CVE-2009-0146
Published: 04/23/2009 17:30:01
Multiple buffer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allow remote attackers to cause a denial of service (crash) via a crafted PDF file, related to (1) JBIG2SymbolDict::setBitmap and (2) JBIG2Stream::readSymbolDictSeg.
MEDIUM
CVSS v2: 4.3
CVSS v2: 4.3
Status
| DocFilters Release | Package | State | Justification | Comment |
|---|---|---|---|---|
| 25.1 | xpdf (4.05) | Not Affected | Code Not Present | 4.05 does not match CVE configuration. |
| 24.4 | xpdf (4.05) | Not Affected | Code Not Present | 4.05 does not match CVE configuration. |
| 24.4.0 | xpdf (4.05) | Not Affected | Code Not Present | 4.05 does not match CVE configuration. |
| 24.3 | xpdf (4.05) | Not Affected | Code Not Present | 4.05 does not match CVE configuration. |
| 24.2.1 | xpdf (4.05) | Not Affected | Code Not Present | 4.05 does not match CVE configuration. |
| 24.2 | xpdf (4.05) | Not Affected | Code Not Present | 4.05 does not match CVE configuration. |
| 24.1 | xpdf (3.02) | Resolved | Code Not Present | Patched applied from about:blank |
| 23.3 | xpdf (3.02) | Resolved | Code Not Present | Patched applied from about:blank |
| 23.2.1 | xpdf (3.02) | Resolved | Code Not Present | Patched applied from about:blank |
| 23.2 | xpdf (3.02) | Resolved | Code Not Present | Patched applied from about:blank |
| 23.1 | xpdf (3.02) | Resolved | Code Not Present | Patched applied from about:blank |