CVE-2009-1187
published 2009-04-23CVE-2009-1187: Integer overflow in the JBIG2 decoding feature in Poppler before 0.10.6 allows remote attackers to cause a denial of service (crash) and possibly execute…
PriorityP431medium5CVSS 2.0
AVNACLAuNCNINAP
EPSS
7.17%
93.5th percentile
Integer overflow in the JBIG2 decoding feature in Poppler before 0.10.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to CairoOutputDev (CairoOutputDev.cc).
Affected
53 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | poppler | < poppler 0.10.6-1 (bookworm) | poppler 0.10.6-1 (bookworm) |
| freedesktop | poppler | >= 0 < 0.10.6-1 | 0.10.6-1 |
| freedesktop | poppler | >= 0 < 0.10.6-1 | 0.10.6-1 |
| freedesktop | poppler | >= 0 < 0.10.6-1 | 0.10.6-1 |
| freedesktop | poppler | >= 0 < 0.10.6-1 | 0.10.6-1 |
| poppler | poppler | <= 0.10.5 | — |
| poppler | poppler | — | — |
| poppler | poppler | — | — |
| poppler | poppler | — | — |
| poppler | poppler | — | — |
| poppler | poppler | — | — |
| poppler | poppler | — | — |
| poppler | poppler | — | — |
| poppler | poppler | — | — |
| poppler | poppler | — | — |
| poppler | poppler | — | — |
| poppler | poppler | — | — |
| poppler | poppler | — | — |
| poppler | poppler | — | — |
| poppler | poppler | — | — |
| poppler | poppler | — | — |
| poppler | poppler | — | — |
| poppler | poppler | — | — |
| poppler | poppler | — | — |
| poppler | poppler | — | — |
CVSS provenance
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
osv5.0MEDIUM
vendor_debian5.0MEDIUM
vendor_redhat5.0MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
poppler vulnerabilities
vendor_ubuntu·2009-04-16
CVE-2009-1187 poppler vulnerabilities
Title: poppler vulnerabilities
Summary: poppler vulnerabilities
Will Dormann, Alin Rad Pop, Braden Thomas, and Drew Yao discovered that
poppler contained multiple security issues in its JBIG2 decoder. If a user
or automated system were tricked into opening a crafted PDF file, an
attacker could cause a denial of service or execute arbitrary code with
privileges of the user invoking the program.
Instructions: In general, a standard system upgrade is sufficient to effect the
necessary changes.
Red Hat
poppler CairoOutputDev integer overflow
vendor_redhat·2009-04-16·CVSS 5.0
CVE-2009-1187 [MEDIUM] CWE-190 poppler CairoOutputDev integer overflow
poppler CairoOutputDev integer overflow
Integer overflow in the JBIG2 decoding feature in Poppler before 0.10.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to CairoOutputDev (CairoOutputDev.cc).
Debian
CVE-2009-1187: poppler - Integer overflow in the JBIG2 decoding feature in Poppler before 0.10.6 allows r...
vendor_debian·2009·CVSS 5.0
CVE-2009-1187 [MEDIUM] CVE-2009-1187: poppler - Integer overflow in the JBIG2 decoding feature in Poppler before 0.10.6 allows r...
Integer overflow in the JBIG2 decoding feature in Poppler before 0.10.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to CairoOutputDev (CairoOutputDev.cc).
Scope: local
bookworm: resolved (fixed in 0.10.6-1)
bullseye: resolved (fixed in 0.10.6-1)
forky: resolved (fixed in 0.10.6-1)
sid: resolved (fixed in 0.10.6-1)
trixie: resolved (fixed in 0.10.6-1)
GHSA
GHSA-xr2j-w2jp-cp5m: Integer overflow in the JBIG2 decoding feature in Poppler before 0
ghsa_unreviewed·2022-05-02
CVE-2009-1187 [MEDIUM] GHSA-xr2j-w2jp-cp5m: Integer overflow in the JBIG2 decoding feature in Poppler before 0
Integer overflow in the JBIG2 decoding feature in Poppler before 0.10.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to CairoOutputDev (CairoOutputDev.cc).
OSV
CVE-2009-1187: Integer overflow in the JBIG2 decoding feature in Poppler before 0
osv·2009-04-23·CVSS 5.0
CVE-2009-1187 [MEDIUM] CVE-2009-1187: Integer overflow in the JBIG2 decoding feature in Poppler before 0
Integer overflow in the JBIG2 decoding feature in Poppler before 0.10.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to CairoOutputDev (CairoOutputDev.cc).
