisory
ADV-2009-1065

Source: VUPEN
Type: Patch, Vendor Advisory
ADV-2009-1066

Source: VUPEN
Type: Vendor Advisory
ADV-2009-1077

Source: VUPEN
Type: Vendor Advisory
ADV-2010-1040

Source: CCN
Type: Red Hat Bugzilla Bug 490625
CVE-2009-0166 xpdf: Freeing of potentially uninitialized memory in JBIG2 decoder

Source: CONFIRM
Type: UNKNOWN
https://bugzilla.redhat.com/show_bug.cgi?id=490625

Source: XF
Type: UNKNOWN
multiple-jbig2-dos(50125)

Source: CCN
Type: Ubuntu Security Notice USN-973-1
koffice vulnerabilities

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:9778

Source: FEDORA
Type: UNKNOWN
FEDORA-2009-6972

Source: FEDORA
Type: UNKNOWN
FEDORA-2009-6973

Source: FEDORA
Type: UNKNOWN
FEDORA-2009-6982

Source: SUSE
Type: SUSE-SA:2009:024
cups security problems

Source: SUSE
Type: SUSE-SR:2009:010
SUSE Security Summary Report

Source: SUSE
Type: SUSE-SR:2009:012
SUSE Security Summary Report

Vulnerable Configuration:

Configuration 1:

cpe:/a:foolabs:xpdf:0.5a:*:*:*:*:*:*:*

OR cpe:/a:foolabs:xpdf:0.7a:*:*:*:*:*:*:*

OR cpe:/a:foolabs:xpdf:0.91a:*:*:*:*:*:*:*

OR cpe:/a:foolabs:xpdf:0.91b:*:*:*:*:*:*:*

OR cpe:/a:foolabs:xpdf:0.91c:*:*:*:*:*:*:*

OR cpe:/a:foolabs:xpdf:0.92a:*:*:*:*:*:*:*

OR cpe:/a:foolabs:xpdf:0.92b:*:*:*:*:*:*:*

OR cpe:/a:foolabs:xpdf:0.92c:*:*:*:*:*:*:*

OR cpe:/a:foolabs:xpdf:0.92d:*:*:*:*:*:*:*

OR cpe:/a:foolabs:xpdf:0.92e:*:*:*:*:*:*:*

OR cpe:/a:foolabs:xpdf:0.93a:*:*:*:*:*:*:*

OR cpe:/a:foolabs:xpdf:0.93b:*:*:*:*:*:*:*

OR cpe:/a:foolabs:xpdf:0.93c:*:*:*:*:*:*:*

OR cpe:/a:foolabs:xpdf:1.00a:*:*:*:*:*:*:*

OR cpe:/a:glyphandcog:xpdfreader:0.2:*:*:*:*:*:*:*

OR cpe:/a:glyphandcog:xpdfreader:0.3:*:*:*:*:*:*:*

OR cpe:/a:glyphandcog:xpdfreader:0.4:*:*:*:*:*:*:*

OR cpe:/a:glyphandcog:xpdfreader:0.5:*:*:*:*:*:*:*

OR cpe:/a:glyphandcog:xpdfreader:0.6:*:*:*:*:*:*:*

OR cpe:/a:glyphandcog:xpdfreader:0.7:*:*:*:*:*:*:*

OR cpe:/a:glyphandcog:xpdfreader:0.80:*:*:*:*:*:*:*

OR cpe:/a:glyphandcog:xpdfreader:0.90:*:*:*:*:*:*:*

OR cpe:/a:glyphandcog:xpdfreader:0.91:*:*:*:*:*:*:*

OR cpe:/a:glyphandcog:xpdfreader:0.92:*:*:*:*:*:*:*

OR cpe:/a:glyphandcog:xpdfreader:0.93:*:*:*:*:*:*:*

OR cpe:/a:glyphandcog:xpdfreader:1.00:*:*:*:*:*:*:*

OR cpe:/a:glyphandcog:xpdfreader:1.01:*:*:*:*:*:*:*

OR cpe:/a:glyphandcog:xpdfreader:2.00:*:*:*:*:*:*:*

OR cpe:/a:glyphandcog:xpdfreader:2.01:*:*:*:*:*:*:*

OR cpe:/a:glyphandcog:xpdfreader:2.02:*:*:*:*:*:*:*

OR cpe:/a:glyphandcog:xpdfreader:2.03:*:*:*:*:*:*:*

OR cpe:/a:glyphandcog:xpdfreader:3.00:*:*:*:*:*:*:*

OR cpe:/a:glyphandcog:xpdfreader:3.01:*:*:*:*:*:*:*

OR cpe:/a:glyphandcog:xpdfreader:*:*:*:*:*:*:*:* (Version <= 3.02)

