// For flags

CVE-2009-1187

poppler CairoOutputDev integer overflow

Severity Score

9.8
*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Integer overflow in the JBIG2 decoding feature in Poppler before 0.10.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to CairoOutputDev (CairoOutputDev.cc).

Desbordamiento de entero en la característica JBIG2 decoding en Poppler anteriores a v0.10.6 permite a atacantes remotos producir una denegación de servicio (caida) y posiblemente ejecutar código a través de vectores relacionados con CairoOutputDev (CairoOutputDev.cc).

Multiple vulnerabilities have been found in Poppler, some of which may allow execution of arbitrary code. Versions less than 0.22.2-r1 are affected.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
None
Integrity
None
Availability
Partial
Attack Vector
Network
Attack Complexity
Medium
Authentication
None
Confidentiality
Partial
Integrity
Partial
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2009-03-31 CVE Reserved
  • 2009-04-23 CVE Published
  • 2024-08-07 CVE Updated
  • 2025-03-30 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-189: Numeric Errors
  • CWE-190: Integer Overflow or Wraparound
CAPEC
References (22)
URL Tag Source
http://poppler.freedesktop.org/releases.html X_refsource_confirm
http://secunia.com/advisories/34746 Third Party Advisory
http://secunia.com/advisories/35064 Third Party Advisory
http://secunia.com/advisories/35618 Third Party Advisory
http://wiki.rpath.com/Advisories:rPSA-2009-0059 X_refsource_confirm
http://www.kb.cert.org/vuls/id/196617 Third Party Advisory
http://www.securityfocus.com/archive/1/502761/100/0/threaded Mailing List
http://www.securityfocus.com/bid/34568 Vdb Entry
http://www.vupen.com/english/advisories/2009/1076 Vdb Entry
http://www.vupen.com/english/advisories/2010/1040 Vdb Entry
https://bugs.launchpad.net/ubuntu/+source/poppler/+bug/361875 X_refsource_confirm
https://exchange.xforce.ibmcloud.com/vulnerabilities/50184 Vdb Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10292 Signature
URL Date SRC
URL Date SRC
http://bugs.gentoo.org/show_bug.cgi?id=263028#c16 2023-02-13
URL Date SRC
http://www.mandriva.com/security/advisories?name=MDVSA-2010:087 2023-02-13
http://www.mandriva.com/security/advisories?name=MDVSA-2011:175 2023-02-13
http://www.redhat.com/support/errata/RHSA-2009-0480.html 2023-02-13
https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html 2023-02-13
https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html 2023-02-13
https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html 2023-02-13
https://access.redhat.com/security/cve/CVE-2009-1187 2009-05-13
https://bugzilla.redhat.com/show_bug.cgi?id=495906 2009-05-13
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Poppler
Search vendor "Poppler"
 Poppler
Search vendor "Poppler" for product "Poppler"
 <= 0.10.5
Search vendor "Poppler" for product "Poppler" and version " <= 0.10.5"
-
Affected
Poppler
Search vendor "Poppler"
 Poppler
Search vendor "Poppler" for product "Poppler"
 0.1
Search vendor "Poppler" for product "Poppler" and version "0.1"
-
Affected
Poppler
Search vendor "Poppler"
 Poppler
Search vendor "Poppler" for product "Poppler"
 0.1.1
Search vendor "Poppler" for product "Poppler" and version "0.1.1"
-
Affected
Poppler
Search vendor "Poppler"
 Poppler
Search vendor "Poppler" for product "Poppler"
 0.1.2
Search vendor "Poppler" for product "Poppler" and version "0.1.2"
-
Affected
Poppler
Search vendor "Poppler"
 Poppler
Search vendor "Poppler" for product "Poppler"
 0.2.0
Search vendor "Poppler" for product "Poppler" and version "0.2.0"
-
Affected
Poppler
Search vendor "Poppler"
