var-200906-0618
Vulnerability from variot
Multiple integer overflows in Xpdf 2.x and 3.x and Poppler 0.x, as used in the pdftops filter in CUPS 1.1.17, 1.1.22, and 1.3.7, GPdf, and kdegraphics KPDF, allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF file that triggers a heap-based buffer overflow, possibly related to (1) Decrypt.cxx, (2) FoFiTrueType.cxx, (3) gmem.c, (4) JBIG2Stream.cxx, and (5) PSOutputDev.cxx in pdftops/. NOTE: the JBIG2Stream.cxx vector may overlap CVE-2009-1179. CUPS of pdftops The filter includes PDF Insufficient service operation due to incomplete file processing (DoS) Vulnerabilities exist that could be exploited or arbitrary code executed.Crafted by a third party PDF Service operation disrupted by file (DoS) May be executed, or arbitrary code may be executed. CUPS is prone to multiple heap-based buffer-overflow vulnerabilities because it fails to properly bounds-check user-supplied input before copying it into a finite-sized buffer. Exploiting these issues may allow remote attackers to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely cause denial-of-service conditions. Xpdf is an open source viewer for Portable Document Format (PDF) files. NOTE: This may override CVE-2009-0791. (CVE-2009-0791). (CVE-2009-1709).
This update provides a solution to this vulnerability. (CVE-2009-0163)
Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, as used in Poppler and other products, when running on Mac OS X, has unspecified impact, related to g*allocn. (CVE-2009-0800)
The ippReadIO function in cups/ipp.c in cupsd in CUPS before 1.3.10 does not properly initialize memory for IPP request packets, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a scheduler request with two consecutive IPP_TAG_UNSUPPORTED tags. (CVE-2009-1183)
Two integer overflow flaws were found in the CUPS pdftops filter. An attacker could create a malicious PDF file that would cause pdftops to crash or, potentially, execute arbitrary code as the lp user if the file was printed. (CVE-2009-3608, CVE-2009-3609)
This update corrects the problems.
Update:
Packages for 2008.0 are being provided due to extended support for Corporate products.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0146 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0147 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0163 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0165 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0166 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0195 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0791 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0799 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0800 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0949 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1179 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1180 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1181 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1182 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1183 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3608 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3609
Updated Packages:
Mandriva Linux 2008.0: 6b17f59f63c062c017c78d459dd2d89a 2008.0/i586/cups-1.3.10-0.1mdv2008.0.i586.rpm 9bc5298d9895c356227fdda3a0ddb2c0 2008.0/i586/cups-common-1.3.10-0.1mdv2008.0.i586.rpm e3583883df8532fc8c496866dac713f8 2008.0/i586/cups-serial-1.3.10-0.1mdv2008.0.i586.rpm fac1fcb839ad53322a447d4d39f769e3 2008.0/i586/libcups2-1.3.10-0.1mdv2008.0.i586.rpm 3d65afc590fb8520d68b2a3e8e1da696 2008.0/i586/libcups2-devel-1.3.10-0.1mdv2008.0.i586.rpm 9e09ed22a2522ee45e93e0edc146193f 2008.0/i586/libpoppler2-0.6-3.5mdv2008.0.i586.rpm 7427b1f56387e84db5a15aad85b424d2 2008.0/i586/libpoppler-devel-0.6-3.5mdv2008.0.i586.rpm 67937a584d365d6b00ef688c88e8d7c5 2008.0/i586/libpoppler-glib2-0.6-3.5mdv2008.0.i586.rpm 410dc85c2c7b71ab316be5607c556682 2008.0/i586/libpoppler-glib-devel-0.6-3.5mdv2008.0.i586.rpm 64d6e14be8d93c7651ce5dc3e2ebc5bf 2008.0/i586/libpoppler-qt2-0.6-3.5mdv2008.0.i586.rpm cc9af7e314b6eaa6a8f946fa2c27f298 2008.0/i586/libpoppler-qt4-2-0.6-3.5mdv2008.0.i586.rpm 0c6d3a6b5211e8506a89144b8c3a3cfb 2008.0/i586/libpoppler-qt4-devel-0.6-3.5mdv2008.0.i586.rpm c985516638ed4d8f792daa13bd506023 2008.0/i586/libpoppler-qt-devel-0.6-3.5mdv2008.0.i586.rpm 8d05619dcef538092696ce70998abd20 2008.0/i586/php-cups-1.3.10-0.1mdv2008.0.i586.rpm 0bae2a3525b796882d2cc87853945e5a 2008.0/i586/poppler-0.6-3.5mdv2008.0.i586.rpm f3b53f5fafa8af4d754a5985e5f93830 2008.0/SRPMS/cups-1.3.10-0.1mdv2008.0.src.rpm 11b021f4e5d21d199728b9a0a37a8230 2008.0/SRPMS/poppler-0.6-3.5mdv2008.0.src.rpm