Configuration 2:

cpe:/a:poppler:poppler:0.1:*:*:*:*:*:*:*

OR cpe:/a:poppler:poppler:0.1.1:*:*:*:*:*:*:*

OR cpe:/a:poppler:poppler:0.1.2:*:*:*:*:*:*:*

OR cpe:/a:poppler:poppler:0.2.0:*:*:*:*:*:*:*

OR cpe:/a:poppler:poppler:0.3.0:*:*:*:*:*:*:*

OR cpe:/a:poppler:poppler:0.3.1:*:*:*:*:*:*:*

OR cpe:/a:poppler:poppler:0.3.2:*:*:*:*:*:*:*

OR cpe:/a:poppler:poppler:0.3.3:*:*:*:*:*:*:*

OR cpe:/a:poppler:poppler:0.4.0:*:*:*:*:*:*:*

OR cpe:/a:poppler:poppler:0.4.1:*:*:*:*:*:*:*

OR cpe:/a:poppler:poppler:0.4.2:*:*:*:*:*:*:*

OR cpe:/a:poppler:poppler:0.4.3:*:*:*:*:*:*:*

OR cpe:/a:poppler:poppler:0.4.4:*:*:*:*:*:*:*

OR cpe:/a:poppler:poppler:0.5.0:*:*:*:*:*:*:*

OR cpe:/a:poppler:poppler:0.5.1:*:*:*:*:*:*:*

OR cpe:/a:poppler:poppler:0.5.2:*:*:*:*:*:*:*

OR cpe:/a:poppler:poppler:0.5.3:*:*:*:*:*:*:*

OR cpe:/a:poppler:poppler:0.5.4:*:*:*:*:*:*:*

OR cpe:/a:poppler:poppler:0.5.9:*:*:*:*:*:*:*

OR cpe:/a:poppler:poppler:0.5.90:*:*:*:*:*:*:*

OR cpe:/a:poppler:poppler:0.5.91:*:*:*:*:*:*:*

OR cpe:/a:poppler:poppler:0.6.0:*:*:*:*:*:*:*

OR cpe:/a:poppler:poppler:0.6.1:*:*:*:*:*:*:*

OR cpe:/a:poppler:poppler:0.6.2:*:*:*:*:*:*:*

OR cpe:/a:poppler:poppler:0.6.3:*:*:*:*:*:*:*

OR cpe:/a:poppler:poppler:0.6.4:*:*:*:*:*:*:*

OR cpe:/a:poppler:poppler:0.7.0:*:*:*:*:*:*:*

OR cpe:/a:poppler:poppler:0.7.1:*:*:*:*:*:*:*

OR cpe:/a:poppler:poppler:0.7.2:*:*:*:*:*:*:*

OR cpe:/a:poppler:poppler:0.7.3:*:*:*:*:*:*:*

OR cpe:/a:poppler:poppler:0.8.0:*:*:*:*:*:*:*

OR cpe:/a:poppler:poppler:0.8.1:*:*:*:*:*:*:*

OR cpe:/a:poppler:poppler:0.8.2:*:*:*:*:*:*:*

OR cpe:/a:poppler:poppler:0.8.3:*:*:*:*:*:*:*

OR cpe:/a:poppler:poppler:0.8.4:*:*:*:*:*:*:*

OR cpe:/a:poppler:poppler:0.8.5:*:*:*:*:*:*:*

OR cpe:/a:poppler:poppler:0.8.6:*:*:*:*:*:*:*

OR cpe:/a:poppler:poppler:0.8.7:*:*:*:*:*:*:*

OR cpe:/a:poppler:poppler:0.9.0:*:*:*:*:*:*:*

OR cpe:/a:poppler:poppler:0.9.1:*:*:*:*:*:*:*

OR cpe:/a:poppler:poppler:0.9.2:*:*:*:*:*:*:*

OR cpe:/a:poppler:poppler:0.9.3:*:*:*:*:*:*:*

OR cpe:/a:poppler:poppler:0.10.0:*:*:*:*:*:*:*

OR cpe:/a:poppler:poppler:0.10.1:*:*:*:*:*:*:*

OR cpe:/a:poppler:poppler:0.10.2:*:*:*:*:*:*:*

OR cpe:/a:poppler:poppler:0.10.3:*:*:*:*:*:*:*

OR cpe:/a:poppler:poppler:0.10.4:*:*:*:*:*:*:*

OR cpe:/a:poppler:poppler:*:*:*:*:*:*:*:* (Version <= 0.10.5)

Configuration 3:

