SecuritySpace - CVE-2009-1180

Price/Feature Summary | Order | New Vulnerabilities | Confidentiality | Vulnerability Search

Vulnerability Search		Search 105790 CVE descriptions and 56160 test descriptions, access 10,000+ cross references.
	Tests CVE All

CVE ID: CVE-2009-1180

Description: The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to execute arbitrary code via a crafted PDF file that triggers a free of invalid data.

Test IDs: 1.3.6.1.4.1.25623.1.0.64300 1.3.6.1.4.1.25623.1.0.63878 1.3.6.1.4.1.25623.1.0.63958 1.3.6.1.4.1.25623.1.0.63879 1.3.6.1.4.1.25623.1.0.64401 1.3.6.1.4.1.25623.1.0.64302 1.3.6.1.4.1.25623.1.0.122360

Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2009-1180
Debian Security Information: DSA-1790 (Google Search)
http://www.debian.org/security/2009/dsa-1790
Debian Security Information: DSA-1793 (Google Search)
http://www.debian.org/security/2009/dsa-1793
https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html
https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html
https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html
http://www.mandriva.com/security/advisories?name=MDVSA-2009:101
http://www.mandriva.com/security/advisories?name=MDVSA-2010:087
http://www.mandriva.com/security/advisories?name=MDVSA-2011:175
RedHat Security Advisories: RHSA-2009:0430
http://www.redhat.com/support/errata/RHSA-2009-0430.html
RedHat Security Advisories: RHSA-2009:0429
http://www.redhat.com/support/errata/RHSA-2009-0429.html
RedHat Security Advisories: RHSA-2009:0431
http://www.redhat.com/support/errata/RHSA-2009-0431.html
RedHat Security Advisories: RHSA-2009:0458
http://rhn.redhat.com/errata/RHSA-2009-0458.html
RedHat Security Advisories: RHSA-2009:0480
http://www.redhat.com/support/errata/RHSA-2009-0480.html
http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.578477
SuSE Security Announcement: SUSE-SA:2009:024 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html
SuSE Security Announcement: SUSE-SR:2009:010 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html
SuSE Security Announcement: SUSE-SR:2009:012 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html
CERT/CC vulnerability note: VU#196617
http://www.kb.cert.org/vuls/id/196617
BugTraq ID: 34568
http://www.securityfocus.com/bid/34568
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9926
http://www.securitytracker.com/id?1022073
http://secunia.com/advisories/34755
http://secunia.com/advisories/34291
http://secunia.com/advisories/34481
http://secunia.com/advisories/34746
http://secunia.com/advisories/34852
http://secunia.com/advisories/34756
http://secunia.com/advisories/34959
http://secunia.com/advisories/34963
http://secunia.com/advisories/35037
http://secunia.com/advisories/35065
http://secunia.com/advisories/34991
http://secunia.com/advisories/35064
http://secunia.com/advisories/35618
http://secunia.com/advisories/35685
http://www.vupen.com/english/advisories/2009/1065
http://www.vupen.com/english/advisories/2009/1066
http://www.vupen.com/english/advisories/2009/1076
http://www.vupen.com/english/advisories/2009/1077
http://www.vupen.com/english/advisories/2010/1040

New User Registration
Email:

UserID:

Passwd:

Please email me your monthly newsletters, informing the latest services, improvements & surveys.

Please email me a vulnerability test announcement whenever a new test is added.

Privacy

Registered User Login

UserID:

Passwd:

Forgot userid or passwd?

Email/Userid:

CVE ID:	CVE-2009-1180
Description:	The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to execute arbitrary code via a crafted PDF file that triggers a free of invalid data.
Test IDs:	1.3.6.1.4.1.25623.1.0.64300 1.3.6.1.4.1.25623.1.0.63878 1.3.6.1.4.1.25623.1.0.63958 1.3.6.1.4.1.25623.1.0.63879 1.3.6.1.4.1.25623.1.0.64401 1.3.6.1.4.1.25623.1.0.64302 1.3.6.1.4.1.25623.1.0.122360
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2009-1180 Debian Security Information: DSA-1790 (Google Search) http://www.debian.org/security/2009/dsa-1790 Debian Security Information: DSA-1793 (Google Search) http://www.debian.org/security/2009/dsa-1793 https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html http://www.mandriva.com/security/advisories?name=MDVSA-2009:101 http://www.mandriva.com/security/advisories?name=MDVSA-2010:087 http://www.mandriva.com/security/advisories?name=MDVSA-2011:175 RedHat Security Advisories: RHSA-2009:0430 http://www.redhat.com/support/errata/RHSA-2009-0430.html RedHat Security Advisories: RHSA-2009:0429 http://www.redhat.com/support/errata/RHSA-2009-0429.html RedHat Security Advisories: RHSA-2009:0431 http://www.redhat.com/support/errata/RHSA-2009-0431.html RedHat Security Advisories: RHSA-2009:0458 http://rhn.redhat.com/errata/RHSA-2009-0458.html RedHat Security Advisories: RHSA-2009:0480 http://www.redhat.com/support/errata/RHSA-2009-0480.html http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.578477 SuSE Security Announcement: SUSE-SA:2009:024 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html SuSE Security Announcement: SUSE-SR:2009:010 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html SuSE Security Announcement: SUSE-SR:2009:012 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html CERT/CC vulnerability note: VU#196617 http://www.kb.cert.org/vuls/id/196617 BugTraq ID: 34568 http://www.securityfocus.com/bid/34568 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9926 http://www.securitytracker.com/id?1022073 http://secunia.com/advisories/34755 http://secunia.com/advisories/34291 http://secunia.com/advisories/34481 http://secunia.com/advisories/34746 http://secunia.com/advisories/34852 http://secunia.com/advisories/34756 http://secunia.com/advisories/34959 http://secunia.com/advisories/34963 http://secunia.com/advisories/35037 http://secunia.com/advisories/35065 http://secunia.com/advisories/34991 http://secunia.com/advisories/35064 http://secunia.com/advisories/35618 http://secunia.com/advisories/35685 http://www.vupen.com/english/advisories/2009/1065 http://www.vupen.com/english/advisories/2009/1066 http://www.vupen.com/english/advisories/2009/1076 http://www.vupen.com/english/advisories/2009/1077 http://www.vupen.com/english/advisories/2010/1040