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2009-0146 CVE-2009-0147 CVE-2009-0166 CVE-2009-0799 CVE-2009-0800 CVE-2009-1179 CVE-2009-1180 CVE-2009-1181 CVE-2009-1182 CVE-2009-1183 CVE-2009-1187 CVE-2009-1188 poppler various flaws [F10]
bugzilla·2009-04-21·CVSS 4.3
CVE-2009-0146 [MEDIUM] CVE-2009-0146 CVE-2009-0147 CVE-2009-0166 CVE-2009-0799 CVE-2009-0800 CVE-2009-1179 CVE-2009-1180 CVE-2009-1181 CVE-2009-1182 CVE-2009-1183 CVE-2009-1187 CVE-2009-1188 poppler various flaws [F10]
CVE-2009-0146 CVE-2009-0147 CVE-2009-0166 CVE-2009-0799 CVE-2009-0800 CVE-2009-1179 CVE-2009-1180 CVE-2009-1181 CVE-2009-1182 CVE-2009-1183 CVE-2009-1187 CVE-2009-1188 poppler various flaws [F10]
F10 tracking bug: see blocks bug list for full details of the security issue(s).
This bug is never intended to be made public, please put any public notes in the 'blocks' bugs.
NOTE THIS ISSUE IS CURRENTLY EMBARGOED, DO NOT MAKE PUBLIC COMMITS OR COMMENTS ABOUT THIS ISSUE.
[bug automatically created by: add-tracking-bugs]
Discussion:
Fixed upstream in 0.10.6.
---
poppler-0.8.7-6.fc10 has been submitted as an update for Fedora 10.
http://admin.fedoraproject.org/updates/poppler-0.8.7-6.fc10
---
poppler-0.8.7-6.fc10 has been pushed to the Fedora 10 stable repository. If problems still persi
Bugzilla
CVE-2009-0146 CVE-2009-0147 CVE-2009-0166 CVE-2009-0799 CVE-2009-0800 CVE-2009-1179 CVE-2009-1180 CVE-2009-1181 CVE-2009-1182 CVE-2009-1183 CVE-2009-1187 CVE-2009-1188 poppler various flaws [F11]
bugzilla·2009-04-21·CVSS 4.3
CVE-2009-0146 [MEDIUM] CVE-2009-0146 CVE-2009-0147 CVE-2009-0166 CVE-2009-0799 CVE-2009-0800 CVE-2009-1179 CVE-2009-1180 CVE-2009-1181 CVE-2009-1182 CVE-2009-1183 CVE-2009-1187 CVE-2009-1188 poppler various flaws [F11]
CVE-2009-0146 CVE-2009-0147 CVE-2009-0166 CVE-2009-0799 CVE-2009-0800 CVE-2009-1179 CVE-2009-1180 CVE-2009-1181 CVE-2009-1182 CVE-2009-1183 CVE-2009-1187 CVE-2009-1188 poppler various flaws [F11]
Fdevel tracking bug: see blocks bug list for full details of the security issue(s).
This bug is never intended to be made public, please put any public notes in the 'blocks' bugs.
NOTE THIS ISSUE IS CURRENTLY EMBARGOED, DO NOT MAKE PUBLIC COMMITS OR COMMENTS ABOUT THIS ISSUE.
[bug automatically created by: add-tracking-bugs]
Discussion:
Fixed upstream in 0.10.6.
---
Affects F11 too, but there's no 11 in version list in BZ yet.
---
This bug appears to have been reported against 'rawhide' during the Fedora 11 development cycle.
Changing version to '11'.