cpe:/a:apple:cups:1.1:*:*:*:*:*:*:*

OR cpe:/a:apple:cups:1.1.1:*:*:*:*:*:*:*

OR cpe:/a:apple:cups:1.1.2:*:*:*:*:*:*:*

OR cpe:/a:apple:cups:1.1.3:*:*:*:*:*:*:*

OR cpe:/a:apple:cups:1.1.4:*:*:*:*:*:*:*

OR cpe:/a:apple:cups:1.1.5:*:*:*:*:*:*:*

OR cpe:/a:apple:cups:1.1.5-1:*:*:*:*:*:*:*

OR cpe:/a:apple:cups:1.1.5-2:*:*:*:*:*:*:*

OR cpe:/a:apple:cups:1.1.6:*:*:*:*:*:*:*

OR cpe:/a:apple:cups:1.1.6-1:*:*:*:*:*:*:*

OR cpe:/a:apple:cups:1.1.6-2:*:*:*:*:*:*:*

OR cpe:/a:apple:cups:1.1.6-3:*:*:*:*:*:*:*

OR cpe:/a:apple:cups:1.1.7:*:*:*:*:*:*:*

OR cpe:/a:apple:cups:1.1.8:*:*:*:*:*:*:*

OR cpe:/a:apple:cups:1.1.9:*:*:*:*:*:*:*

OR cpe:/a:apple:cups:1.1.9-1:*:*:*:*:*:*:*

OR cpe:/a:apple:cups:1.1.10:*:*:*:*:*:*:*

OR cpe:/a:apple:cups:1.1.10-1:*:*:*:*:*:*:*

OR cpe:/a:apple:cups:1.1.11:*:*:*:*:*:*:*

OR cpe:/a:apple:cups:1.1.12:*:*:*:*:*:*:*

OR cpe:/a:apple:cups:1.1.13:*:*:*:*:*:*:*

OR cpe:/a:apple:cups:1.1.14:*:*:*:*:*:*:*

OR cpe:/a:apple:cups:1.1.15:*:*:*:*:*:*:*

OR cpe:/a:apple:cups:1.1.16:*:*:*:*:*:*:*

OR cpe:/a:apple:cups:1.1.17:*:*:*:*:*:*:*

OR cpe:/a:apple:cups:1.1.18:*:*:*:*:*:*:*

OR cpe:/a:apple:cups:1.1.19:*:*:*:*:*:*:*

OR cpe:/a:apple:cups:1.1.19:rc1:*:*:*:*:*:*

OR cpe:/a:apple:cups:1.1.19:rc2:*:*:*:*:*:*

OR cpe:/a:apple:cups:1.1.19:rc3:*:*:*:*:*:*

OR cpe:/a:apple:cups:1.1.19:rc4:*:*:*:*:*:*

OR cpe:/a:apple:cups:1.1.19:rc5:*:*:*:*:*:*

OR cpe:/a:apple:cups:1.1.20:*:*:*:*:*:*:*

OR cpe:/a:apple:cups:1.1.20:rc1:*:*:*:*:*:*

OR cpe:/a:apple:cups:1.1.20:rc2:*:*:*:*:*:*

OR cpe:/a:apple:cups:1.1.20:rc3:*:*:*:*:*:*

OR cpe:/a:apple:cups:1.1.20:rc4:*:*:*:*:*:*

OR cpe:/a:apple:cups:1.1.20:rc5:*:*:*:*:*:*

OR cpe:/a:apple:cups:1.1.20:rc6:*:*:*:*:*:*

OR cpe:/a:apple:cups:1.1.21:*:*:*:*:*:*:*

OR cpe:/a:apple:cups:1.1.21:rc1:*:*:*:*:*:*

OR cpe:/a:apple:cups:1.1.21:rc2:*:*:*:*:*:*

OR cpe:/a:apple:cups:1.1.22:*:*:*:*:*:*:*

OR cpe:/a:apple:cups:1.1.22:rc1:*:*:*:*:*:*

OR cpe:/a:apple:cups:1.1.22:rc2:*:*:*:*:*:*