Mandriva Linux 2008.0/X86_64: 8249475feb3bdc74ea7060944baed6aa 2008.0/x86_64/cups-1.3.10-0.1mdv2008.0.x86_64.rpm 83951504acb783cfdb8ec4fe48d31e1e 2008.0/x86_64/cups-common-1.3.10-0.1mdv2008.0.x86_64.rpm fa8a91e8e3bc8f11c19ab460d1f690fe 2008.0/x86_64/cups-serial-1.3.10-0.1mdv2008.0.x86_64.rpm e061fdbeded2d97bb3ca6b34d33cb384 2008.0/x86_64/lib64cups2-1.3.10-0.1mdv2008.0.x86_64.rpm 893235ea8cf23295ae961ea2de0b9903 2008.0/x86_64/lib64cups2-devel-1.3.10-0.1mdv2008.0.x86_64.rpm 9844640563afdef4a870e2ed12e58136 2008.0/x86_64/lib64poppler2-0.6-3.5mdv2008.0.x86_64.rpm 06ea824a6a2cd9360a9e75a14718192a 2008.0/x86_64/lib64poppler-devel-0.6-3.5mdv2008.0.x86_64.rpm bb0eb04fa906a352e6738d08f116f89b 2008.0/x86_64/lib64poppler-glib2-0.6-3.5mdv2008.0.x86_64.rpm 43d6a85dfdad7e969655ee4e2a377370 2008.0/x86_64/lib64poppler-glib-devel-0.6-3.5mdv2008.0.x86_64.rpm eef29dde4b9e80d4c360e953cbe9110b 2008.0/x86_64/lib64poppler-qt2-0.6-3.5mdv2008.0.x86_64.rpm c74dc9f245091f451441d8b88f0beed3 2008.0/x86_64/lib64poppler-qt4-2-0.6-3.5mdv2008.0.x86_64.rpm 60345458274afc6ff480317fc408ec52 2008.0/x86_64/lib64poppler-qt4-devel-0.6-3.5mdv2008.0.x86_64.rpm 0a880b9c0d655c10f5757882e30911f1 2008.0/x86_64/lib64poppler-qt-devel-0.6-3.5mdv2008.0.x86_64.rpm eb6fde793ac0d7ea86df42aa22637807 2008.0/x86_64/php-cups-1.3.10-0.1mdv2008.0.x86_64.rpm 7f475f07368ed9158008f2891dce2cd6 2008.0/x86_64/poppler-0.6-3.5mdv2008.0.x86_64.rpm f3b53f5fafa8af4d754a5985e5f93830 2008.0/SRPMS/cups-1.3.10-0.1mdv2008.0.src.rpm 11b021f4e5d21d199728b9a0a37a8230 2008.0/SRPMS/poppler-0.6-3.5mdv2008.0.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
iD8DBQFLHXsgmqjQ0CJFipgRAu1fAKCINX1H5StX89GjMDWzGrEM1UiHeACeMLSY a3mQtrfvoibfn29OFAfdSn0= =lTbL -----END PGP SIGNATURE-----
Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-200906-0618", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "cups", "scope": "eq", "trust": 1.6, "vendor": "apple", "version": "1.1.22" }, { "model": "cups", "scope": "eq", "trust": 1.6, "vendor": "apple", "version": "1.1.17" }, { "model": "cups", "scope": "eq", "trust": 1.6, "vendor": "apple", "version": "1.3.7" }, { "model": "cups", "scope": "eq", "trust": 0.8, "vendor": "cups", "version": "1.1.17" }, { "model": "cups", "scope": "eq", "trust": 0.8, "vendor": "cups", "version": "1.1.22" }, { "model": "cups", "scope": "eq", "trust": 0.8, "vendor": "cups", "version": "1.3.7" }, { "model": "asianux server", "scope": "eq", "trust": 0.8, "vendor": "cybertrust", "version": "2.0" }, { "model": "asianux server", "scope": "eq", "trust": 0.8, "vendor": "cybertrust", "version": "2.1" }, { "model": "asianux server", "scope": "eq", "trust": 0.8, "vendor": "cybertrust", "version": "3 (x86)" }, { "model": "asianux server", "scope": "eq", "trust": 0.8, "vendor": "cybertrust", "version": "3 (x86-64)" }, { "model": "asianux server", "scope": "eq", "trust": 0.8, "vendor": "cybertrust", "version": "3.0" }, { "model": "asianux server", "scope": "eq", "trust": 0.8, "vendor": "cybertrust", "version": "3.0 (x86-64)" }, { "model": "asianux server", "scope": "eq", "trust": 0.8, "vendor": "cybertrust", "version": "4.0" }, { "model": "asianux server", "scope": "eq", "trust": 0.8, "vendor": "cybertrust", "version": "4.0 (x86-64)" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "3 (as)" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "3 (es)" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "3 (ws)" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "4 (as)" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "4 (es)" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "4 (ws)" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "4.8 (as)" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "4.8 (es)" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "5 (server)" }, { "model": "enterprise linux desktop", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "3.0" }, { "model": "enterprise linux desktop", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "4.0" }, { "model": "enterprise linux desktop", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "5.0 (client)" }, { "model": "rhel desktop workstation", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "5 (client)" }, { "model": "rhel optional productivity applications", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "5 (server)" }, { "model": "rhel optional productivity applications eus", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "5.4.z (server)" }, { "model": "linux enterprise server sp3", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "9" }, { "model": "linux enterprise server", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "9" }, { "model": "linux enterprise server", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "11" }, { "model": "linux enterprise server sp3", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "10" }, { "model": "linux enterprise server sp2", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "10" }, { "model": "linux enterprise server sp1", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "10" }, { "model": "linux enterprise server", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "10" }, { "model": "linux enterprise desktop", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "11" }, { "model": "linux enterprise desktop sp3", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "10" }, { "model": "linux enterprise desktop sp2", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "10" }, { "model": "linux enterprise desktop sp1", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "10" }, { "model": "linux enterprise desktop", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "10" }, { "model": "linux enterprise", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "11" }, { "model": "opensuse", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "10.3" }, { "model": "opensuse", "scope": "eq", "trust": 0.3, "vendor": "s u s