Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2009-0195


Heap-based buffer overflow in Xpdf 3.02pl2 and earlier, CUPS 1.3.9, and probably other products, allows remote attackers to execute arbitrary code via a PDF file with crafted JBIG2 symbol dictionary segments.


Published

2009-04-23T17:30:01.627

Last Modified

2025-04-09T00:30:58.490

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 6.8 (MEDIUM)

CVSSv2 Vector

AV:N/AC:M/Au:N/C:P/I:P/A:P

  • Access Vector: NETWORK
  • Access Complexity: MEDIUM
  • Authentication: NONE
  • Confidentiality Impact: PARTIAL
  • Integrity Impact: PARTIAL
  • Availability Impact: PARTIAL
Exploitability Score

8.6

Impact Score

6.4

Weaknesses
  • Type: Primary
    CWE-119

Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Application apple cups 1.3.9 Yes
Application foolabs xpdf 0.5a Yes
Application foolabs xpdf 0.7a Yes
Application foolabs xpdf 0.91a Yes
Application foolabs xpdf 0.91b Yes
Application foolabs xpdf 0.91c Yes
Application foolabs xpdf 0.92a Yes
Application foolabs xpdf 0.92b Yes
Application foolabs xpdf 0.92c Yes
Application foolabs xpdf 0.92d Yes
Application foolabs xpdf 0.92e Yes
Application foolabs xpdf 0.93a Yes
Application foolabs xpdf 0.93b Yes
Application foolabs xpdf 0.93c Yes
Application foolabs xpdf 1.00a Yes
Application foolabs xpdf 3.0.1 Yes
Application glyphandcog xpdfreader ≤ 3.02 Yes
Application glyphandcog xpdfreader 0.2 Yes
Application glyphandcog xpdfreader 0.3 Yes
Application glyphandcog xpdfreader 0.4 Yes
Application glyphandcog xpdfreader 0.5 Yes
Application glyphandcog xpdfreader 0.6 Yes
Application glyphandcog xpdfreader 0.7 Yes
Application glyphandcog xpdfreader 0.80 Yes
Application glyphandcog xpdfreader 0.90 Yes
Application glyphandcog xpdfreader 0.91 Yes
Application glyphandcog xpdfreader 0.92 Yes
Application glyphandcog xpdfreader 0.93 Yes
Application glyphandcog xpdfreader 1.00 Yes
Application glyphandcog xpdfreader 1.01 Yes
Application glyphandcog xpdfreader 2.00 Yes
Application glyphandcog xpdfreader 2.01 Yes
Application glyphandcog xpdfreader 2.02 Yes
Application glyphandcog xpdfreader 2.03 Yes
Application glyphandcog xpdfreader 3.00 Yes

References