OR cpe:/a:apple:cups:1.1.23:*:*:*:*:*:*:*

OR cpe:/a:apple:cups:1.1.23:rc1:*:*:*:*:*:*

OR cpe:/a:apple:cups:1.2.0:*:*:*:*:*:*:*

OR cpe:/a:apple:cups:1.2.1:*:*:*:*:*:*:*

OR cpe:/a:apple:cups:1.2.2:*:*:*:*:*:*:*

OR cpe:/a:apple:cups:1.2.3:*:*:*:*:*:*:*

OR cpe:/a:apple:cups:1.2.4:*:*:*:*:*:*:*

OR cpe:/a:apple:cups:1.2.5:*:*:*:*:*:*:*

OR cpe:/a:apple:cups:1.2.6:*:*:*:*:*:*:*

OR cpe:/a:apple:cups:1.2.7:*:*:*:*:*:*:*

OR cpe:/a:apple:cups:1.2.8:*:*:*:*:*:*:*

OR cpe:/a:apple:cups:1.2.9:*:*:*:*:*:*:*

OR cpe:/a:apple:cups:1.2.10:*:*:*:*:*:*:*

OR cpe:/a:apple:cups:1.2.11:*:*:*:*:*:*:*

OR cpe:/a:apple:cups:1.2.12:*:*:*:*:*:*:*

OR cpe:/a:apple:cups:1.3.0:*:*:*:*:*:*:*

OR cpe:/a:apple:cups:1.3.1:*:*:*:*:*:*:*

OR cpe:/a:apple:cups:1.3.2:*:*:*:*:*:*:*

OR cpe:/a:apple:cups:1.3.3:*:*:*:*:*:*:*

OR cpe:/a:apple:cups:1.3.4:*:*:*:*:*:*:*

OR cpe:/a:apple:cups:1.3.5:*:*:*:*:*:*:*

OR cpe:/a:apple:cups:1.3.6:*:*:*:*:*:*:*

OR cpe:/a:apple:cups:1.3.7:*:*:*:*:*:*:*

OR cpe:/a:apple:cups:1.3.8:*:*:*:*:*:*:*

OR cpe:/a:apple:cups:*:*:*:*:*:*:*:* (Version <= 1.3.9)

OR cpe:/a:apple:cups:1.3.10:*:*:*:*:*:*:*

OR cpe:/a:apple:cups:1.3.11:*:*:*:*:*:*:*

Configuration RedHat 1:

cpe:/o:redhat:enterprise_linux:4:*:*:*:*:*:*:*

Configuration RedHat 2:

cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*

Configuration RedHat 3:

cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*

Configuration RedHat 4:

cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*

Configuration RedHat 5:

cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*

Configuration RedHat 6:

cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*

Configuration RedHat 7:

cpe:/o:redhat:enterprise_linux:5::client:*:*:*:*:*

Configuration RedHat 8:

cpe:/o:redhat:enterprise_linux:5::client_workstation:*:*:*:*:*

Configuration RedHat 9:

cpe:/o:redhat:enterprise_linux:5::server:*:*:*:*:*

Configuration RedHat 10:

cpe:/a:redhat:rhel_productivity:5:*:*:*:*:*:*:*

Configuration CCN 1:

cpe:/a:glyphandcog:xpdfreader:3.02:*:*:*:*:*:*:*

OR cpe:/a:apple:cups:1.3.9:*:*:*:*:*:*:*

OR cpe:/a:glyphandcog:xpdfreader:0.90:*:*:*:*:*:*:*

OR cpe:/a:glyphandcog:xpdfreader:0.80:*:*:*:*:*:*:*

OR cpe:/a:foolabs:xpdf:0.7a:*:*:*:*:*:*:*

OR cpe:/a:glyphandcog:xpdfreader:0.4:*:*:*:*:*:*:*

OR cpe:/a:glyphandcog:xpdfreader:0.3:*:*:*:*:*:*:*

OR cpe:/a:glyphandcog:xpdfreader:0.2:*:*:*:*:*:*:*

OR cpe:/a:glyphandcog:xpdfreader:0.7:*:*:*:*:*:*:*

OR cpe:/a:glyphandcog:xpdfreader:0.6:*:*:*:*:*:*:*

OR cpe:/a:foolabs:xpdf:0.5a:*:*:*:*:*:*:*

OR cpe:/a:foolabs:xpdf:0.5:a:*:*:*:*:*:*

OR cpe:/a:foolabs:xpdf:0.91a:*:*:*:*:*:*:*

OR cpe:/a:glyphandcog:xpdfreader:0.92:*:*:*:*:*:*:*

OR cpe:/a:glyphandcog:xpdfreader:0.91:*:*:*:*:*:*:*

OR cpe:/a:foolabs:xpdf:0.91c:*:*:*:*:*:*:*

OR cpe:/a:foolabs:xpdf:0.91b:*:*:*:*:*:*:*

OR cpe:/a:foolabs:xpdf:0.92c:*:*:*:*:*:*:*

OR cpe:/a:foolabs:xpdf:0.92d:*:*:*:*:*:*:*

OR cpe:/a:foolabs:xpdf:0.92a:*:*:*:*:*:*:*

OR cpe:/a:foolabs:xpdf:0.92b:*:*:*:*:*:*:*

OR cpe:/a:foolabs:xpdf:0.92e:*:*:*:*:*:*:*

OR cpe:/a:foolabs:xpdf:1.00:a:*:*:*:*:*:*

OR cpe:/a:glyphandcog:xpdfreader:1.01:*:*:*:*:*:*:*

OR cpe:/a:foolabs:xpdf:0.93c:*:*:*:*:*:*:*

OR cpe:/a:foolabs:xpdf:1.00a:*:*:*:*:*:*:*

OR cpe:/a:glyphandcog:xpdfreader:2.02:*:*:*:*:*:*:*

OR cpe:/a:glyphandcog:xpdfreader:2.00:*:*:*:*:*:*:*

OR cpe:/a:glyphandcog:xpdfreader:2.01:*:*:*:*:*:*:*

OR cpe:/a:foolabs:xpdf:0.93a:*:*:*:*:*:*:*

OR cpe:/a:foolabs:xpdf:0.93b:*:*:*:*:*:*:*

OR cpe:/a:foolabs:xpdf:0.93:b:*:*:*:*:*:*

OR cpe:/a:glyphandcog:xpdfreader:2.03:*:*:*:*:*:*:*

OR cpe:/a:foolabs:xpdf:3.0.1:*:*:*:*:*:*:*

OR cpe:/a:glyphandcog:xpdfreader:3.00:*:*:*:*:*:*:*

AND

cpe:/o:gentoo:linux:*:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:3::ws:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:3::es:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:3::as:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:3::desktop:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*

OR cpe:/o:novell:linux_desktop:9:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*

OR cpe:/a:mandrakesoft:mandrake_multi_network_firewall:2.0:*:*:*:*:*:*:*

OR cpe:/o:canonical:ubuntu:6.06::lts:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0::x86_64:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0::x86_64:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:5:*:client_workstation:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:2008.0::x86-64:*:*:*:*:*

OR cpe:/o:debian:debian_linux:4.0:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:5:*:client:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:2008.0:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:2008.1:x86_64:*:*:*:*:*:*

