CVE-2009-1181

Published: April 23rd, 2009

The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers a NULL pointer dereference.

MEDIUM
CVSS v2: 4.3

Status

DocFilters Release	Package	State	Justification	Comment
0.0.0.1	xpdf (4.05)	Not Affected	Code Not Present	4.05 does not match CVE configuration.
26.1.1	xpdf (4.05)	Not Affected	Code Not Present	4.05 does not match CVE configuration.
26.1	xpdf (4.05)	Not Affected	Code Not Present	4.05 does not match CVE configuration.
25.4	xpdf (4.05)	Not Affected	Code Not Present	4.05 does not match CVE configuration.
25.3	xpdf (4.05)	Not Affected	Code Not Present	4.05 does not match CVE configuration.
25.2	xpdf (4.05)	Not Affected	Code Not Present	4.05 does not match CVE configuration.
25.1.2	xpdf (4.05)	Not Affected	Code Not Present	4.05 does not match CVE configuration.
25.1.1	xpdf (4.05)	Not Affected	Code Not Present	4.05 does not match CVE configuration.
25.1	xpdf (4.05)	Not Affected	Code Not Present	4.05 does not match CVE configuration.
24.4	xpdf (4.05)	Not Affected	Code Not Present	4.05 does not match CVE configuration.
24.4.0	xpdf (4.05)	Not Affected	Code Not Present	4.05 does not match CVE configuration.
24.3	xpdf (4.05)	Not Affected	Code Not Present	4.05 does not match CVE configuration.
24.2.1	xpdf (4.05)	Not Affected	Code Not Present	4.05 does not match CVE configuration.
24.2	xpdf (4.05)	Not Affected	Code Not Present	4.05 does not match CVE configuration.
24.1	xpdf (3.02)	Resolved	Code Not Present	Patched applied from about:blank
23.3	xpdf (3.02)	Resolved	Code Not Present	Patched applied from about:blank
23.2.1	xpdf (3.02)	Resolved	Code Not Present	Patched applied from about:blank
23.2	xpdf (3.02)	Resolved	Code Not Present	Patched applied from about:blank
23.1	xpdf (3.02)	Resolved	Code Not Present	Patched applied from about:blank

Severity score breakdown

References

NVD
MITRE