e", "version": "11.2" }, { "model": "opensuse", "scope": "eq", "trust": 0.3, "vendor": "s u s e", "version": "11.1" }, { "model": "opensuse", "scope": "eq", "trust": 0.3, "vendor": "s u s e", "version": "11.0" }, { "model": "enterprise linux ws", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "4" }, { "model": "enterprise linux ws", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "3" }, { "model": "enterprise linux optional productivity application server", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "5" }, { "model": "enterprise linux es", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "4" }, { "model": "enterprise linux es", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "3" }, { "model": "enterprise linux desktop workstation client", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "5" }, { "model": "enterprise linux desktop version", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "4" }, { "model": "desktop", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "4.0" }, { "model": "desktop", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "3.0" }, { "model": "hat enterprise linux desktop client", "scope": "eq", "trust": 0.3, "vendor": "red", "version": "5" }, { "model": "hat enterprise linux as", "scope": "eq", "trust": 0.3, "vendor": "red", "version": "4" }, { "model": "hat enterprise linux as", "scope": "eq", "trust": 0.3, "vendor": "red", "version": "3" }, { "model": "hat enterprise linux server", "scope": "eq", "trust": 0.3, "vendor": "red", "version": "5" }, { "model": "linux mandrake x86 64", "scope": "eq", "trust": 0.3, "vendor": "mandriva", "version": "2009.0" }, { "model": "linux mandrake", "scope": "eq", "trust": 0.3, "vendor": "mandriva", "version": "2009.0" }, { "model": "linux mandrake x86 64", "scope": "eq", "trust": 0.3, "vendor": "mandriva", "version": "2008.0" }, { "model": "linux mandrake", "scope": "eq", "trust": 0.3, "vendor": "mandriva", "version": "2008.0" }, { "model": "multi network firewall", "scope": "eq", "trust": 0.3, "vendor": "mandrakesoft", "version": "2.0" }, { "model": "enterprise server x86 64", "scope": "eq", "trust": 0.3, "vendor": "mandrakesoft", "version": "5" }, { "model": "enterprise server", "scope": "eq", "trust": 0.3, "vendor": "mandrakesoft", "version": "5" }, { "model": "corporate server x86 64", "scope": "eq", "trust": 0.3, "vendor": "mandrakesoft", "version": "4.0" }, { "model": "corporate server x86 64", "scope": "eq", "trust": 0.3, "vendor": "mandrakesoft", "version": "3.0" }, { "model": "corporate server", "scope": "eq", "trust": 0.3, "vendor": "mandrakesoft", "version": "3.0" }, { "model": "corporate server", "scope": "eq", "trust": 0.3, "vendor": "mandrakesoft", "version": "4.0" }, { "model": "kde", "scope": "eq", "trust": 0.3, "vendor": "kde", "version": "3.5.9" }, { "model": "kde", "scope": "eq", "trust": 0.3, "vendor": "kde", "version": "3.5.8" }, { "model": "kde", "scope": "eq", "trust": 0.3, "vendor": "kde", "version": "3.5.7" }, { "model": "kde", "scope": "eq", "trust": 0.3, "vendor": "kde", "version": "3.5.6" }, { "model": "kde", "scope": "eq", "trust": 0.3, "vendor": "kde", "version": "3.5.5" }, { "model": "kde", "scope": "eq", "trust": 0.3, "vendor": "kde", "version": "3.5.4" }, { "model": "kde", "scope": "eq", "trust": 0.3, "vendor": "kde", "version": "3.5.3" }, { "model": "kde", "scope": "eq", "trust": 0.3, "vendor": "kde", "version": "3.5.2" }, { "model": "kde", "scope": "eq", "trust": 0.3, "vendor": "kde", "version": "3.5.1" }, { "model": "kde", "scope": "eq", "trust": 0.3, "vendor": "kde", "version": "3.5" }, { "model": "kde", "scope": "eq", "trust": 0.3, "vendor": "kde", "version": "3.4.3" }, { "model": "kde", "scope": "eq", "trust": 0.3, "vendor": "kde", "version": "3.4.2" }, { "model": "kde", "scope": "eq", "trust": 0.3, "vendor": "kde", "version": "3.4.1" }, { "model": "kde", "scope": "eq", "trust": 0.3, "vendor": "kde", "version": "3.4" }, { "model": "kde", "scope": "eq", "trust": 0.3, "vendor": "kde", "version": "3.3.2" }, { "model": "kde", "scope": "eq", "trust": 0.3, "vendor": "kde", "version": "3.3.1" }, { "model": "kde", "scope": "eq", "trust": 0.3, "vendor": "kde", "version": "3.3" }, { "model": "kde", "scope": "eq", "trust": 0.3, "vendor": "kde", "version": "3.2.3" }, { "model": "kde", "scope": "eq", "trust": 0.3, "vendor": "kde", "version": "3.2.2" }, { "model": "kde", "scope": "eq", "trust": 0.3, "vendor": "kde", "version": "3.2.1" }, { "model": "kde", "scope": "eq", "trust": 0.3, "vendor": "kde", "version": "3.2" }, { "model": "kde", "scope": "eq", "trust": 0.3, "vendor": "kde", "version": "3.1.5" }, { "model": "kde", "scope": "eq", "trust": 0.3, "vendor": "kde", "version": "3.1.4" }, { "model": "kde", "scope": "eq", "trust": 0.3, "vendor": "kde", "version": "3.1.3" }, { "model": "kde", "scope": "eq", "trust": 0.3, "vendor": "kde", "version": "3.1.2" }, { "model": "a", "scope": "eq", "trust": 0.3, "vendor": "kde", "version": "3.1.1" }, { "model": "kde", "scope": "eq", "trust": 0.3, "vendor": "kde", "version": "3.1.1" }, { "model": "kde", "scope": "eq", "trust": 0.3, "vendor": "kde", "version": "3.1" }, { "model": "b", "scope": "eq", "trust": 0.3, "vendor": "kde", "version": "3.0.5" }, { "model": "a", "scope": "eq", "trust": 0.3, "vendor": "kde", "version": "3.0.5" }, { "model": "kde", "scope": "eq", "trust": 