// For flags

CVE-2009-0195

xpdf: Multiple buffer overflows in JBIG2 decoder (setBitmap, readSymbolDictSeg) (CVE-2009-0195)

Severity Score

6.8
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Heap-based buffer overflow in Xpdf 3.02pl2 and earlier, CUPS 1.3.9, and probably other products, allows remote attackers to execute arbitrary code via a PDF file with crafted JBIG2 symbol dictionary segments.

Desbordamiento de búfer basado en montículo en Xpdf v3.02p12 y anteriores, CUPS v1.3.9 y probablemente otros productos, permite a atacantes remotos ejecutar código de forma arbitraria a través de un fichero PDF con segmentos JBIG2 de diccionario simbólico manipulados.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Medium
Authentication
None
Confidentiality
Partial
Integrity
Partial
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2009-01-20 CVE Reserved
  • 2009-04-17 CVE Published
  • 2024-05-06 EPSS Updated
  • 2024-08-07 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Apple
Search vendor "Apple"
Cups
Search vendor "Apple" for product "Cups"
1.3.9
Search vendor "Apple" for product "Cups" and version "1.3.9"
-
Affected
Foolabs
Search vendor "Foolabs"
Xpdf
Search vendor "Foolabs" for product "Xpdf"
0.5a
Search vendor "Foolabs" for product "Xpdf" and version "0.5a"
-
Affected
Foolabs
Search vendor "Foolabs"
Xpdf
Search vendor "Foolabs" for product "Xpdf"
0.7a
Search vendor "Foolabs" for product "Xpdf" and version "0.7a"
-
Affected
Foolabs
Search vendor "Foolabs"
Xpdf
Search vendor "Foolabs" for product "Xpdf"
0.91a
Search vendor "Foolabs" for product "Xpdf" and version "0.91a"
-
Affected
Foolabs
Search vendor "Foolabs"
Xpdf
Search vendor "Foolabs" for product "Xpdf"
0.91b
Search vendor "Foolabs" for product "Xpdf" and version "0.91b"
-
Affected
Foolabs
Search vendor "Foolabs"
Xpdf
Search vendor "Foolabs" for product "Xpdf"
0.91c
Search vendor "Foolabs" for product "Xpdf" and version "0.91c"
-
Affected
Foolabs
Search vendor "Foolabs"
Xpdf
Search vendor "Foolabs" for product "Xpdf"
0.92a
Search vendor "Foolabs" for product "Xpdf" and version "0.92a"
-
Affected
Foolabs
Search vendor "Foolabs"
Xpdf
Search vendor "Foolabs" for product "Xpdf"
0.92b
Search vendor "Foolabs" for product "Xpdf" and version "0.92b"
-
Affected
Foolabs
Search vendor "Foolabs"
Xpdf
Search vendor "Foolabs" for product "Xpdf"
0.92c
Search vendor "Foolabs" for product "Xpdf" and version "0.92c"
-
Affected
Foolabs
Search vendor "Foolabs"
Xpdf
Search vendor "Foolabs" for product "Xpdf"
0.92d
Search vendor "Foolabs" for product "Xpdf" and version "0.92d"
-
Affected
Foolabs
Search vendor "Foolabs"
Xpdf
Search vendor "Foolabs" for product "Xpdf"
0.92e
Search vendor "Foolabs" for product "Xpdf" and version "0.92e"
-
Affected
Foolabs
Search vendor "Foolabs"
Xpdf
Search vendor "Foolabs" for product "Xpdf"
0.93a
Search vendor "Foolabs" for product "Xpdf" and version "0.93a"
-
Affected
Foolabs
Search vendor "Foolabs"
Xpdf
Search vendor "Foolabs" for product "Xpdf"
0.93b
Search vendor "Foolabs" for product "Xpdf" and version "0.93b"
-
Affected
Foolabs
Search vendor "Foolabs"
Xpdf
Search vendor "Foolabs" for product "Xpdf"
0.93c
Search vendor "Foolabs" for product "Xpdf" and version "0.93c"
-
Affected
Foolabs
Search vendor "Foolabs"
Xpdf
Search vendor "Foolabs" for product "Xpdf"
1.00a
Search vendor "Foolabs" for product "Xpdf" and version "1.00a"
-
Affected
Foolabs
Search vendor "Foolabs"
Xpdf
Search vendor "Foolabs" for product "Xpdf"
3.0.1
Search vendor "Foolabs" for product "Xpdf" and version "3.0.1"
-
Affected
Glyphandcog
Search vendor "Glyphandcog"
Xpdfreader