 Poppler
Search vendor "Poppler" for product "Poppler"
 0.3.0
Search vendor "Poppler" for product "Poppler" and version "0.3.0"
-
Affected
Poppler
Search vendor "Poppler"
 Poppler
Search vendor "Poppler" for product "Poppler"
 0.3.1
Search vendor "Poppler" for product "Poppler" and version "0.3.1"
-
Affected
Poppler
Search vendor "Poppler"
 Poppler
Search vendor "Poppler" for product "Poppler"
 0.3.2
Search vendor "Poppler" for product "Poppler" and version "0.3.2"
-
Affected
Poppler
Search vendor "Poppler"
 Poppler
Search vendor "Poppler" for product "Poppler"
 0.3.3
Search vendor "Poppler" for product "Poppler" and version "0.3.3"
-
Affected
Poppler
Search vendor "Poppler"
 Poppler
Search vendor "Poppler" for product "Poppler"
 0.4.0
Search vendor "Poppler" for product "Poppler" and version "0.4.0"
-
Affected
Poppler
Search vendor "Poppler"
 Poppler
Search vendor "Poppler" for product "Poppler"
 0.4.1
Search vendor "Poppler" for product "Poppler" and version "0.4.1"
-
Affected
Poppler
Search vendor "Poppler"
 Poppler
Search vendor "Poppler" for product "Poppler"
 0.4.2
Search vendor "Poppler" for product "Poppler" and version "0.4.2"
-
Affected
Poppler
Search vendor "Poppler"
 Poppler
Search vendor "Poppler" for product "Poppler"
 0.4.3
Search vendor "Poppler" for product "Poppler" and version "0.4.3"
-
Affected
Poppler
Search vendor "Poppler"
 Poppler
Search vendor "Poppler" for product "Poppler"
 0.4.4
Search vendor "Poppler" for product "Poppler" and version "0.4.4"
-
Affected
Poppler
Search vendor "Poppler"
 Poppler
Search vendor "Poppler" for product "Poppler"
 0.5.0
Search vendor "Poppler" for product "Poppler" and version "0.5.0"
-
Affected
Poppler
Search vendor "Poppler"
 Poppler
Search vendor "Poppler" for product "Poppler"
 0.5.1
Search vendor "Poppler" for product "Poppler" and version "0.5.1"
-
Affected
Poppler
Search vendor "Poppler"
 Poppler
Search vendor "Poppler" for product "Poppler"
 0.5.2
Search vendor "Poppler" for product "Poppler" and version "0.5.2"
-
Affected
Poppler
Search vendor "Poppler"
 Poppler
Search vendor "Poppler" for product "Poppler"
 0.5.3
Search vendor "Poppler" for product "Poppler" and version "0.5.3"
-
Affected
Poppler
Search vendor "Poppler"
 Poppler
Search vendor "Poppler" for product "Poppler"
 0.5.4
Search vendor "Poppler" for product "Poppler" and version "0.5.4"
-
Affected
Poppler
Search vendor "Poppler"
 Poppler
Search vendor "Poppler" for product "Poppler"
 0.5.9
Search vendor "Poppler" for product "Poppler" and version "0.5.9"
-
Affected
Poppler
Search vendor "Poppler"
 Poppler
Search vendor "Poppler" for product "Poppler"
 0.5.90
Search vendor "Poppler" for product "Poppler" and version "0.5.90"
-
Affected
Poppler
Search vendor "Poppler"
 Poppler
Search vendor "Poppler" for product "Poppler"
 0.5.91
Search vendor "Poppler" for product "Poppler" and version "0.5.91"
-
Affected
Poppler
Search vendor "Poppler"
 Poppler
Search vendor "Poppler" for product "Poppler"
 0.6.0
Search vendor "Poppler" for product "Poppler" and version "0.6.0"
-
Affected
Poppler
Search vendor "Poppler"
 Poppler
Search vendor "Poppler" for product "Poppler"
 0.6.1
Search vendor "Poppler" for product "Poppler" and version "0.6.1"
-
Affected
Poppler
Search vendor "Poppler"
 Poppler
Search vendor "Poppler" for product "Poppler"
 0.6.2
Search vendor "Poppler" for product "Poppler" and version "0.6.2"
-
Affected
Poppler
Search vendor "Poppler"
 Poppler
Search vendor "Poppler" for product "Poppler"
 0.6.3
Search vendor "Poppler" for product "Poppler" and version "0.6.3"
-
Affected
Poppler
Search vendor "Poppler"
 Poppler
Search vendor "Poppler" for product "Poppler"
 0.6.4
