Launchpad.net

CVE 2009-0146

Multiple buffer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allow remote attackers to cause a denial of service (crash) via a crafted PDF file, related to (1) JBIG2SymbolDict::setBitmap and (2) JBIG2Stream::readSymbolDictSeg.

Related bugs and status

CVE-2009-0146 (Candidate) is related to these bugs:

Bug #361875: FreezeException for poppler (12 different CVE numbers)

Summary				In	Importance	Status
	361875	FreezeException for poppler (12 different CVE numbers)		poppler (Ubuntu)	Medium	Fix Released

See the

CVE page on Mitre.org for more details.

References

CONFIRM: http://bugs.gentoo.org...
CONFIRM: https://bugzilla.redha...
REDHAT: RHSA-2009:0430
SECUNIA: 34755
CONFIRM: http://wiki.rpath.com/...
REDHAT: RHSA-2009:0429
REDHAT: RHSA-2009:0431
SUSE: SUSE-SA:2009:024
BID: 34568
SECTRACK: 1022073
SECUNIA: 34291
SECUNIA: 34481
SECUNIA: 34852
VUPEN: ADV-2009-1065
VUPEN: ADV-2009-1066
VUPEN: ADV-2009-1077
CONFIRM: http://wiki.rpath.com/...
GENTOO: GLSA-200904-20
SECUNIA: 34756
MANDRIVA: MDVSA-2009:101
DEBIAN: DSA-1790
SECUNIA: 34959
REDHAT: RHSA-2009:0458
SECUNIA: 34963
SECUNIA: 35037
SUSE: SUSE-SR:2009:010
SECUNIA: 35065
CONFIRM: http://support.apple.c...
APPLE: APPLE-SA-2009-05-12
REDHAT: RHSA-2009:0480
CERT: TA09-133A
SECUNIA: 35074
VUPEN: ADV-2009-1297
DEBIAN: DSA-1793
SECUNIA: 34991
SECUNIA: 35064
CONFIRM: http://support.apple.c...
APPLE: APPLE-SA-2009-06-17-1
VUPEN: ADV-2009-1621
SUSE: SUSE-SR:2009:012
FEDORA: FEDORA-2009-6973
FEDORA: FEDORA-2009-6982
SECUNIA: 35618
SECUNIA: 35685
FEDORA: FEDORA-2009-6972
MANDRIVA: MDVSA-2010:087
VUPEN: ADV-2010-1040
SLACKWARE: SSA:2009-129-01
OVAL: oval:org.mitre.oval:de...
BUGTRAQ: 20090417 rPSA-2009-005...
BUGTRAQ: 20090417 rPSA-2009-006...