OR cpe:/a:novell:open_enterprise_server:*:*:*:*:*:*:*:*

OR cpe:/o:opensuse:opensuse:10.3:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:2008.1:*:*:*:*:*:*:*

OR cpe:/o:canonical:ubuntu:8.04::lts:*:*:*:*:*

OR cpe:/o:opensuse:opensuse:11.0:*:*:*:*:*:*:*

OR cpe:/o:novell:suse_linux_enterprise_server:10:sp2:itanium_ia64:*:*:*:*:*

OR cpe:/o:mandriva:linux:2009.0:*:*:*:*:*:*:*

OR cpe:/o:mandriva:linux:2009.0:-:x86_64:*:*:*:*:*

OR cpe:/o:debian:debian_linux:5.0:*:*:*:*:*:*:*

OR cpe:/o:mandriva:enterprise_server:5:*:*:*:*:*:*:*

OR cpe:/o:mandriva:enterprise_server:5:*:*:*:x86_64:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20090166	V	CVE-2009-0166	2022-05-20
oval:org.opensuse.security:def:32207	P	Security update for util-linux (Moderate)	2021-10-19
oval:org.opensuse.security:def:29435	P	Security update for MozillaFirefox (Important)	2021-10-15
oval:org.opensuse.security:def:32073	P	Security update for sudo (Important)	2021-04-20
oval:org.opensuse.security:def:29399	P	Security update for MozillaFirefox (Important)	2021-01-29
oval:org.opensuse.security:def:28613	P	Security update for xorg-x11-server	2020-12-01
oval:org.opensuse.security:def:32300	P	Security update for python (Moderate)	2020-12-01
oval:org.opensuse.security:def:27989	P	Security update for MozillaFirefox, MozillaFirefox-branding-SLED, firefox-gcc5, mozilla-nss (Important)	2020-12-01
oval:org.opensuse.security:def:33448	P	Security update for glib2	2020-12-01
oval:org.opensuse.security:def:28701	P	Security update for gnutls (Moderate)	2020-12-01
oval:org.opensuse.security:def:32444	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:28183	P	Security update for various KMPs (Moderate)	2020-12-01
oval:org.opensuse.security:def:31987	P	Security update for java-1_7_1-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:28761	P	Security update for libqt4	2020-12-01
oval:org.opensuse.security:def:32656	P	enscript on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28324	P	Security update for perl (Moderate)	2020-12-01
oval:org.opensuse.security:def:31999	P	Security update for xorg-x11-server (Important)	2020-12-01
oval:org.opensuse.security:def:32744	P	logwatch on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28560	P	Security update for hplip	2020-12-01
oval:org.opensuse.security:def:27978	P	Security update for MozillaFirefox (Critical)	2020-12-01
oval:org.opensuse.security:def:32810	P	xorg-x11-libs-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28662	P	Security update for finch	2020-12-01
oval:org.opensuse.security:def:32357	P	Security update for squid3 (Important)	2020-12-01
oval:org.opensuse.security:def:28053	P	Security update for cvs (Moderate)	2020-12-01
oval:org.opensuse.security:def:33487	P	Security update for libpoppler4	2020-12-01
oval:org.opensuse.security:def:28717	P	Security update for kdebase4-workspace	2020-12-01
oval:org.opensuse.security:def:32600	P	quagga on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28267	P	Security update for mercurial (Moderate)	2020-12-01
oval:org.opensuse.security:def:31988	P	Security update for java-1_7_1-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:32705	P	libarchive2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28408	P	Security update for subversion (Important)	2020-12-01
oval:org.opensuse.security:def:27977	P	Security update for LibVNCServer (Critical)	2020-12-01