0.3, "vendor": "kde", "version": "3.0.5" }, { "model": "kde", "scope": "eq", "trust": 0.3, "vendor": "kde", "version": "3.0.4" }, { "model": "a", "scope": "eq", "trust": 0.3, "vendor": "kde", "version": "3.0.3" }, { "model": "kde", "scope": "eq", "trust": 0.3, "vendor": "kde", "version": "3.0.3" }, { "model": "kde", "scope": "eq", "trust": 0.3, "vendor": "kde", "version": "3.0.2" }, { "model": "kde", "scope": "eq", "trust": 0.3, "vendor": "kde", "version": "3.0.1" }, { "model": "kde", "scope": "eq", "trust": 0.3, "vendor": "kde", "version": "3.0" }, { "model": "software products cups", "scope": "eq", "trust": 0.3, "vendor": "easy", "version": "1.1.22" }, { "model": "software products cups", "scope": "eq", "trust": 0.3, "vendor": "easy", "version": "1.1.21" }, { "model": "software products cups", "scope": "eq", "trust": 0.3, "vendor": "easy", "version": "1.1.20" }, { "model": "software products cups rc5", "scope": "eq", "trust": 0.3, "vendor": "easy", "version": "1.1.19" }, { "model": "software products cups", "scope": "eq", "trust": 0.3, "vendor": "easy", "version": "1.1.19" }, { "model": "software products cups", "scope": "eq", "trust": 0.3, "vendor": "easy", "version": "1.1.18" }, { "model": "software products cups", "scope": "eq", "trust": 0.3, "vendor": "easy", "version": "1.1.17" }, { "model": "proactive contact", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "4.1" }, { "model": "proactive contact", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "4.0" }, { "model": "message networking mn", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "3.1" }, { "model": "message networking", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "3.1" }, { "model": "message networking", "scope": null, "trust": 0.3, "vendor": "avaya", "version": null } ], "sources": [ { "db": "BID", "id": "35195" }, { "db": "JVNDB", "id": "JVNDB-2009-001734" }, { "db": "CNNVD", "id": "CNNVD-200906-119" }, { "db": "NVD", "id": "CVE-2009-0791" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "cpe_match": [ { "cpe22Uri": "cpe:/a:cups:cups", "vulnerable": true }, { "cpe22Uri": "cpe:/o:misc:miraclelinux_asianux_server", "vulnerable": true }, { "cpe22Uri": "cpe:/o:redhat:enterprise_linux", "vulnerable": true }, { "cpe22Uri": "cpe:/o:redhat:enterprise_linux_desktop", "vulnerable": true }, { "cpe22Uri": "cpe:/o:redhat:rhel_desktop_workstation", "vulnerable": true }, { "cpe22Uri": "cpe:/a:redhat:rhel_optional_productivity_applications", "vulnerable": true }, { "cpe22Uri": "cpe:/a:redhat:rhel_optional_productivity_applications_eus", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2009-001734" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Mandriva", "sources": [ { "db": "PACKETSTORM", "id": "83975" }, { "db": "PACKETSTORM", "id": "82086" }, { "db": "PACKETSTORM", "id": "82088" }, { "db": "PACKETSTORM", "id": "83707" }, { "db": "PACKETSTORM", "id": "82087" }, { "db": "PACKETSTORM", "id": "83554" } ], "trust": 0.6 }, "cve": "CVE-2009-0791", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "nvd@nist.gov", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 8.6, "id": "CVE-2009-0791", "impactScore": 6.4, "integrityImpact": "PARTIAL", "severity": "MEDIUM", "trust": 1.9, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 8.6, "id": "VHN-38237", "impactScore": 6.4, "integrityImpact": "PARTIAL", "severity": "MEDIUM", "trust": 0.1, "vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P", "version": "2.0" } ], "cvssV3": [], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2009-0791", "trust": 1.0, "value": "MEDIUM" }, { "author": "NVD", "id": "CVE-2009-0791", "trust": 0.8, "value": "Medium" }, { "author": "CNNVD", "id": "CNNVD-200906-119", "trust": 0.6, "value": "MEDIUM" }, { "author": "VULHUB", "id": "VHN-38237", "trust": 0.1, "value": "MEDIUM" }, { "author": "VULMON", "id": "CVE-2009-0791", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "VULHUB", "id": "VHN-38237" }, { "db": "VULMON", "id": "CVE-2009-0791" }, { "db": "JVNDB", "id": "JVNDB-2009-001734" }, { "db": "CNNVD", "id": "CNNVD-200906-119" }, { "db": "NVD", "id": "CVE-2009-0791" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Multiple integer overflows in Xpdf 2.x and 3.x and Poppler 0.x, as used in the pdftops filter in CUPS 1.1.17, 1.1.22, and 1.3.7, GPdf, and kdegraphics KPDF, allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF file that triggers a heap-based buffer overflow, possibly related to (1) Decrypt.cxx, (2) FoFiTrueType.cxx, (3) gmem.c, (4) JBIG2Stream.cxx, and (5) PSOutputDev.cxx in pdftops/. NOTE: the JBIG2Stream.cxx vector may overlap CVE-2009-1179. CUPS of pdftops The filter includes PDF Insufficient service operation due to incomplete file processing (DoS) Vulnerabilities exist that could be exploited or arbitrary code executed.Crafted by a third party PDF Service operation disrupted by file (DoS) May be executed, or arbitrary code may be executed. CUPS is prone to multiple heap-based buffer-overflow vulnerabilities because it fails to properly bounds-check user-supplied input before copying it into a finite-sized buffer. \nExploiting these issues may allow remote attackers to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely cause denial-of-service conditions. Xpdf is an open source viewer for Portable