Search vendor "Glyphandcog" for product "Xpdfreader"
<= 3.02
Search vendor "Glyphandcog" for product "Xpdfreader" and version " <= 3.02"
-
Affected
Glyphandcog
Search vendor "Glyphandcog"
Xpdfreader
Search vendor "Glyphandcog" for product "Xpdfreader"
0.2
Search vendor "Glyphandcog" for product "Xpdfreader" and version "0.2"
-
Affected
Glyphandcog
Search vendor "Glyphandcog"
Xpdfreader
Search vendor "Glyphandcog" for product "Xpdfreader"
0.3
Search vendor "Glyphandcog" for product "Xpdfreader" and version "0.3"
-
Affected
Glyphandcog
Search vendor "Glyphandcog"
Xpdfreader
Search vendor "Glyphandcog" for product "Xpdfreader"
0.4
Search vendor "Glyphandcog" for product "Xpdfreader" and version "0.4"
-
Affected
Glyphandcog
Search vendor "Glyphandcog"
Xpdfreader
Search vendor "Glyphandcog" for product "Xpdfreader"
0.5
Search vendor "Glyphandcog" for product "Xpdfreader" and version "0.5"
-
Affected
Glyphandcog
Search vendor "Glyphandcog"
Xpdfreader
Search vendor "Glyphandcog" for product "Xpdfreader"
0.6
Search vendor "Glyphandcog" for product "Xpdfreader" and version "0.6"
-
Affected
Glyphandcog
Search vendor "Glyphandcog"
Xpdfreader
Search vendor "Glyphandcog" for product "Xpdfreader"
0.7
Search vendor "Glyphandcog" for product "Xpdfreader" and version "0.7"
-
Affected
Glyphandcog
Search vendor "Glyphandcog"
Xpdfreader
Search vendor "Glyphandcog" for product "Xpdfreader"
0.80
Search vendor "Glyphandcog" for product "Xpdfreader" and version "0.80"
-
Affected
Glyphandcog
Search vendor "Glyphandcog"
Xpdfreader
Search vendor "Glyphandcog" for product "Xpdfreader"
0.90
Search vendor "Glyphandcog" for product "Xpdfreader" and version "0.90"
-
Affected
Glyphandcog
Search vendor "Glyphandcog"
Xpdfreader
Search vendor "Glyphandcog" for product "Xpdfreader"
0.91
Search vendor "Glyphandcog" for product "Xpdfreader" and version "0.91"
-
Affected
Glyphandcog
Search vendor "Glyphandcog"
Xpdfreader
Search vendor "Glyphandcog" for product "Xpdfreader"
0.92
Search vendor "Glyphandcog" for product "Xpdfreader" and version "0.92"
-
Affected
Glyphandcog
Search vendor "Glyphandcog"
Xpdfreader
Search vendor "Glyphandcog" for product "Xpdfreader"
0.93
Search vendor "Glyphandcog" for product "Xpdfreader" and version "0.93"
-
Affected
Glyphandcog
Search vendor "Glyphandcog"
Xpdfreader
Search vendor "Glyphandcog" for product "Xpdfreader"
1.00
Search vendor "Glyphandcog" for product "Xpdfreader" and version "1.00"
-
Affected
Glyphandcog
Search vendor "Glyphandcog"
Xpdfreader
Search vendor "Glyphandcog" for product "Xpdfreader"
1.01
Search vendor "Glyphandcog" for product "Xpdfreader" and version "1.01"
-
Affected
Glyphandcog
Search vendor "Glyphandcog"
Xpdfreader
Search vendor "Glyphandcog" for product "Xpdfreader"
2.00
Search vendor "Glyphandcog" for product "Xpdfreader" and version "2.00"
-
Affected
Glyphandcog
Search vendor "Glyphandcog"
Xpdfreader
Search vendor "Glyphandcog" for product "Xpdfreader"
2.01
Search vendor "Glyphandcog" for product "Xpdfreader" and version "2.01"
-
Affected
Glyphandcog
Search vendor "Glyphandcog"
Xpdfreader
Search vendor "Glyphandcog" for product "Xpdfreader"
2.02
Search vendor "Glyphandcog" for product "Xpdfreader" and version "2.02"
-
Affected
Glyphandcog
Search vendor "Glyphandcog"
Xpdfreader
Search vendor "Glyphandcog" for product "Xpdfreader"
2.03
Search vendor "Glyphandcog" for product "Xpdfreader" and version "2.03"
-
Affected
Glyphandcog
Search vendor "Glyphandcog"
Xpdfreader
Search vendor "Glyphandcog" for product "Xpdfreader"
3.00
Search vendor "Glyphandcog" for product "Xpdfreader" and version "3.00"
-
Affected