Search vendor "Poppler" for product "Poppler" and version "0.6.4"
-
Affected
Poppler
Search vendor "Poppler"
 Poppler
Search vendor "Poppler" for product "Poppler"
 0.7.0
Search vendor "Poppler" for product "Poppler" and version "0.7.0"
-
Affected
Poppler
Search vendor "Poppler"
 Poppler
Search vendor "Poppler" for product "Poppler"
 0.7.1
Search vendor "Poppler" for product "Poppler" and version "0.7.1"
-
Affected
Poppler
Search vendor "Poppler"
 Poppler
Search vendor "Poppler" for product "Poppler"
 0.7.2
Search vendor "Poppler" for product "Poppler" and version "0.7.2"
-
Affected
Poppler
Search vendor "Poppler"
 Poppler
Search vendor "Poppler" for product "Poppler"
 0.7.3
Search vendor "Poppler" for product "Poppler" and version "0.7.3"
-
Affected
Poppler
Search vendor "Poppler"
 Poppler
Search vendor "Poppler" for product "Poppler"
 0.8.0
Search vendor "Poppler" for product "Poppler" and version "0.8.0"
-
Affected
Poppler
Search vendor "Poppler"
 Poppler
Search vendor "Poppler" for product "Poppler"
 0.8.1
Search vendor "Poppler" for product "Poppler" and version "0.8.1"
-
Affected
Poppler
Search vendor "Poppler"
 Poppler
Search vendor "Poppler" for product "Poppler"
 0.8.2
Search vendor "Poppler" for product "Poppler" and version "0.8.2"
-
Affected
Poppler
Search vendor "Poppler"
 Poppler
Search vendor "Poppler" for product "Poppler"
 0.8.3
Search vendor "Poppler" for product "Poppler" and version "0.8.3"
-
Affected
Poppler
Search vendor "Poppler"
 Poppler
Search vendor "Poppler" for product "Poppler"
 0.8.4
Search vendor "Poppler" for product "Poppler" and version "0.8.4"
-
Affected
Poppler
Search vendor "Poppler"
 Poppler
Search vendor "Poppler" for product "Poppler"
 0.8.5
Search vendor "Poppler" for product "Poppler" and version "0.8.5"
-
Affected
Poppler
Search vendor "Poppler"
 Poppler
Search vendor "Poppler" for product "Poppler"
 0.8.6
Search vendor "Poppler" for product "Poppler" and version "0.8.6"
-
Affected
Poppler
Search vendor "Poppler"
 Poppler
Search vendor "Poppler" for product "Poppler"
 0.8.7
Search vendor "Poppler" for product "Poppler" and version "0.8.7"
-
Affected
Poppler
Search vendor "Poppler"
 Poppler
Search vendor "Poppler" for product "Poppler"
 0.9.0
Search vendor "Poppler" for product "Poppler" and version "0.9.0"
-
Affected
Poppler
Search vendor "Poppler"
 Poppler
Search vendor "Poppler" for product "Poppler"
 0.9.1
Search vendor "Poppler" for product "Poppler" and version "0.9.1"
-
Affected
Poppler
Search vendor "Poppler"
 Poppler
Search vendor "Poppler" for product "Poppler"
 0.9.2
Search vendor "Poppler" for product "Poppler" and version "0.9.2"
-
Affected
Poppler
Search vendor "Poppler"
 Poppler
Search vendor "Poppler" for product "Poppler"
 0.9.3
Search vendor "Poppler" for product "Poppler" and version "0.9.3"
-
Affected
Poppler
Search vendor "Poppler"
 Poppler
Search vendor "Poppler" for product "Poppler"
 0.10.0
Search vendor "Poppler" for product "Poppler" and version "0.10.0"
-
Affected
Poppler
Search vendor "Poppler"
 Poppler
Search vendor "Poppler" for product "Poppler"
 0.10.1
Search vendor "Poppler" for product "Poppler" and version "0.10.1"
-
Affected
Poppler
Search vendor "Poppler"
 Poppler
Search vendor "Poppler" for product "Poppler"
 0.10.2
Search vendor "Poppler" for product "Poppler" and version "0.10.2"
-
Affected
Poppler
Search vendor "Poppler"
 Poppler
Search vendor "Poppler" for product "Poppler"
 0.10.3
Search vendor "Poppler" for product "Poppler" and version "0.10.3"
-
Affected
Poppler
Search vendor "Poppler"
 Poppler
Search vendor "Poppler" for product "Poppler"
 0.10.4
Search vendor "Poppler" for product "Poppler" and version "0.10.4"
-
Affected