Document Format (PDF) files. NOTE: This may override CVE-2009-0791. (CVE-2009-0791). (CVE-2009-1709). \n \n This update provides a solution to this vulnerability. (CVE-2009-0163)\n \n Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier,\n as used in Poppler and other products, when running on Mac OS X,\n has unspecified impact, related to g*allocn. (CVE-2009-0800)\n \n The ippReadIO function in cups/ipp.c in cupsd in CUPS before 1.3.10\n does not properly initialize memory for IPP request packets, which\n allows remote attackers to cause a denial of service (NULL pointer\n dereference and daemon crash) via a scheduler request with two\n consecutive IPP_TAG_UNSUPPORTED tags. (CVE-2009-1183)\n \n Two integer overflow flaws were found in the CUPS pdftops filter. An\n attacker could create a malicious PDF file that would cause pdftops\n to crash or, potentially, execute arbitrary code as the lp user if\n the file was printed. (CVE-2009-3608, CVE-2009-3609)\n \n This update corrects the problems. \n\n Update:\n\n Packages for 2008.0 are being provided due to extended support for\n Corporate products. \n _______________________________________________________________________\n\n References:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0146\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0147\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0163\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0165\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0166\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0195\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0791\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0799\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0800\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0949\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1179\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1180\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1181\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1182\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1183\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3608\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3609\n _______________________________________________________________________\n\n Updated Packages:\n\n Mandriva Linux 2008.0:\n 6b17f59f63c062c017c78d459dd2d89a 2008.0/i586/cups-1.3.10-0.1mdv2008.0.i586.rpm\n 9bc5298d9895c356227fdda3a0ddb2c0 2008.0/i586/cups-common-1.3.10-0.1mdv2008.0.i586.rpm\n e3583883df8532fc8c496866dac713f8 2008.0/i586/cups-serial-1.3.10-0.1mdv2008.0.i586.rpm\n fac1fcb839ad53322a447d4d39f769e3 2008.0/i586/libcups2-1.3.10-0.1mdv2008.0.i586.rpm\n 3d65afc590fb8520d68b2a3e8e1da696 2008.0/i586/libcups2-devel-1.3.10-0.1mdv2008.0.i586.rpm\n 9e09ed22a2522ee45e93e0edc146193f 2008.0/i586/libpoppler2-0.6-3.5mdv2008.0.i586.rpm\n 7427b1f56387e84db5a15aad85b424d2 2008.0/i586/libpoppler-devel-0.6-3.5mdv2008.0.i586.rpm\n 67937a584d365d6b00ef688c88e8d7c5 2008.0/i586/libpoppler-glib2-0.6-3.5mdv2008.0.i586.rpm\n 410dc85c2c7b71ab316be5607c556682 2008.0/i586/libpoppler-glib-devel-0.6-3.5mdv2008.0.i586.rpm\n 64d6e14be8d93c7651ce5dc3e2ebc5bf 2008.0/i586/libpoppler-qt2-0.6-3.5mdv2008.0.i586.rpm\n cc9af7e314b6eaa6a8f946fa2c27f298 2008.0/i586/libpoppler-qt4-2-0.6-3.5mdv2008.0.i586.rpm\n 0c6d3a6b5211e8506a89144b8c3a3cfb 2008.0/i586/libpoppler-qt4-devel-0.6-3.5mdv2008.0.i586.rpm\n c985516638ed4d8f792daa13bd506023 2008.0/i586/libpoppler-qt-devel-0.6-3.5mdv2008.0.i586.rpm\n 8d05619dcef538092696ce70998abd20 2008.0/i586/php-cups-1.3.10-0.1mdv2008.0.i586.rpm\n 0bae2a3525b796882d2cc87853945e5a 2008.0/i586/poppler-0.6-3.5mdv2008.0.i586.rpm \n f3b53f5fafa8af4d754a5985e5f93830 2008.0/SRPMS/cups-1.3.10-0.1mdv2008.0.src.rpm\n 11b021f4e5d21d199728b9a0a37a8230 2008.0/SRPMS/poppler-0.6-3.5mdv2008.0.src.rpm\n\n Mandriva Linux 2008.0/X86_64:\n 8249475feb3bdc74ea7060944baed6aa 2008.0/x86_64/cups-1.3.10-0.1mdv2008.0.x86_64.rpm\n 83951504acb783cfdb8ec4fe48d31e1e 2008.0/x86_64/cups-common-1.3.10-0.1mdv2008.0.x86_64.rpm\n fa8a91e8e3bc8f11c19ab460d1f690fe 2008.0/x86_64/cups-serial-1.3.10-0.1mdv2008.0.x86_64.rpm\n e061fdbeded2d97bb3ca6b34d33cb384 2008.0/x86_64/lib64cups2-1.3.10-0.1mdv2008.0.x86_64.rpm\n 893235ea8cf23295ae961ea2de0b9903 2008.0/x86_64/lib64cups2-devel-1.3.10-0.1mdv2008.0.x86_64.rpm\n 9844640563afdef4a870e2ed12e58136 2008.0/x86_64/lib64poppler2-0.6-3.5mdv2008.0.x86_64.rpm\n 06ea824a6a2cd9360a9e75a14718192a 2008.0/x86_64/lib64poppler-devel-0.6-3.5mdv2008.0.x86_64.rpm\n bb0eb04fa906a352e6738d08f116f89b 2008.0/x86_64/lib64poppler-glib2-0.6-3.5mdv2008.0.x86_64.rpm\n 43d6a85dfdad7e969655ee4e2a377370 2008.0/x86_64/lib64poppler-glib-devel-0.6-3.5mdv2008.0.x86_64.rpm\n eef29dde4b9e80d4c360e953cbe9110b 2008.0/x86_64/lib64poppler-qt2-0.6-3.5mdv2008.0.x86_64.rpm\n c74dc9f245091f451441d8b88f0beed3 2008.0/x86_64/lib64poppler-qt4-2-0.6-3.5mdv2008.0.x86_64.rpm\n 60345458274afc6ff480317fc408ec52 2008.0/x86_64/lib64poppler-qt4-devel-0.6-3.5mdv2008.0.x86_64.rpm\n 0a880b9c0d655c10f5757882e30911f1 2008.0/x86_64/lib64poppler-qt-devel-0.6-3.5mdv2008.0.x86_64.rpm\n eb6fde793ac0d7ea86df42aa22637807 2008.0/x86_64/php-cups-1.3.10-0.1mdv2008.0.x86_64.rpm\n 7f475f07368ed9158008f2891dce2cd6 2008.0/x86_64/poppler-0.6-3.5mdv2008.0.x86_64.rpm \n f3b53f5fafa8af4d754a5985e5f93830 2008.0/SRPMS/cups-1.3.10-0.1mdv2008.0.src.rpm\n 11b021f4e5d21d199728b9a0a37a8230 2008.0/SRPMS/poppler-0.6-3.5mdv2008.0.