CVE-2009-0800

Published: April 23rd, 2009

Multiple "input validation flaws" in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allow remote attackers to execute arbitrary code via a crafted PDF file.

MEDIUM
CVSS v2: 6.8

Status

DocFilters Release	Package	State	Justification	Comment
0.0.0.1	xpdf (4.05)	Not Affected	Code Not Present	4.05 does not match CVE configuration.
26.1.1	xpdf (4.05)	Not Affected	Code Not Present	4.05 does not match CVE configuration.
26.1	xpdf (4.05)	Not Affected	Code Not Present	4.05 does not match CVE configuration.
25.4	xpdf (4.05)	Not Affected	Code Not Present	4.05 does not match CVE configuration.
25.3	xpdf (4.05)	Not Affected	Code Not Present	4.05 does not match CVE configuration.
25.2	xpdf (4.05)	Not Affected	Code Not Present	4.05 does not match CVE configuration.
25.1.2	xpdf (4.05)	Not Affected	Code Not Present	4.05 does not match CVE configuration.
25.1.1	xpdf (4.05)	Not Affected	Code Not Present	4.05 does not match CVE configuration.
25.1	xpdf (4.05)	Not Affected	Code Not Present	4.05 does not match CVE configuration.
24.4	xpdf (4.05)	Not Affected	Code Not Present	4.05 does not match CVE configuration.
24.4.0	xpdf (4.05)	Not Affected	Code Not Present	4.05 does not match CVE configuration.
24.3	xpdf (4.05)	Not Affected	Code Not Present	4.05 does not match CVE configuration.
24.2.1	xpdf (4.05)	Not Affected	Code Not Present	4.05 does not match CVE configuration.
24.2	xpdf (4.05)	Not Affected	Code Not Present	4.05 does not match CVE configuration.
24.1	xpdf (3.02)	Resolved	Code Not Present	Patched applied from about:blank
23.3	xpdf (3.02)	Resolved	Code Not Present	Patched applied from about:blank
23.2.1	xpdf (3.02)	Resolved	Code Not Present	Patched applied from about:blank
23.2	xpdf (3.02)	Resolved	Code Not Present	Patched applied from about:blank
23.1	xpdf (3.02)	Resolved	Code Not Present	Patched applied from about:blank

Severity score breakdown

References

NVD
MITRE