CVE - CVE-2009-0800

CVE-ID
CVE-2009-0800	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
Multiple "input validation flaws" in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allow remote attackers to execute arbitrary code via a crafted PDF file.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MISC:1022073 URL:http://www.securitytracker.com/id?1022073 MISC:34291 URL:http://secunia.com/advisories/34291 MISC:34481 URL:http://secunia.com/advisories/34481 MISC:34568 URL:http://www.securityfocus.com/bid/34568 MISC:34746 URL:http://secunia.com/advisories/34746 MISC:34755 URL:http://secunia.com/advisories/34755 MISC:34756 URL:http://secunia.com/advisories/34756 MISC:34852 URL:http://secunia.com/advisories/34852 MISC:34959 URL:http://secunia.com/advisories/34959 MISC:34963 URL:http://secunia.com/advisories/34963 MISC:34991 URL:http://secunia.com/advisories/34991 MISC:35037 URL:http://secunia.com/advisories/35037 MISC:35064 URL:http://secunia.com/advisories/35064 MISC:35065 URL:http://secunia.com/advisories/35065 MISC:35618 URL:http://secunia.com/advisories/35618 MISC:35685 URL:http://secunia.com/advisories/35685 MISC:ADV-2009-1065 URL:~~http://www.vupen.com/english/advisories/2009/1065~~ (Obsolete source) MISC:ADV-2009-1066 URL:~~http://www.vupen.com/english/advisories/2009/1066~~ (Obsolete source) MISC:ADV-2009-1076 URL:~~http://www.vupen.com/english/advisories/2009/1076~~ (Obsolete source) MISC:ADV-2009-1077 URL:~~http://www.vupen.com/english/advisories/2009/1077~~ (Obsolete source) MISC:ADV-2010-1040 URL:~~http://www.vupen.com/english/advisories/2010/1040~~ (Obsolete source) MISC:DSA-1790 URL:http://www.debian.org/security/2009/dsa-1790 MISC:DSA-1793 URL:http://www.debian.org/security/2009/dsa-1793 MISC:FEDORA-2009-6972 URL:https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html MISC:FEDORA-2009-6973 URL:https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html MISC:FEDORA-2009-6982 URL:https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html MISC:MDVSA-2009:101 URL:~~http://www.mandriva.com/security/advisories?name=MDVSA-2009:101~~ (Obsolete source) MISC:MDVSA-2010:087 URL:~~http://www.mandriva.com/security/advisories?name=MDVSA-2010:087~~ (Obsolete source) MISC:MDVSA-2011:175 URL:~~http://www.mandriva.com/security/advisories?name=MDVSA-2011:175~~ (Obsolete source) MISC:RHSA-2009:0429 URL:http://www.redhat.com/support/errata/RHSA-2009-0429.html MISC:RHSA-2009:0430 URL:http://www.redhat.com/support/errata/RHSA-2009-0430.html MISC:RHSA-2009:0431 URL:http://www.redhat.com/support/errata/RHSA-2009-0431.html MISC:RHSA-2009:0458 URL:http://rhn.redhat.com/errata/RHSA-2009-0458.html MISC:RHSA-2009:0480 URL:http://www.redhat.com/support/errata/RHSA-2009-0480.html MISC:SSA:2009-129-01 URL:http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.578477 MISC:SUSE-SA:2009:024 URL:http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html MISC:SUSE-SR:2009:010 URL:http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html MISC:SUSE-SR:2009:012 URL:http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html MISC:VU#196617 URL:http://www.kb.cert.org/vuls/id/196617 MISC:http://poppler.freedesktop.org/releases.html URL:http://poppler.freedesktop.org/releases.html MISC:https://bugzilla.redhat.com/show_bug.cgi?id=495887 URL:https://bugzilla.redhat.com/show_bug.cgi?id=495887 MISC:oval:org.mitre.oval:def:11323 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11323
Assigning CNA
Red Hat, Inc.
Date Record Created
20090304	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20090304)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)