More information and reason for thi
Bugzilla
CVE-2009-0146 CVE-2009-0147 CVE-2009-0166 CVE-2009-0799 CVE-2009-0800 CVE-2009-1179 CVE-2009-1180 CVE-2009-1181 CVE-2009-1182 CVE-2009-1183 CVE-2009-1187 CVE-2009-1188 poppler various flaws [F9]
bugzilla·2009-04-21·CVSS 4.3
CVE-2009-0146 [MEDIUM] CVE-2009-0146 CVE-2009-0147 CVE-2009-0166 CVE-2009-0799 CVE-2009-0800 CVE-2009-1179 CVE-2009-1180 CVE-2009-1181 CVE-2009-1182 CVE-2009-1183 CVE-2009-1187 CVE-2009-1188 poppler various flaws [F9]
CVE-2009-0146 CVE-2009-0147 CVE-2009-0166 CVE-2009-0799 CVE-2009-0800 CVE-2009-1179 CVE-2009-1180 CVE-2009-1181 CVE-2009-1182 CVE-2009-1183 CVE-2009-1187 CVE-2009-1188 poppler various flaws [F9]
F9 tracking bug: see blocks bug list for full details of the security issue(s).
This bug is never intended to be made public, please put any public notes in the 'blocks' bugs.
NOTE THIS ISSUE IS CURRENTLY EMBARGOED, DO NOT MAKE PUBLIC COMMITS OR COMMENTS ABOUT THIS ISSUE.
[bug automatically created by: add-tracking-bugs]
Discussion:
Fixed upstream in 0.10.6.
---
This message is a reminder that Fedora 9 is nearing its end of life.
Approximately 30 (thirty) days from now Fedora will stop maintaining
and issuing updates for Fedora 9. It is Fedora's policy to close all
bug reports from releases
Bugzilla
CVE-2009-1187 poppler CairoOutputDev integer overflow
bugzilla·2009-04-15·CVSS 5.0
CVE-2009-1187 [MEDIUM] CVE-2009-1187 poppler CairoOutputDev integer overflow
CVE-2009-1187 poppler CairoOutputDev integer overflow
An integer overflow was found in poppler's CairoOutputDev::drawImage
method. A malicious PDF file could cause poppler to execute with
permissions of the user calling the library.
Will Dormann of the CERT/CC created the extensive testsuite for the JBIG2
decoder in various PDF libraries that found this flaw.
Acknowledgements:
Red Hat would like to thank Will Dormann of the CERT/CC for responsibly reporting this flaw.
Discussion:
CVE-2009-1187:
Integer overflow in the JBIG2 decoding feature in Poppler before
0.10.6 allows remote attackers to cause a denial of service (crash)
and possibly execute arbitrary code via vectors related to
CairoOutputDev (CairoOutputDev.cc).
---
This issue has been addressed in following products:
Red Ha
http://bugs.gentoo.org/show_bug.cgi?id=263028#c16http://poppler.freedesktop.org/releases.htmlhttp://secunia.com/advisories/34746http://secunia.com/advisories/35064http://secunia.com/advisories/35618http://wiki.rpath.com/Advisories:rPSA-2009-0059http://www.kb.cert.org/vuls/id/196617http://www.mandriva.com/security/advisories?name=MDVSA-2010:087http://www.mandriva.com/security/advisories?name=MDVSA-2011:175http://www.redhat.com/support/errata/RHSA-2009-0480.htmlhttp://www.securityfocus.com/archive/1/502761/100/0/threadedhttp://www.securityfocus.com/bid/34568http://www.vupen.com/english/advisories/2009/1076http://www.vupen.com/english/advisories/2010/1040https://bugs.launchpad.net/ubuntu/+source/poppler/+bug/361875https://exchange.xforce.ibmcloud.com/vulnerabilities/50184https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10292https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.htmlhttps://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.htmlhttps://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.htmlhttp://bugs.gentoo.org/show_bug.cgi?id=263028#c16http://poppler.freedesktop.org/releases.htmlhttp://secunia.com/advisories/34746http://secunia.com/advisories/35064http://secunia.com/advisories/35618http://wiki.rpath.com/Advisories:rPSA-2009-0059http://www.kb.cert.org/vuls/id/196617http://www.mandriva.com/security/advisories?name=MDVSA-2010:087http://www.mandriva.com/security/advisories?name=MDVSA-2011:175http://www.redhat.com/support/errata/RHSA-2009-0480.htmlhttp://www.securityfocus.com/archive/1/502761/100/0/threadedhttp://www.securityfocus.com/bid/34568http://www.vupen.com/english/advisories/2009/1076http://www.vupen.com/english/advisories/2010/1040https://bugs.launchpad.net/ubuntu/+source/poppler/+bug/361875https://exchange.xforce.ibmcloud.com/vulnerabilities/50184https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10292https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.htmlhttps://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.htmlhttps://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html
2009-04-23
Published