CVE-2009-0147 — Integer Overflow or Wraparound in Apple Cups
Severity
4.3MEDIUMNVD
EPSS
2.4%
top 14.98%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedApr 23
Latest updateMay 2
Description
Multiple integer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allow remote attackers to cause a denial of service (crash) via a crafted PDF file, related to (1) JBIG2Stream::readSymbolDictSeg, (2) JBIG2Stream::readSymbolDictSeg, and (3) JBIG2Stream::readGenericBitmap.
CVSS vector
AV:N/AC:M/C:N/I:N/A:PExploitability: 8.6 | Impact: 2.9
Affected Packages5 packages
Patches
🔴Vulnerability Details
3📋Vendor Advisories
4💬Community
6Bugzilla▶
CVE-2009-4308 kernel: ext4: Avoid null pointer dereference when decoding EROFS w/o a journal↗2009-12-14
Bugzilla▶
CVE-2009-0146 CVE-2009-0147 CVE-2009-0166 CVE-2009-0799 CVE-2009-0800 CVE-2009-1179 CVE-2009-1180 CVE-2009-1181 CVE-2009-1182 CVE-2009-1183 CVE-2009-1187 CVE-2009-1188 poppler various flaws [F10]↗2009-04-21
Bugzilla▶
CVE-2009-0146 CVE-2009-0147 CVE-2009-0166 CVE-2009-0799 CVE-2009-0800 CVE-2009-1179 CVE-2009-1180 CVE-2009-1181 CVE-2009-1182 CVE-2009-1183 CVE-2009-1187 CVE-2009-1188 poppler various flaws [F11]↗2009-04-21
Bugzilla▶
CVE-2009-0146 CVE-2009-0147 CVE-2009-0166 CVE-2009-0799 CVE-2009-0800 CVE-2009-1179 CVE-2009-1180 CVE-2009-1181 CVE-2009-1182 CVE-2009-1183 CVE-2009-1187 CVE-2009-1188 poppler various flaws [F9]↗2009-04-21