CVE-2009-1188
published 2009-04-23CVE-2009-1188: Integer overflow in the JBIG2 decoding feature in the SplashBitmap::SplashBitmap function in SplashBitmap.cc in Xpdf 3.x before 3.02pl4 and Poppler before…
medium5CVSS 3.1
AVNACLAuNCNINAP
Integer overflow in the JBIG2 decoding feature in the SplashBitmap::SplashBitmap function in SplashBitmap.cc in Xpdf 3.x before 3.02pl4 and Poppler before 0.10.6, as used in GPdf and kdegraphics KPDF, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document.
Affected
78 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | poppler | < poppler 0.10.6-1 (bookworm) | poppler 0.10.6-1 (bookworm) |
| debian | poppler | < poppler 0.12.2-1 (bookworm) | poppler 0.12.2-1 (bookworm) |
| debian | xpdf | < poppler 0.10.6-1 (bookworm) | poppler 0.10.6-1 (bookworm) |
| debian | xpdf | < poppler 0.12.2-1 (bookworm) | poppler 0.12.2-1 (bookworm) |
| foolabs | xpdf | — | — |
| foolabs | xpdf | — | — |
| foolabs | xpdf | — | — |
| freedesktop | poppler | >= 0 < 0.10.6-1 | 0.10.6-1 |
| freedesktop | poppler | >= 0 < 0.12.2-1 | 0.12.2-1 |
| freedesktop | poppler | >= 0 < 0.10.6-1 | 0.10.6-1 |
| freedesktop | poppler | >= 0 < 0.12.2-1 | 0.12.2-1 |
| freedesktop | poppler | >= 0 < 0.10.6-1 | 0.10.6-1 |
| freedesktop | poppler | >= 0 < 0.12.2-1 | 0.12.2-1 |
| freedesktop | poppler | >= 0 < 0.10.6-1 | 0.10.6-1 |
| freedesktop | poppler | >= 0 < 0.12.2-1 | 0.12.2-1 |
| glyphandcog | xpdfreader | — | — |
| glyphandcog | xpdfreader | — | — |
| glyphandcog | xpdfreader | — | — |
| poppler | poppler | <= 0.10.5 | — |
| poppler | poppler | <= 0.12.0 | — |
| poppler | poppler | — | — |
| poppler | poppler | — | — |
| poppler | poppler | — | — |
| poppler | poppler | — | — |
| poppler | poppler | — | — |
CVSS provenance
nvd9.3CRITICALAV:N/AC:M/Au:N/C:C/I:C/A:C
osv5.0MEDIUM