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.9 (GNU/Linux)\n\niD8DBQFLHXsgmqjQ0CJFipgRAu1fAKCINX1H5StX89GjMDWzGrEM1UiHeACeMLSY\na3mQtrfvoibfn29OFAfdSn0=\n=lTbL\n-----END PGP SIGNATURE-----\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n", "sources": [ { "db": "NVD", "id": "CVE-2009-0791" }, { "db": "JVNDB", "id": "JVNDB-2009-001734" }, { "db": "BID", "id": "35195" }, { "db": "VULHUB", "id": "VHN-38237" }, { "db": "VULMON", "id": "CVE-2009-0791" }, { "db": "PACKETSTORM", "id": "83975" }, { "db": "PACKETSTORM", "id": "82086" }, { "db": "PACKETSTORM", "id": "82088" }, { "db": "PACKETSTORM", "id": "83707" }, { "db": "PACKETSTORM", "id": "82087" }, { "db": "PACKETSTORM", "id": "83554" } ], "trust": 2.61 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2009-0791", "trust": 3.5 }, { "db": "BID", "id": "35195", "trust": 2.9 }, { "db": "SECUNIA", "id": "35340", "trust": 2.6 }, { "db": "SECTRACK", "id": "1022326", "trust": 2.6 }, { "db": "VUPEN", "id": "ADV-2009-1488", "trust": 2.6 }, { "db": "SECUNIA", "id": "37037", "trust": 1.8 }, { "db": "SECUNIA", "id": "35685", "trust": 1.8 }, { "db": "SECUNIA", "id": "37023", "trust": 1.8 }, { "db": "SECUNIA", "id": "37043", "trust": 1.8 }, { "db": "SECUNIA", "id": "37028", "trust": 1.8 }, { "db": "SECUNIA", "id": "37079", "trust": 1.8 }, { "db": "SECUNIA", "id": "37077", "trust": 1.8 }, { "db": "VUPEN", "id": "ADV-2009-2928", "trust": 1.8 }, { "db": "XF", "id": "50941", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2009-001734", "trust": 0.8 }, { "db": "CNNVD", "id": "CNNVD-200906-119", "trust": 0.6 }, { "db": "PACKETSTORM", "id": "83975", "trust": 0.2 }, { "db": "VULHUB", "id": "VHN-38237", "trust": 0.1 }, { "db": "VULMON", "id": "CVE-2009-0791", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "82086", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "82088", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "83707", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "82087", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "83554", "trust": 0.1 } ], "sources": [ { "db": "VULHUB", "id": "VHN-38237" }, { "db": "VULMON", "id": "CVE-2009-0791" }, { "db": "BID", "id": "35195" }, { "db": "JVNDB", "id": "JVNDB-2009-001734" }, { "db": "PACKETSTORM", "id": "83975" }, { "db": "PACKETSTORM", "id": "82086" }, { "db": "PACKETSTORM", "id": "82088" }, { "db": "PACKETSTORM", "id": "83707" }, { "db": "PACKETSTORM", "id": "82087" }, { "db": "PACKETSTORM", "id": "83554" }, { "db": "CNNVD", "id": "CNNVD-200906-119" }, { "db": "NVD", "id": "CVE-2009-0791" } ] }, "id": "VAR-200906-0618", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VULHUB", "id": "VHN-38237" } ], "trust": 0.01 }, "last_update_date": "2024-11-29T20:50:56.836000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "kdegraphics-3.5.5-3.5AXS3", "trust": 0.8, "url": "https://tsn.miraclelinux.com/tsn_local/index.php?m=errata\u0026a=detail\u0026eid=766" }, { "title": "tetex-3.0-33.8.5.0.1.AXS3", "trust": 0.8, "url": "https://tsn.miraclelinux.com/tsn_local/index.php?m=errata\u0026a=detail\u0026eid=1040" }, { "title": "Top Page", "trust": 0.8, "url": "http://www.cups.org/" }, { "title": "1803", "trust": 0.8, "url": "http://www.miraclelinux.com/support/index.php?q=node/99\u0026errata_id=1803" }, { "title": "2060", "trust": 0.8, "url": "http://www.miraclelinux.com/support/index.php?q=node/99\u0026errata_id=2060" }, { "title": "1805", "trust": 0.8, "url": "http://www.miraclelinux.com/support/index.php?q=node/99\u0026errata_id=1805" }, { "title": "1729", "trust": 0.8, "url": "http://www.miraclelinux.com/support/index.php?q=node/99\u0026errata_id=1729" }, { "title": "2059", "trust": 0.8, "url": "http://www.miraclelinux.com/support/index.php?q=node/99\u0026errata_id=2059" }, { "title": "RHSA-2010:0399", "trust": 0.8, "url": "https://rhn.redhat.com/errata/RHSA-2010-0399.html" }, { "title": "RHSA-2009:1503", "trust": 0.8, "url": "https://rhn.redhat.com/errata/RHSA-2009-1503.html" }, { "title": "RHSA-2010:0400", "trust": 0.8, "url": "https://rhn.redhat.com/errata/RHSA-2010-0400.html" }, { "title": "RHSA-2009:1500", "trust": 0.8, "url": "https://rhn.redhat.com/errata/RHSA-2009-1500.html" }, { "title": "RHSA-2010:0401", "trust": 0.8, "url": "https://rhn.redhat.com/errata/RHSA-2010-0401.html" }, { "title": "RHSA-2009:1501", "trust": 0.8, "url": "https://rhn.redhat.com/errata/RHSA-2009-1501.html" }, { "title": "RHSA-2009:1502", "trust": 0.8, "url": "https://rhn.redhat.com/errata/RHSA-2009-1502.html" }, { "title": "RHSA-2009:1512", "trust": 0.8, "url": "https://rhn.redhat.com/errata/RHSA-2009-1512.html" }, { "title": "RHSA-2009:1083", "trust": 0.8, "url": "https://rhn.redhat.com/errata/RHSA-2009-1083.html" }, { "title": "RHSA-2009:1512", "trust": 0.8, "url": "https://www.jp.redhat.com/support/errata/RHSA/RHSA-2009-1512J.html" }, { "title": "RHSA-2009:1083", "trust": 0.8, "url": "https://www.jp.redhat.com/support/errata/RHSA/RHSA-2009-1083J.html" }, { "title": "RHSA-2009:1503", "trust": 0.8, "url": "https://www.jp.redhat.com/support/errata/RHSA/RHSA-2009-1503J.html" }, { "title": "RHSA-2009:1500", "trust": 0.8, "url": "https://www.jp.redhat.com/support/errata/RHSA/RHSA-2009-1500J.html" }, { "title": "RHSA-2009:1501", "trust": 