VDB
CVE-2009-1187
CVE-2009-1187
PUBLISHED
Reported by redhat · Published April 23, 2009
Integer overflow in the JBIG2 decoding feature in Poppler before 0.10.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to CairoOutputDev (CairoOutputDev.cc).
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
| n/a | n/a | n/a, n/a |
Timeline
- Apr 23, 2009 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 3, 2023 EPSS Score
- Feb 9, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 3, 2023 EPSS Score
- Jul 17, 2023 EPSS Score
- Sep 8, 2023 EPSS Score
References
- x_refsource_CONFIRM
- x_refsource_CONFIRM
- 35064 third-party-advisoryx_refsource_SECUNIA
- FEDORA-2009-6972 vendor-advisoryx_refsource_FEDORA
- poppler-jbig2-cairooutputdev-code-excution(50184) vdb-entryx_refsource_XF
- 35618 third-party-advisoryx_refsource_SECUNIA
- RHSA-2009:0480 vendor-advisoryx_refsource_REDHAT
- x_refsource_CONFIRM
- 34568 vdb-entryx_refsource_BID
- MDVSA-2011:175 vendor-advisoryx_refsource_MANDRIVA
- VU#196617 third-party-advisoryx_refsource_CERT-VN
- ADV-2010-1040 vdb-entryx_refsource_VUPEN
- FEDORA-2009-6982 vendor-advisoryx_refsource_FEDORA
- x_refsource_CONFIRM
- MDVSA-2010:087 vendor-advisoryx_refsource_MANDRIVA
- ADV-2009-1076 vdb-entryx_refsource_VUPEN
- oval:org.mitre.oval:def:10292 vdb-entrysignaturex_refsource_OVAL
- 20090417 rPSA-2009-0059-1 poppler mailing-listx_refsource_BUGTRAQ
- FEDORA-2009-6973 vendor-advisoryx_refsource_FEDORA
- 34746 third-party-advisoryx_refsource_SECUNIA