oval:org.opensuse.security:def:32766	P	pcsc-ccid on GA media (Moderate)	2020-12-01
oval:org.mitre.oval:def:29193	P	RHSA-2009:0431 -- kdegraphics security update (Important)	2015-08-17
oval:org.mitre.oval:def:28592	P	RHSA-2009:0429 -- cups security update (Important)	2015-08-17
oval:org.mitre.oval:def:28869	P	RHSA-2009:0480 -- poppler security update (Important)	2015-08-17
oval:org.mitre.oval:def:13235	P	DSA-1793-1 kdegraphics -- multiple	2015-02-23
oval:org.mitre.oval:def:7864	P	DSA-1793 kdegraphics -- multiple vulnerabilities	2015-02-23
oval:org.mitre.oval:def:23168	P	ELSA-2010:0400: tetex security update (Moderate)	2014-07-21
oval:org.mitre.oval:def:13857	P	USN-759-1 -- poppler vulnerabilities	2014-06-30
oval:org.mitre.oval:def:13355	P	USN-973-1 -- koffice vulnerabilities	2014-06-30
oval:org.mitre.oval:def:13119	P	DSA-1790-1 xpdf -- multiple	2014-06-23
oval:org.mitre.oval:def:7718	P	DSA-1790 xpdf -- multiple vulnerabilities	2014-06-23
oval:org.mitre.oval:def:22616	P	ELSA-2009:0431: kdegraphics security update (Important)	2014-05-26
oval:org.mitre.oval:def:21858	P	ELSA-2009:0429: cups security update (Important)	2014-05-26
oval:org.mitre.oval:def:21897	P	ELSA-2009:0480: poppler security update (Important)	2014-05-26
oval:org.mitre.oval:def:22251	P	RHSA-2010:0400: tetex security update (Moderate)	2014-02-24
oval:org.mitre.oval:def:9778	V	The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers a free of uninitialized memory.	2013-04-29
oval:com.redhat.rhsa:def:20100399	P	RHSA-2010:0399: tetex security update (Moderate)	2010-05-06
oval:com.redhat.rhsa:def:20100400	P	RHSA-2010:0400: tetex security update (Moderate)	2010-05-06
oval:com.redhat.rhsa:def:20090480	P	RHSA-2009:0480: poppler security update (Important)	2009-05-13
oval:org.debian:def:1793	V	multiple vulnerabilities	2009-05-06
oval:org.debian:def:1790	V	multiple vulnerabilities	2009-05-05
oval:com.redhat.rhsa:def:20090458	P	RHSA-2009:0458: gpdf security update (Important)	2009-04-30
oval:com.ubuntu.artful:def:20090166000	V	CVE-2009-0166 on Ubuntu 17.10 (artful) - medium.	2009-04-23
oval:com.ubuntu.bionic:def:200901660000000	V	CVE-2009-0166 on Ubuntu 18.04 LTS (bionic) - medium.	2009-04-23
oval:com.ubuntu.trusty:def:20090166000	V	CVE-2009-0166 on Ubuntu 14.04 LTS (trusty) - medium.	2009-04-23
oval:com.ubuntu.bionic:def:20090166000	V	CVE-2009-0166 on Ubuntu 18.04 LTS (bionic) - medium.	2009-04-23
oval:com.ubuntu.xenial:def:200901660000000	V	CVE-2009-0166 on Ubuntu 16.04 LTS (xenial) - medium.	2009-04-23
oval:com.ubuntu.xenial:def:20090166000	V	CVE-2009-0166 on Ubuntu 16.04 LTS (xenial) - medium.	2009-04-23
oval:com.ubuntu.cosmic:def:20090166000	V	CVE-2009-0166 on Ubuntu 18.10 (cosmic) - medium.	2009-04-23
oval:com.ubuntu.disco:def:200901660000000	V	CVE-2009-0166 on Ubuntu 19.04 (disco) - medium.	2009-04-23
oval:com.ubuntu.cosmic:def:200901660000000	V	CVE-2009-0166 on Ubuntu 18.10 (cosmic) - medium.	2009-04-23
oval:com.ubuntu.precise:def:20090166000	V	CVE-2009-0166 on Ubuntu 12.04 LTS (precise) - medium.	2009-04-23
oval:com.redhat.rhsa:def:20090429	P	RHSA-2009:0429: cups security update (Important)	2009-04-16
oval:com.redhat.rhsa:def:20090430	P	RHSA-2009:0430: xpdf security update (Important)	2009-04-16
oval:com.redhat.rhsa:def:20090431	P	RHSA-2009:0431: kdegraphics security update (Important)	2009-04-16