0.8, "url": "https://www.jp.redhat.com/support/errata/RHSA/RHSA-2009-1501J.html" }, { "title": "RHSA-2009:1502", "trust": 0.8, "url": "https://www.jp.redhat.com/support/errata/RHSA/RHSA-2009-1502J.html" }, { "title": "XPDF Fixes for digital error vulnerabilities", "trust": 0.6, "url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=223675" }, { "title": "Red Hat: Important: cups security update", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20091083 - Security Advisory" }, { "title": "Debian CVElist Bug Report Logs: cupsys: CVE-2009-0791 integer overflow vulnerabilities", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=22c7db924de15c5764c0ff045606eb1e" }, { "title": "Red Hat: Important: poppler security update", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20090480 - Security Advisory" }, { "title": "CVE-T4PDF\nTable of contents\nList of CVEs\nList of Techniques", "trust": 0.1, "url": "https://github.com/0xCyberY/CVE-T4PDF " } ], "sources": [ { "db": "VULMON", "id": "CVE-2009-0791" }, { "db": "JVNDB", "id": "JVNDB-2009-001734" }, { "db": "CNNVD", "id": "CNNVD-200906-119" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-189", "trust": 1.9 } ], "sources": [ { "db": "VULHUB", "id": "VHN-38237" }, { "db": "JVNDB", "id": "JVNDB-2009-001734" }, { "db": "NVD", "id": "CVE-2009-0791" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.6, "url": "http://securitytracker.com/id?1022326" }, { "trust": 2.6, "url": "http://www.securityfocus.com/bid/35195" }, { "trust": 2.6, "url": "http://secunia.com/advisories/35340" }, { "trust": 2.6, "url": "http://www.vupen.com/english/advisories/2009/1488" }, { "trust": 2.1, "url": "https://bugzilla.redhat.com/show_bug.cgi?id=491840" }, { "trust": 1.8, "url": "http://secunia.com/advisories/35685" }, { "trust": 1.8, "url": "http://secunia.com/advisories/37023" }, { "trust": 1.8, "url": "http://secunia.com/advisories/37028" }, { "trust": 1.8, "url": "http://secunia.com/advisories/37037" }, { "trust": 1.8, "url": "http://secunia.com/advisories/37043" }, { "trust": 1.8, "url": "http://secunia.com/advisories/37077" }, { "trust": 1.8, "url": "http://secunia.com/advisories/37079" }, { "trust": 1.8, "url": "http://www.vupen.com/english/advisories/2009/2928" }, { "trust": 1.8, "url": "http://www.mandriva.com/security/advisories?name=mdvsa-2009:334" }, { "trust": 1.8, "url": "http://www.redhat.com/support/errata/rhsa-2009-1083.html" }, { "trust": 1.8, "url": "https://rhn.redhat.com/errata/rhsa-2009-1500.html" }, { "trust": 1.8, "url": "https://rhn.redhat.com/errata/rhsa-2009-1501.html" }, { "trust": 1.8, "url": "https://rhn.redhat.com/errata/rhsa-2009-1502.html" }, { "trust": 1.8, "url": "https://rhn.redhat.com/errata/rhsa-2009-1503.html" }, { "trust": 1.8, "url": "https://rhn.redhat.com/errata/rhsa-2009-1512.html" }, { "trust": 1.8, "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html" }, { "trust": 1.8, "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50941" }, { "trust": 1.8, "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a10534" }, { "trust": 1.4, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0791" }, { "trust": 0.8, "url": "http://xforce.iss.net/xforce/xfdb/50941" }, { "trust": 0.8, "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-0791" }, { "trust": 0.7, "url": "https://access.redhat.com/errata/rhsa-2009:1083" }, { "trust": 0.6, "url": "https://nvd.nist.gov/vuln/detail/cve-2009-0791" }, { "trust": 0.6, "url": "http://www.mandriva.com/security/" }, { "trust": 0.6, "url": "http://www.mandriva.com/security/advisories" }, { "trust": 0.6, "url": "https://access.redhat.com/errata/rhsa-2009:0480" }, { "trust": 0.6, "url": "https://access.redhat.com/errata/rhsa-2009:1501" }, { "trust": 0.6, "url": "https://access.redhat.com/errata/rhsa-2009:1500" }, { "trust": 0.6, "url": "https://access.redhat.com/errata/rhsa-2010:0400" }, { "trust": 0.6, "url": "https://access.redhat.com/errata/rhsa-2010:0401" }, { "trust": 0.6, "url": "https://access.redhat.com/errata/rhsa-2009:1503" }, { "trust": 0.6, "url": "https://access.redhat.com/errata/rhsa-2009:1502" }, { "trust": 0.6, "url": "https://access.redhat.com/security/cve/cve-2009-0791" }, { "trust": 0.6, "url": "https://access.redhat.com/errata/rhsa-2009:1512" }, { "trust": 0.6, "url": "https://access.redhat.com/errata/rhsa-2010:0399" }, { "trust": 0.5, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3609" }, { "trust": 0.5, "url": "https://nvd.nist.gov/vuln/detail/cve-2009-3609" }, { "trust": 0.5, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3608" }, { "trust": 0.5, "url": "https://nvd.nist.gov/vuln/detail/cve-2009-3608" }, { "trust": 0.5, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0147" }, { "trust": 0.5, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0166" }, { "trust": 0.5, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0146" }, { "trust": 0.5, "url": "https://nvd.nist.gov/vuln/detail/cve-2009-0166" }, { "trust": 0.5, "url": "https://nvd.nist.gov/vuln/detail/cve-2009-0147" }, { "trust": 0.5, "url": "https://nvd.nist.gov/vuln/detail/cve-2009-0146" }, { "trust": 0.4, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0163" }, { "trust": 0.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2009-0163" }, { "trust": 0.4, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0949" }, { "trust": 0.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2009-0949" }, { "trust": 0.3, "url": "http://support.avaya.com/elmodocs2/security/asa-2009-227.htm" }, { "trust": 0.3, "url": "http://www.cups.org" }, { "trust": 0.3, "url": "https://nvd.nist.gov/vuln/detail/cve-2009-0165" }, { "trust": 0.3, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0165" }, { "trust": 0.3, "url": "https://nvd.nist.gov/vuln/detail/cve-2009-1180" }, { "trust": 0.3, "url": "https://nvd.nist.gov/vuln/detail/cve-2009-1179" }, { "trust": 0.3, "url": "https://nvd.nist.gov/vuln/detail/cve-2009-1182" }, { "trust": 0.3, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1181" }, { "trust": 0.3, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0800" }, { "trust": 0.3, "url": "https://nvd.nist.gov/vuln/detail/cve-2009-0799" }, { "trust": 0.3, "url": "https://nvd.nist.gov/vuln/detail/cve-2009-0195" }, { "trust": 0.3, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0799" }, { "trust": 0.3, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1180" }, { "trust": 0.3, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1183" }, { "trust": 0.3, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1182" }, { "trust": 0.3, "url": "https://nvd.nist.gov/vuln/detail/cve-2009-0800" }, { "trust": 0.3, "url": "https://nvd.nist.gov/vuln/detail/cve-2009-1181" }, { "trust": 0.3, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0195" }, { "trust": 0.3, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1179" }, { "trust": 0.3, "url": "https://nvd.nist.gov/vuln/detail/cve-2009-1183" }, { "trust": 0.1, "url": "https://cwe.mitre.org/data/definitions/189.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov" }, { "trust": 0.1, "url": "https://github.com/0xcybery/cve-t4pdf" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3605" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2009-3605" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1196" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2009-1196" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0945" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1709" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2009-1709" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2009-0945" }, { "trust": 0.1, "url": "http://secunia.com/" }, { "trust": 0.1, "url": "http://lists.grok.org.uk/full-disclosure-charter.html" } ], "sources": [ { "db": "VULHUB", "id": "VHN-38237" }, { "db": "VULMON", "id": "CVE-2009-0791" }, { "db": "BID", "id": "35195" }, { "db": "JVNDB", "id": "JVNDB-2009-001734" }, { "db": "PACKETSTORM", "id": "83975" }, { "db": "PACKETSTORM", "id": "82086" }, { "db": "PACKETSTORM", "id": "82088" }, { "db": "PACKETSTORM", "id": "83707" }, { "db": "PACKETSTORM", "id": "82087" }, { "db": "PACKETSTORM", "id": "83554" }, { "db": "CNNVD", "id": "CNNVD-200906-119" }, { "db": "NVD", "id": "CVE-2009-0791" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "VULHUB", "id": "VHN-38237" }, { "db": "VULMON", "id": "CVE-2009-0791" }, { "db": "BID", "id": "35195" }, { "db": "JVNDB", "id": "JVNDB-2009-001734" }, { "db": "PACKETSTORM", "id": "83975" }, { "db": "PACKETSTORM", "id": "82086" }, { "db": "PACKETSTORM", "id": "82088" }, { "db": "PACKETSTORM", "id": "83707" }, { "db": "PACKETSTORM", "id": "82087" }, { "db": "PACKETSTORM", "id": "83554" }, { "db": "CNNVD", "id": "CNNVD-200906-119" }, { "db": "NVD", "id": "CVE-2009-0791" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2009-06-09T00:00:00", "db": "VULHUB", "id": "VHN-38237" }, { "date": "2009-06-09T00:00:00", "db": "VULMON", "id": "CVE-2009-0791" }, { "date": "2009-06-03T00:00:00", "db": "BID", "id": "35195" }, { "date": "2009-07-09T00:00:00", "db": "JVNDB", "id": "JVNDB-2009-001734" }, { "date": "2009-12-17T21:54:15", "db": "PACKETSTORM", "id": "83975" }, { "date": "2009-10-21T02:32:05", "db": "PACKETSTORM", "id": "82086" }, { "date": "2009-10-21T03:01:09", "db": "PACKETSTORM", "id": "82088" }, { "date": "2009-12-11T00:57:14", "db": "PACKETSTORM", "id": "83707" }, { "date": "2009-10-21T02:57:54", "db": "PACKETSTORM", "id": "82087" }, { "date": "2009-12-08T01:31:40", "db": "PACKETSTORM", "id": "83554" }, { "date": "2009-06-09T00:00:00", "db": "CNNVD", "id": "CNNVD-200906-119" }, { "date": "2009-06-09T17:30:00.267000", "db": "NVD", "id": "CVE-2009-0791" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2023-02-13T00:00:00", "db": "VULHUB", "id": "VHN-38237" }, { "date": "2023-02-13T00:00:00", "db": "VULMON", "id": "CVE-2009-0791" }, { "date": "2015-03-19T09:37:00", "db": "BID", "id": "35195" }, { "date": "2010-05-26T00:00:00", "db": "JVNDB", "id": "JVNDB-2009-001734" }, { "date": "2023-04-28T00:00:00", "db": "CNNVD", "id": "CNNVD-200906-119" }, { "date": "2024-11-21T01:00:55.577000", "db": "NVD", "id": "CVE-2009-0791" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-200906-119" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "CUPS of pdftops Integer overflow vulnerability in filters", "sources": [ { "db": "JVNDB", "id": "JVNDB-2009-001734" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "digital error", "sources": [ { "db": "CNNVD", "id": "CNNVD-200906-119" } ], "trust": 0.6 } }
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.